Active/Active PF
Nicolas Greneche
nicolas.greneche at univ-paris13.fr
Wed Jan 28 15:11:10 UTC 2015
Hi all,
I browse list archives to get information about active/active PF. I
tried several keywords : active/active, load balancing ...
I have this setup :
|-----| |-----|
| |----- FW1 ------| |
| SW1 | | SW2 |
| |----- FW2 ------| |
|-----| |-----|
There is an etherchannel between SW1 and SW2.
FW1 is bridged on the first physical link of the etherchannel. FW2 is on
the second link.
With stateless rules, everything is OK. With stateful filtering it seems
that pfsync is not fast enough to sync state table.
I tried to set maxupd to 1 to avoid pfsync update bufferization. I also
enabled the defer mode on.
Do you have any idea ?
--
Nicolas Grenèche
Old blog : http://blog.etcshadow.fr
New blog : http://nsm.etcshadow.fr
Tel : 01 49 40 40 35
Fax : 01 48 22 81 50
More information about the freebsd-pf
mailing list