On 2008/07/14 10:14, Ryan McBride wrote: > > I see this in the 4.2->4.3 changelogs: > > Changed rc(8) and netstart(8) so pfsync(4) is not brought up before the > > working ruleset has been loaded > > I don't believe this is critical, but it means that if your rulesets are > identical across firewalls the synchronized states are more likely to > get associated with the correct rule.
Without this, queue assignment can never survive failover. If people are using altq on pfsync'd firewalls and missed merging changes in /etc when they upgraded, they might want to do so...
