14 Nov 2019, 11:21 by liste...@wernig.net:
> On 14.11.2019 11:30, Rachel Roch wrote:
>
>>>> Does this mean Bad Things (TM) will happen if I try to use a dedicated
>>>> vlan interface for pfsync ?
>>>>
> I have had pfsync running happily over a vlan interface for years, never
> a problem.
>
>> Regarding the extra port, in my case I'm using that for LACP (my switches
>> support distributed LACP, so i can have two cables going into two switches)
>>
> Having the sync port physically redundant and connected to a switch is a
> very good idea, because a crossover cable will cause a carp demote
> whenever the other firewall goes down or is rebooted, afair.
>
> best /m
>
Regarding your last point, if your recollection is correct, then surely it is
something the powers that be should consider adding to the FAQ and man pages
forthwith ? It seems to me like a rather important thing to know. ;-)
Thanks for your input, much appreciated.
