change Readme

README.md

@@ -14,7 +14,7 @@ Two firewalls are deployed with identical network interfaces. A virtual IP (VIP)
 
 ### 🧷 Port Security & VIPs
 - `port_security` **must be enabled** on interfaces where the **VIP** is active.
-- **Do not attach** the VIP IP to any server or instance!
+- **Do not attach** the VIP interface to any server or instance!
 - VIP must be added as an `allowed_address_pair` on **both firewalls'** relevant interfaces.
 
 ---
@@ -27,18 +27,6 @@ Two firewalls are deployed with identical network interfaces. A virtual IP (VIP)
 
 ---
 
-## 🔐 Configuration Rules
-
-| Rule                                              | Explanation |
-|---------------------------------------------------|-------------|
-| **Do NOT attach VIP IP to any VM**                | The VIP is managed by the HA sync between the firewalls. |
-| **VIP must be set with `/32`**                    | CIDR ranges are not supported for allowed addresses. |
-| **VIP must be defined as `allowed_address_pair`** | On both firewalls where it can be active. |
-| **Port security must be enabled**                 | On interfaces holding the VIP. |
-| **Security groups must allow traffic for VIP**    | If port security is enabled, define rules accordingly. |
-
----
-
 ## 🚧 Limitations & Notes
 
 - **VIP must not be attached to any instance**  
@@ -62,4 +50,6 @@ Two firewalls are deployed with identical network interfaces. A virtual IP (VIP)
 - **HA Sync and Preemption is not handled by Terraform**  
   The logic for state sync, failover, and preemption priorities must be configured manually in the firewall GUI or CLI. This project only provisions the infrastructure.
 
+- **floating IP switch only possible with GARP**
+  Important: The Floating IP will only work correctly after the move if a Gratuitous ARP (GARP) is sent out — this ensures that the IP-to-MAC binding is updated on neighboring network devices.