View Single Post
  #4   (View Single Post)  
Old 11th November 2009
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,977
Default

A -state- is a communication between two IP addresses and, for TCP/UDP, the ports associated with both ends. If a different IP address is used, it is a different state. If a different port is used, it is a different state.

TCP is stateful, the state is established with a 3-way hand shake and remains until termination.

UDP is stateless, the state is established by traffic, and maintained by PF according to a timeout setting.

Other IP protocols (see /etc/protocols) are either stateful or stateless, and are managed by PF in similar fashion.
Quote:
While we are still receiving data from this server lets say a user sends this server a message does this create another state with that server or does it use the existing one?
If the message comes from a different IP address, or the same IP address but a different port number, it is a -new- state, and it is tracked separately.

As I've said before, set all queues to shape -outbound- traffic. Not outword from your network, but rather, from the router's -- and PF's -- perspective. Note my queues: "std-in" and "torrent-in" are -outbound- queues that happen to be on the -internal- NIC.

-----

To shape traffic, you must understand that traffic. For SMTP, as an example, the -destination- port is 25. The initiating port number from a remote server (or mail client) is random.
Reply With Quote