Yes, make the changes to the master and it will sync over. This is not pfSync related, this is XML RPC Sync related. PFSYNC syncs states automatically between hoss.
On 7/5/06, Alastair Stevens <[EMAIL PROTECTED]> wrote:
Hi We have a pair of pfSense boxes under test, and most things seem to be working very well. CARP/failover is looking good, and I'm highly impressed with the product (which is new to me) so far! Just a question about "pfsync" though - as I can't seem to find any detailed docs or tutorials. We have dedicated "LAN5" interfaces on both boxes, for the pfsync traffic, as recommended. Firewall-A (on 192.168.5.10) is set to sync to Firewall-B (on 192.168.5.20) and this works in terms of rules etc. But how should Firewall-B be configured? Ie, should that be configured to sync to Firewall-A explicitly, or is this nonsensical? What I'm getting it at is this - is the "pfsync" concept fully bi-directional? So that each firewall can update the other with rule changes etc? Or are changes only supposed to be made on the 'master' and replicated to the 'backup'? Thus, on Firewall-B, should the "sync to" box just be left empty? I hope the question makes sense, as I'm a little confused at the moment.... Regards Alastair SysAdmins Ltd
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
