HA and stateless connections...

Reply
L4 Transporter

HA and stateless connections...

Ok, I have what may be a newbie type question, but it is one that I wanted to ask.

In the PA 201 class, they teach for HA, that stateless connections are not synched.

What is considered a stateless connection?  I do not think it would be UDP traffic (although this comes to mind), but if I am running a audio or video call to the Internet, it is going to use H323 traffic, which is RTP traffic (UDP).

If the FW fails over, I would not expect my video or audio call to drop completely or need to reestablish it.

So perhaps someone can help me better understand what this means, so I can explain it to my team.

Thanks

L6 Presenter

Re: HA and stateless connections...

Generally speaking I think its UDP (but not all) based traffic and stuff that uses ICMP.

For example even if UDP strictly speaking is stateless the layer7 applications using UDP can still contain various states like when using VoIP, TFTP, DNS etc.

I mean a DNS reply shouldnt be the first packet between two hosts on specific ports, first there should have been a DNS request.

L4 Transporter

Re: HA and stateless connections...

Do we have any other information out there (maybe from tech support, engineering, etc) who can provide a more accurate answer. Much appreciated.

L4 Transporter

Re: HA and stateless connections...

Highlighted
L5 Sessionator

Re: HA and stateless connections...

Hi,

All the sessions in the session tables are synchronized with the exceptions of following:

In Active/Passive mode, ICMP sessions are not synchronized between peers.

In Active/Active mode, Multicast sessions are not synchronized between peers.

https://live.paloaltonetworks.com/docs/DOC-4375

Thank you

Numan

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!