SRX Services Gateway
Reply
Visitor
alex_c
Posts: 8
Registered: ‎11-21-2011
0
Accepted Solution

Difference between session and connection

Is anyone aware of any good theoretical definition for 'session' and 'connection' ?

I would like to know exactly the difference between one and another, because I see many people confusing these 2 terms or even saying the same thing.

Trusted Contributor
Tim_Eberhard
Posts: 39
Registered: ‎05-12-2011
0

Re: Difference between session and connection


alex_c wrote:

Is anyone aware of any good theoretical definition for 'session' and 'connection' ?

I would like to know exactly the difference between one and another, because I see many people confusing these 2 terms or even saying the same thing.


In the cisco world, a session and a connection are the same thing.

 

In juniper however a session is a bidirectional flow. Two way traffic of a "data flow".

 

A connection is a single part of that flow typically. I.e. Server A has a connection to Server B. This is one wing of the session.

 

At least this is how I've heard and used it. For the most part 90% of people use the term connection and session to basically mean a two way data flow. 

 

Hope this helps,

-Tim Eberhard

-Tim Eberhard
JNCIE-SEC #50
Co-Author of Junos Security
Author of Netscreen Session Analyzer and the SRX Session Analyzer
Visitor
alex_c
Posts: 8
Registered: ‎11-21-2011
0

Re: Difference between session and connection

I also posted this question on cisco forum, and got reply stating that they are not the same thing.

 

However, you statea that a session is defined by a bi-directional traffic between 2 hosts, and inside a session we can have many connections(one way traffic between hosts).

 

And in the connection table of SRX, when we see the output of 'show security flow session' we see the established sessions or the connections ?

Trusted Contributor
Tim_Eberhard
Posts: 39
Registered: ‎05-12-2011
0

Re: Difference between session and connection


alex_c wrote:

I also posted this question on cisco forum, and got reply stating that they are not the same thing.

 


I find that interesting, considering they call that a connection table..

 


alex_c wrote:

 

However, you statea that a session is defined by a bi-directional traffic between 2 hosts, and inside a session we can have many connections(one way traffic between hosts).

 

And in the connection table of SRX, when we see the output of 'show security flow session' we see the established sessions or the connections ?


There are two connections to each session. Each connection is considered a wing (two wings to fly).

 

When you look at the output of show security flow session, you see the session the SRX has created. Now the SRX creates a bi-directional session for each connection attempt (assuming it's permitted by policy, has a route, permited by screens, etc). 

 

So if server A initiates a connection to server B. Assuming the firewall allows it the SRX will populate the session table with two entries.

A IP address/port -> B IP address port

B IP address/port -> A IP address/port

 

This is why you see two entries in the session table. 

 

-Tim Eberhard
JNCIE-SEC #50
Co-Author of Junos Security
Author of Netscreen Session Analyzer and the SRX Session Analyzer
Visitor
alex_c
Posts: 8
Registered: ‎11-21-2011
0

Re: Difference between session and connection

Got it, thank you !

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.