On 02/06/2007 03:16:28 PM, Daniel Hartmeier wrote:
The state entry doesn't get associated with a corresponding rule on
the
backup (because the rulesets are not identical), but with the default
rule instead. This means that aspects of the state entry might stop
working on failover (like route-/reply-to or such), effectively
breaking
the connection.
Just what will be lost if failover happens when the
pf rules are not in sync? I put a rule on the master
and make sure it's working, the backup gets updated
later. What would happen if failover occurred while
the pf.conf files were not in sync? Would all the
rules after the difference fail, or just the
new/changed rule, or what?
Karl <[EMAIL PROTECTED]>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein
