Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 

R80.x Performance Tuning Tip - Connection Table

What is a connection kernel table

One of the most important tables in the Check Point firewall is the "connection kernel table". Connections kernel table contains the specific information about the current connections (source, destination, protocol, timeout, etc etc etc). The direction of the connection is set by the first packet of the connection even though the connection may be bi-directional in reality.

In principle, the following keys are used:

  •       Direction of the connection (0 = inbound, 1 = outbound)
  •       Connection key
  •       Connection type
  •       Connection flags
  •       Rule number in SmartDashboard, to which the connection was matched
  •       An index of an INSPECT handler function that is executed on every packet that belong to the connection
  •       Unique 128-bit connection identifier.
  •       Anti-Spoofing cache
  •       Set of per-connection bits
  •       Connection modules' kernel buffers
  •       Time to Live / Timeout

The information in the connections table is stored in the following form:

<direction,5-tuple-key;r_ctype,r_cflags,rule,service_id,handler,uuid1,uuid2,uuid3

...
TO READ THE FULL POST it's simple and free

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events