O'Reilly logo

Junos® OS For Dummies®, 2nd Edition by Michael Bushong, Cathy Gadecki, Walter Goralski

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Understanding Flow Processing

In TCP/IP, a flow is defined as a set of packets that shares the same values in a number of header fields. The fields required to establish a flow can vary, but usually at least source and destination addresses and ports, along with the protocol and a few other fields, are more than enough. TCP sessions are good candidates for packet flows, and often are the only flows defined on a device. The SRX enforces security policy by processing the flow of packets through the device. Therefore, flow processing is an important concept in SRX configuration and management.

Let's look at how flow processing works in the SRX.

The SRX actually does many complex things before it looks at the established security policies (rules), and a lot depends on whether the SRX has already seen the flow (session). If so, a great deal of information about the flow already exists and is installed on the SRX. When there is no match for the session, the SRX subjects the packet to first path processing. If the packet header fields match an installed session, the SRX subjects the packet to fast path processing (about half the steps of first path processing).

imagesThe use of the term fast path is unfortunate, but at least the first path is no longer called the slow path. These were very relative terms and the term “slow path” did not imply that the SRX would grind to a halt if a lot of new ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required