On 2010-12-19, Alessandro Baggi <alessandro.ba...@gmail.com> wrote: > Hi list. I've a little question about pfsync. Supposing to have two > firewall, with 3 nic, one for lan, one for wan and one for DMZ, and > supposing a similar scenario: > > firewall 1 firewall 2 > > WAN: re0 WAN: xl0 > LAN: rl0 LAN: rl0 > DMZ: rl1 DMZ: rl1 > > when pfsync send the interface state updates on backup firewall, pfsync > update the table of states for the name of interfaces of first firewall? > (in my scenario, the syncronization won't works for re0 and xl0, right? > Then, firewall 2 box must have nic card name equal to nic card name of > first firewall or they can to be different? if this is the issue, and > having those scenario, there is a method to make a valid update for re0 > and xl0? > > thanks in advance. > >
states don't normally depend on the interface (and if you *do* make them dependent on that with if-bound states, i'm not sure if pfsync handles that...) are you having problems or is this theoretical? if you're having problems then send a dmesg and full details. if it's theoretical, why don't you just try it for yourself? this stuff is easy to check and first-hand experience beats a post from some random dude on a mailing list.
