A stateless protocol is a communication protocol in which the receiver must not retain session state from previous requests. The sender transfers relevant session state to the receiver in such a way that every request can be understood in isolation, that is without reference to session state from previous requests retained by the receiver.
In contrast, a stateful protocol is a communication protocol in which the receiver may retain session state from previous requests.
In computer networks, examples of stateless protocols include the Internet Protocol (IP), which is the foundation for the Internet, and the Hypertext Transfer Protocol (HTTP), which is the foundation of the World Wide Web. Examples of stateful protocols include the Transmission Control Protocol (TCP) and the File Transfer Protocol (FTP).
Stateless protocols improve the properties of visibility, reliability, and scalability. Visibility is improved because a monitoring system does not have to look beyond a single request in order to determine its full nature. Reliability is improved because it eases the task of recovering from partial failures. Scalability is improved because not having to store session state between requests allows the server to quickly free resources and further simplifies implementation.
The disadvantage of stateless protocols is that they may decrease network performance by increasing the repetitive data sent in a series of requests, since that data cannot be left on the server and reused.
Contrast this with a traditional FTP server that conducts an interactive session with the user. During the session, a user is provided a means to be authenticated and set various variables (working directory, transfer mode), all stored on the server as part of the session state.
Stacking of stateless and stateful protocol layers
There can be complex interactions between stateful and stateless protocols among different protocol layers. For example, HTTP, a stateless protocol, is layered on top of TCP, a stateful protocol, which is layered on top of IP, another stateless protocol, which is routed on a network that employs BGP, another stateful protocol, to direct the IP packets riding on the network.
This stacking of layers continues even above HTTP. As a workaround for the lack of a retained session state, HTTP servers implement various session management methods, typically utilizing a session identifier in an HTTP cookie referencing a session state stored on the server, effectively creating a stateful protocol on top of HTTP. HTTP cookies violate the REST architectural style because even without referencing a session state stored on the server, they are independent[clarification needed] of session state (they affect previous pages of the same website in the browser history) and they have no defined semantics.
- Fielding, Roy (2000). "3.4.3 Client-Stateless-Server (CSS)". Architectural Styles and the Design of Network-Based Software Architectures (Doctoral dissertation). University of California, Irvine. OCLC 45706361. Retrieved 2021-05-18.
- Fielding, R.; Reschke, J. (2014). Fielding, R.; Reschke, J. (eds.). "RFC 7230 - Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing". ietf.org. doi:10.17487/RFC7230. Retrieved 20 August 2015.
- "session management methods reviewed". C cookie bits. Toronto. Archived from the original on 2019-02-13. Retrieved 2011-04-12.
The following material is intended to introduce the reader to the various techniques that developers have used to implement session tracking on the Web. The main operational characteristics of each method are mentioned in addition to the shortcomings that have been observed in usage. Additional information on session management can be found by searching the Internet. […]
- Dwyer, Gareth (18 November 2020). "Stateful vs Stateless Architecture". Virtasant.
- Fielding, Roy (2000). "18.104.22.168 Cookies". Architectural Styles and the Design of Network-Based Software Architectures (Doctoral dissertation). University of California, Irvine. OCLC 45706361. Retrieved 2021-05-24.