Understanding Sessions for IPv6 Flows
This topic gives an overview of flow-based sessions.
Most packet processing occurs in the context of a flow, including management of policies, zones, and most screens. A session is created for the first packet of a flow for the following purposes:
To store most of the security measures to be applied to the packets of the flow.
To cache information about the state of the flow. For example, logging and counting information for a flow is cached in its session. (Also, some stateful firewall screens rely on threshold values that pertain to individual sessions or across all sessions.)
To allocate resources required for features for the flow.
To provide a framework for features such as Application Layer Gateways (ALGs).