On my SRX 1400 I see maximum sessions here:
show security flow session summary
This is what shows up now:
Unicast-sessions: 46795
Multicast-sessions: 0
Services-offload-sessions: 0
Failed-sessions: 931259
Sessions-in-use: 51465
Valid sessions: 46337
Pending sessions: 0
Invalidated sessions: 128
Sessions in other states: 0
Maximum-sessions: 1048576
My SRX can handle this number of sessions fine but the rest of my network can NOT.
How can I decrease the Maximum-sessions value?
Best Answer
You cannot decrease the maximum sessions value directly, but you can use Screen options to limit the maximum number of concurrent sessions per source- or destination IP. In your case I would expect a destination-based limit (see Juniper documentation).
For example:
However, it sounds really weird that your network is constrained by the number of sessions it can handle. This is usually only relevant for stateful devices like firewalls and load balancers, that are perfectly capable to drop exceeding traffic on their own. If it is bandwidth that's the problem, then there are probably better knobs to turn than session limits.