|
|
|
|
|
|
by darkhelmet
1072 days ago
|
|
|
"carp" should also be included in discoveries alongside pfsync. carp functions like cisco/juniper/etc VRRP to enable real-time failover. With pfsync being a stateful firewall a lot of care needs to happen with failovers. carp + pfsync allow you to run multiple hot pfsync firewalls that have synchronized state and have near-instant failover without state-related hiccups. We use pf+pfsync+carp extensively over in FreeBSD.org as well. It's good stuff! |
|
|