Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Benefits and risks with Random ID Generation?

    Scheduled Pinned Locked Moved General pfSense Questions
    3 Posts 3 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      esnakk
      last edited by

      Hi all

      I would like to discuss the pros and cons of this feature, what does it really do and why is it good and when is it a possible problem to use this function.

      https://docs.netgate.com/pfsense/en/latest/config/advanced-firewall-nat.html?highlight=random%20id#ip-random-id-generation

      –
      Cheers,
      E

      M 1 Reply Last reply Reply Quote 0
      • M
        mer @esnakk
        last edited by

        @esnakk said in Benefits and risks with Random ID Generation?:

        https://docs.netgate.com/pfsense/en/latest/config/advanced-firewall-nat.html?highlight=random%20id#ip-random-id-generation

        If I'm understanding the link correctly, it's a fairly standard thing. Basically in the IP header there are some values (sequence numbers plus others) that can be used to make a guess at the sending OS. That feature simply randomizes things.

        Think of it as the "random PID" option that FreeBSD and others have.

        1 Reply Last reply Reply Quote 0
        • stephenw10S
          stephenw10 Netgate Administrator
          last edited by

          Yeah it's this: https://www.freebsd.org/cgi/man.cgi?query=pf.conf#TRAFFIC%09NORMALIZATION
          Though there no more info there.

          I've never seen it cause a problem.

          Steve

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.