On Fri, Jun 18, 2010 at 4:08 PM, Code Ghar <[email protected]> wrote: > In the pfSense book, there's a section (6.6.9.3) titled "Maximum New > Connections / Per Second". It says that "Any IP address exceeding that > number of connections within the given time frame will be blocked for one > hour." When using VoIP, which uses UDP, if one IP sends calls to your VoIP > switch with pfSense in the middle, there's one state established. Within > that state if that same IP sends, say 5 messages in a second, are these > messages considered 5 connections in one state or 1 connection in one state?
With the typical SIP, one connection is one state, regardless of how many packets come over that state, it's one connection. If there are 50 SIP phones NATed to one public IP connecting to you, that's going to be 50 simultaneous SIP connections, plus RTP for calls. In cases like an Internet outage at that location, you'll see a bunch of connections opened quickly. That could more accurately read "Maximum new states / per second". As David noted, with a wide variety of things that "VoIP" can cover, it's hard to say. Generally you have up to two connections/states per SIP endpoint. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
