HA and stateless connections...

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

HA and stateless connections...

L4 Transporter

Ok, I have what may be a newbie type question, but it is one that I wanted to ask.

In the PA 201 class, they teach for HA, that stateless connections are not synched.

What is considered a stateless connection?  I do not think it would be UDP traffic (although this comes to mind), but if I am running a audio or video call to the Internet, it is going to use H323 traffic, which is RTP traffic (UDP).

If the FW fails over, I would not expect my video or audio call to drop completely or need to reestablish it.

So perhaps someone can help me better understand what this means, so I can explain it to my team.

Thanks

4 REPLIES 4

L6 Presenter

Generally speaking I think its UDP (but not all) based traffic and stuff that uses ICMP.

For example even if UDP strictly speaking is stateless the layer7 applications using UDP can still contain various states like when using VoIP, TFTP, DNS etc.

I mean a DNS reply shouldnt be the first packet between two hosts on specific ports, first there should have been a DNS request.

L4 Transporter

Do we have any other information out there (maybe from tech support, engineering, etc) who can provide a more accurate answer. Much appreciated.

L5 Sessionator

Hi,

All the sessions in the session tables are synchronized with the exceptions of following:

In Active/Passive mode, ICMP sessions are not synchronized between peers.

In Active/Active mode, Multicast sessions are not synchronized between peers.

https://live.paloaltonetworks.com/docs/DOC-4375

Thank you

Numan

  • 2389 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!