What happens if a packet is marked with connection-state=new?

When a packet is marked with connection-state=new, it indicates that this packet is the start of a new connection or session, particularly in the context of protocols like TCP. This marking is crucial for applications and devices that rely on stateful connection tracking, as it allows them to differentiate between packets part of ongoing sessions and those initiating new ones.

In most network devices, when a packet is identified as belonging to a new connection, it triggers the necessary processes to establish and maintain that connection. This is especially important for protocols that require a handshake process, like TCP, where the establishment of a connection is a multi-step process involving SYN packets.

Furthermore, marking packets as new also facilitates the application of specific firewall rules and policies that can be based on connection states. This leads to more efficient management of network traffic and enhanced security.

Understanding the significance of the connection-state marking can help in configuring firewall rules correctly and predicting how the network will behave in response to different types of traffic, especially in stateful firewalls governed by connection tracking mechanisms.