describe pfsync(4)'s use of carpdemote, ok/tweak kn deraadt

author sthen <sthen@openbsd.org>

Mon, 1 Feb 2021 16:39:19 +0000 (16:39 +0000)

committer sthen <sthen@openbsd.org>

Mon, 1 Feb 2021 16:39:19 +0000 (16:39 +0000)
author sthen <sthen@openbsd.org>
Mon, 1 Feb 2021 16:39:19 +0000 (16:39 +0000)
committer sthen <sthen@openbsd.org>
Mon, 1 Feb 2021 16:39:19 +0000 (16:39 +0000)
diff --git a/share/man/man4/pfsync.4 b/share/man/man4/pfsync.4

index 109c30d..03a9c00 100644 (file)
--- a/share/man/man4/pfsync.4
+++ b/share/man/man4/pfsync.4
@@ -1,4 +1,4 @@
-.\"    $OpenBSD: pfsync.4,v 1.36 2016/08/30 13:56:14 jmc Exp $
+.\"    $OpenBSD: pfsync.4,v 1.37 2021/02/01 16:39:19 sthen Exp $
  .\"
  .\" Copyright (c) 2002 Michael Shalayeff
  .\" Copyright (c) 2003-2004 Ryan McBride
@@ -24,7 +24,7 @@
  .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  .\"
-.Dd $Mdocdate: August 30 2016 $
+.Dd $Mdocdate: February 1 2021 $
  .Dt PFSYNC 4
  .Os
  .Sh NAME
@@ -130,6 +130,14 @@ Only run the pfsync protocol on a trusted network \- ideally a network
  dedicated to pfsync messages such as a crossover cable between two firewalls.
  .\" or specify a peer address and protect the traffic with
  .\" .Xr ipsec 4 .
+.Pp
+.Nm
+will increase the
+.Xr carp 4
+demotion counter for any interface groups associated with the interface
+by 32 during initialisation, and by 1 if the
+.Nm
+link is down or if a bulk update fails.
  .Sh EXAMPLES
  .Nm
  and
author	sthen <sthen@openbsd.org>
	Mon, 1 Feb 2021 16:39:19 +0000 (16:39 +0000)
committer	sthen <sthen@openbsd.org>
	Mon, 1 Feb 2021 16:39:19 +0000 (16:39 +0000)