So here is a related question - I want to implement something like what some of you folks seem to have in place with dynamically updated blacklists and reloading pf on the fly.
With a redundant pair of firewalls should I be doing this on the MASTER only? I'm just wondering about reloading pf on the BACKUP and because state tables are synced is there going to be any kind of negative effect on MASTER in terms of performance or even the fact that MASTER will be doing the reload at the same time. It is relatively easy to detect whether or not I am MASTER and then only do that if so. Should I be doing that or will it matter?
