Date: Wed, 28 Jan 2015 16:01:48 +0100 From: Nicolas Greneche <nicolas.greneche@univ-paris13.fr> To: freebsd-pf@freebsd.org Subject: Active/Active PF Message-ID: <54C8F9DC.5060803@univ-paris13.fr>
next in thread | raw e-mail | index | archive | help
Hi all, I browse list archives to get information about active/active PF. I tried several keywords : active/active, load balancing ... I have this setup : |-----| |-----| | |----- FW1 ------| | | SW1 | | SW2 | | |----- FW2 ------| | |-----| |-----| There is an etherchannel between SW1 and SW2. FW1 is bridged on the first physical link of the etherchannel. FW2 is on the second link. With stateless rules, everything is OK. With stateful filtering it seems that pfsync is not fast enough to sync state table. I tried to set maxupd to 1 to avoid pfsync update bufferization. I also enabled the defer mode on. Do you have any idea ? -- Nicolas Grenèche Old blog : http://blog.etcshadow.fr New blog : http://nsm.etcshadow.fr Tel : 01 49 40 40 35 Fax : 01 48 22 81 50
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?54C8F9DC.5060803>