Description
This article explains how dynamic tcp windows is configured.
On previous FortiOS versions, dynamic tcp windows was implemented which cannot be configured, it is allocated based on available system memory.
Now in version FortiOS 6.2, this can be configured and also noticed the throughput for explicit proxy traffic improved significantly.
Solution
In Version 6.2.x, the setting is, by default:
#config firewall profile-protocol-options
edit "test"
config http
set tcp-window-type system <default>
end
system Use system default TCP window size for this protocol (Default).
static Manually specify TCP window size.
dynamic Vary TCP window size based on available memory, within limits.
#config firewall profile-protocol-options
edit "test"
config http
set tcp-window-type system (system | static | dynamic)
set tcp-window-minimum 131072 (dynamic only)
set tcp-window-maximum 8388608 (dynamic only)
set tcp-window-size 262144 (static only)
end
next
end
