Suricata Flow vs Firewall Flow

Suricata: 6.0.20
OS: Linux

I am curious on differences between a data stream seen by both a firewall and suricata. Simple diagram:

Internal Net | ---- FW ---- | Internet
                    |
              mirror (tap)
                    |
                  -----
              VM (suricata)

How close would the bytes for the same stream be to each other if you logged both from the FW and Suricata? I haven’t got my lab fully up to test it so curious if anyone tested any differences.

I understand that different firewalls could cause the problem, where some kinds might be closer to other kinds. Maybe, even these will never be able to say X flow from Suricata is the same as Y flow from a Firewall due to the parsing/coding of how a firewall or suricata determines the flow start/end.