Date: Thu, 31 May 2012 18:37:25 +0200 From: Nikos Vassiliadis <nvass@gmx.com> To: Damien Fleuriot <ml@my.gd> Cc: freebsd-stable@freebsd.org, Jim Ohlstein <jim@ohlste.in> Subject: Re: Why Are You Using FreeBSD? Message-ID: <4FC79E45.4060505@gmx.com> In-Reply-To: <4FC79136.6000205@my.gd> References: <C480320C-0CD9-4B61-8AFB-37085C820AB7@FreeBSD.org> <4FC779C0.7020801@ohlste.in> <4FC77EAD.1090900@my.gd> <4FC78A94.8070008@ohlste.in> <4FC79136.6000205@my.gd>
next in thread | previous in thread | raw e-mail | index | archive | help
On 5/31/2012 5:41 PM, Damien Fleuriot wrote: > Furthermore, when upgrading the CARP Master firewall, we need to plan > with the Project Manager a failover to the CARP Backup firewall. > Yes, I know about pfsync, yes, we use it, no, it doesn't *instantly* > sync sessions for PF. A bit offtopic on this thread, but isn't pfsync designed to do just that? instantly? With instantly I really mean: Communicate every change to the stable table to the other firewall in order to let the stateful connections survive a firewall failover. Obviously, some packets will be lost, but TCP connections should survive, right? I am not arguing, I ask. Nikos
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4FC79E45.4060505>