Pfsync Explained

pfsync is a computer protocol^{[1] [2]} used to synchronise firewall states between machines running Packet Filter (PF) for high availability. It is used along with CARP to make sure a backup firewall has the same information as the main firewall. When the main machine in the firewall cluster dies, the backup machine is able to accept current connections without loss.^{[3] [4]}

See also

• OpenBSD
• PF (firewall)
• CARP
• Linux-HA
• Linux Virtual Server

External links

• PF: Firewall Redundancy with CARP and pfsync (OpenBSD PF FAQ)
• pfsync(4) man-page in OpenBSD, FreeBSD and NetBSD
• sys/net/if_pfsync.h in OpenBSD
• sys/net/if_pfsync.c in OpenBSD

Notes and References

1. Web site: /etc/protocols . . BSD Cross Reference . "pfsync 240".
2. Web site: /sys/net/if_pfsync.h . . BSD Cross Reference.
3. Web site: OpenBSD PF Developer Interview. Federico Biancuzzi. . O'Reilly Media. 2004-04-15 . https://web.archive.org/web/20040508140530/http://www.onlamp.com/lpt/a/4767. 2019-03-20. 2004-05-08.
4. Web site: OpenBSD PF Developer Interview, Part 2. Federico Biancuzzi. . O'Reilly Media. 2004-05-06 . https://web.archive.org/web/20040619005622/http://www.onlamp.com/lpt/a/4839. 2019-03-20. 2004-06-19.