Infrastructure
External LAN
{cable modem} - Switch - [pair of PC Engines Alix platforms]
Dynamic addressing assignment from ISP,
carp(4) unavailable. Active/Standby firewall managed with
ifstated(8).
Internal LAN
[Alix boxen] - Switch - [local devices]
Managed by carp(4) and ifstated(8), in Active/Standby configuration (no load balancing).
Private LAN
[Alix box] - [Alix box]
Used by
pfsync(4) and
dhcpd(8) sync.
System Under Test ("SUT")
My son's Win7 workstation, which was conducting both multiplayer gaming and VoIP on Valve Corporation's
Steam network.
Test Methodology
On the primary, issue
# ifconfig carp1 down.
Results
The applications on the SUT continued without any errors, timeouts, notifications, delays, or hiccups. My son described it as "seamless".
Analysis
It's true, pfsync(4) just works. Stateful traffic state was maintained and continued on the Standby firewall/router.
Recommendations
No longer bother to ask my son if he's using the network before conducting firewall maintenance.