pfsync Initially Deletes States on Primary for Connections Established through Secondary
Steps to duplicate:
Create a typical HA pair.
Enter Persistent CARP Maintenance Mode on Primary to initiate a fail over.
Establish a new TCP session. Was tested here with a long scp transfer to an outside server from an inside host.
Observe states created on both nodes with traffic going through Secondary.
Leave Persistent CARP Maintenance Mode on Primary, initiating fail back.
Observe states deleted from Primary but still exist on Secondary. Traffic in TCP session stalls.
Enter Persistent CARP Maintenance Mode on Primary to initiate a fail over. Wait for TCP session to start passing traffic again.
Observe states recreated on Primary.
Fail back and fail over again at will. States will now persist until closed.
Condition does not exist if states are initially established while Primary is the CARP MASTER.
Tested with latest 2.4.2 snapshots.