I have a strange problem between two PF firewalls in a cluster, with pfsync enabled.
When I reboot one of the cluster members, the state tables do synchronize and populate with some of the same connection states, but not all of them. In particular, long-lived, extant connections seem to never show up in the rebooted member's state table. I figured that doing ifconfig down/up would send some sort of "full sync" message between the two members, to cause the entire state table to be sent in bulk. But, no such behavior seems to come about. It seems to me that only connection updates are being sent between the cluster members. There is no "full sync" done at startup. Do I misunderstand? Is there a misconfiguration that can lead to this strange behavior? -- David DeSimone == Network Admin == [EMAIL PROTECTED] "It took me fifteen years to discover that I had no talent for writing, but I couldn't give it up because by that time I was too famous. -- Robert Benchley _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
