Why Are You Using FreeBSD?
Nikos Vassiliadis
nvass at gmx.com
Thu May 31 16:37:41 UTC 2012
On 5/31/2012 5:41 PM, Damien Fleuriot wrote:
> Furthermore, when upgrading the CARP Master firewall, we need to plan
> with the Project Manager a failover to the CARP Backup firewall.
> Yes, I know about pfsync, yes, we use it, no, it doesn't *instantly*
> sync sessions for PF.
A bit offtopic on this thread, but isn't pfsync designed to do just
that? instantly?
With instantly I really mean:
Communicate every change to the stable table to the other firewall
in order to let the stateful connections survive a firewall failover.
Obviously, some packets will be lost, but TCP connections should
survive, right?
I am not arguing, I ask.
Nikos
More information about the freebsd-stable
mailing list