I just had an event that I'm having trouble identifying the root cause. I'm hoping that someone might have encountered this or might be able to point me toward some things to check.
Yesterday we had an event where our primary firewall would stop passing traffic. The only thing short of a reboot that would restore service was to run 'sh /etc/netstart pfsync0'. Resetting pfsync's physical interface or pulling that cable didn't produce results. Only resetting the pfsync0 virtual interface would restore service. I'm not even sure what information would be helpful to provide or what other questions to ask. I also found it odd that the two servers did not show the same number of state entries by a difference of anywhere from 100 to 1000s. Is this typical? Thanks, Bennett
