pfsync(4) maxupd ?
patrick lamaiziere
patfbsd at davenulle.org
Thu Nov 24 19:36:59 UTC 2016
Hello,
I'm asking about the goal of the parameter maxupd of pfsync, ie when we
should change it ?
At work we have a lot of states (~1 200 000) with many changes and it
looks like we lose some states deletion across pfysnc. Does an
augmentation of maxupd could help ?
the manual :
The pfsync interface will attempt to collapse multiple state updates
into a single packet where possible. The maximum number of times a
single state can be updated before a pfsync packet will be sent out is
con- trolled by the maxupd parameter to ifconfig (see ifconfig(8) and
the example below for more details). The sending out of a pfsync
packet will be delayed by a maximum of one second.
Thanks, regards.
More information about the freebsd-pf
mailing list