Document the 'defer' ifconfig flag. From me with a few tweaks by dlg@.

reads ok to jmc@.

1 files changed, 22 insertions, 4 deletions

diff --git a/share/man/man4/pfsync.4 b/share/man/man4/pfsync.4
index 332dec4dfe3..899bcfafe3d 100644
--- a/share/man/man4/pfsync.4
+++ b/share/man/man4/pfsync.4
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: pfsync.4,v 1.28 2009/02/17 10:05:18 dlg Exp $
+.\"	$OpenBSD: pfsync.4,v 1.29 2009/06/17 08:56:43 sthen Exp $
 .\"
 .\" Copyright (c) 2002 Michael Shalayeff
 .\" Copyright (c) 2003-2004 Ryan McBride
@@ -24,7 +24,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: February 17 2009 $
+.Dd $Mdocdate: June 17 2009 $
 .Dt PFSYNC 4
 .Os
 .Sh NAME
@@ -77,13 +77,31 @@ and the example below for more details).
 The sending out of a
 .Nm
 packet will be delayed by a maximum of one second.
+.Pp
+Where more than one firewall might actively handle packets, e.g. with certain
+.Xr ospfd 8 ,
+.Xr bgpd 8
+or
+.Xr carp 4
+configurations, it is benefical to defer transmission of the initial
+packet of a connection.
+The
+.Nm
+state insert message is sent immediately; the packet is queued until
+either this message is acknowledged by another system, or a timeout has
+expired.
+This behaviour is enabled with the
+.Ar defer
+parameter to
+.Xr ifconfig 8 .
 .Sh NETWORK SYNCHRONISATION
 States can be synchronised between two or more firewalls using this
 interface, by specifying a synchronisation interface using
 .Xr ifconfig 8 .
-For example, the following command sets fxp0 as the synchronisation
-interface:
+For example, the following command configures an address on fxp0 and
+sets it as the synchronisation interface:
 .Bd -literal -offset indent
+# ifconfig fxp0 inet 172.19.13.1/28
 # ifconfig pfsync0 syncdev fxp0
 .Ed
 .Pp