Variable | Description | Default |
tcp-timestamp {enable | disable} | Enable to both: • verify whether clients’ TCP timestamps are sequential • include TCP timestamps in packets from FortiWeb Disabling this option can be useful when multiple clients are in front of a source NAT gateway such as a FortiGate. If it applies source NAT but forwards packets to FortiWeb without modifying the TCP timestamp, packets received from that source IP will appear to FortiWeb to have an unstable timestamp. FortiWeb will therefore drop out-of-sequence packets. Disabling therefore prevents packets dropped due to this cause, and can improve performance in that case. Caution: Disabling this option affects FortiWeb’s dynamic calculation of TCP retransmission timeout (RTO) and therefore round trip time (RTT). If you disable the timestamp when it is not necessary, this can result in decreased application performance. | enable |
tcp-tw-recycle {enable | disable} | Enable to quickly recycle sockets that are ready to close (i.e. in the TIME_WAIT state per the TCP RFC). This option can be useful in networks with both sustained high load and bursts of new connection requests. If all sockets are busy, new connection requests may be refused. Enabling this option frees sockets more quickly. Caution: Enabling this option can cause issues with external load balancers and HA failover if they are not expecting the connection to close quickly. This can result in decreased application performance. Generally, it is safer to wait for sockets to safely close before they are reused. | disable |