Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Understanding Sessions for IPv6 Flows


This topic gives an overview of flow-based sessions.

Most packet processing occurs in the context of a flow, including management of policies, zones, and most screens. A session is created for the first packet of a flow for the following purposes:

  • To store most of the security measures to be applied to the packets of the flow.

  • To cache information about the state of the flow. For example, logging and counting information for a flow is cached in its session. (Also, some stateful firewall screens rely on threshold values that pertain to individual sessions or across all sessions.)

  • To allocate resources required for features for the flow.

  • To provide a framework for features such as Application Layer Gateways (ALGs).