The idle timeout for UDP flows in AWS Global Accelerator is significantly shorter than for TCP flows. Specifically, the idle timeout for UDP connections is 30 seconds, whereas for TCP connections it is much longer, at 340 seconds (about 5 minutes and 40 seconds)[4].
This difference stems from the nature of the protocols and how Global Accelerator manages connections:
- TCP flows: AWS Global Accelerator terminates TCP connections at the edge and establishes a new TCP connection to the backend endpoint. The idle timeout of 340 seconds applies to these connections, meaning if no data is sent or received within this period, Global Accelerator closes the connection. This timeout is fixed and not customizable. TCP keep-alive packets cannot be used to maintain the connection; instead, actual data packets must be sent within the timeout window to keep the connection alive[4].
- UDP flows: UDP is connectionless and does not have a formal connection establishment or teardown like TCP. For UDP, Global Accelerator uses a shorter idle timeout of 30 seconds. If no UDP packets are sent or received within this window, the flow is considered idle and is closed. This shorter timeout reflects the stateless nature of UDP and typical use cases where UDP flows are expected to be short-lived or frequently refreshed[4].
In summary, the key difference is that TCP flows have a much longer idle timeout (340 seconds) due to the connection-oriented nature of TCP and the overhead of connection management, while UDP flows have a much shorter idle timeout (30 seconds) consistent with UDP's connectionless design. This ensures efficient resource usage and timely cleanup of inactive flows in Global Accelerator.
No customization of these idle timeouts is currently supported by AWS Global Accelerator[4].
Citations:
[1] https://aws.amazon.com/global-accelerator/features/
[2] https://aws.amazon.com/global-accelerator/faqs/
[3] https://cloudonaut.io/review-aws-global-accelerator-latency-multi-region-disaster-recovery/
[4] https://docs.aws.amazon.com/pdfs/global-accelerator/latest/dg/global-accelerator-guide.pdf
[5] https://hands-on.cloud/aws-services/global-accelerator/
[6] https://learn.microsoft.com/en-us/answers/questions/1139028/how-big-is-azure-load-balancer-udp-idle-timeout
[7] https://repost.aws/questions/QUuNiUCKYUSkKScntMG8MMeA/timeout-aws-global-accelerator
[8] https://www.juniper.net/documentation/us/en/software/junos/flow-packet-processing/topics/topic-map/security-flow-based-session-for-srx-series-devices.html
[9] https://www.arubanetworks.com/techdocs/sdwan/docs/orch/monitoring/bandwidth/flows-active-recent/