>If you only have one gateway, then you have nothing to worry about for >this part.
They provide a gateway address for each subnet they allocate to me -- which probably is assigned to the same device for them, but I would need to establish these rules in my freebsd firewall , correct? >If you expect a lot of traffic, I recommend you do NOT use pfsync to >synchronize existing sessions on the backup firewall. Why not? Is this a generally accepted practice not to use pfsync because of this? How much traffic is too much? The firewalls should average about 5,000 - 10,000 states on any given day, afaik. Im more worried about failover than I am about states being kept, but it would be nice to utilize pfsync if it wouldn't be too risky. Thanks, Kevin _______________________________________________ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
