On 14.11.2019 11:30, Rachel Roch wrote: >>> Does this mean Bad Things (TM) will happen if I try to use a dedicated vlan >>> interface for pfsync ? I have had pfsync running happily over a vlan interface for years, never a problem.
> Regarding the extra port, in my case I'm using that for LACP (my switches > support distributed LACP, so i can have two cables going into two switches) Having the sync port physically redundant and connected to a switch is a very good idea, because a crossover cable will cause a carp demote whenever the other firewall goes down or is rebooted, afair. best /m
