Index: sys/net/pfvar.h
===================================================================
--- sys/net/pfvar.h
+++ sys/net/pfvar.h
@@ -1495,7 +1495,7 @@
 VNET_DECLARE(struct pf_rulequeue, pf_unlinked_rules);
 #define	V_pf_unlinked_rules	VNET(pf_unlinked_rules)
 
-void				 pf_initialize(void);
+void				 pf_vnet_initialize(void);
 void				 pf_mtag_initialize(void);
 void				 pf_mtag_cleanup(void);
 void				 pf_cleanup(void);
@@ -1592,7 +1592,7 @@
 	    struct pf_addr *, sa_family_t);
 int	pf_match_port(u_int8_t, u_int16_t, u_int16_t, u_int16_t);
 
-void	pf_normalize_init(void);
+void	pf_vnet_normalize_init(void);
 void	pf_normalize_cleanup(void);
 int	pf_normalize_tcp(int, struct pfi_kif *, struct mbuf *, int, int, void *,
 	    struct pf_pdesc *);
@@ -1650,7 +1650,7 @@
 VNET_DECLARE(struct pfi_kif *,		 pfi_all);
 #define	V_pfi_all	 		 VNET(pfi_all)
 
-void		 pfi_initialize(void);
+void		 pfi_vnet_initialize(void);
 void		 pfi_cleanup(void);
 void		 pfi_kif_ref(struct pfi_kif *);
 void		 pfi_kif_unref(struct pfi_kif *);
Index: sys/netpfil/pf/pf.c
===================================================================
--- sys/netpfil/pf/pf.c
+++ sys/netpfil/pf/pf.c
@@ -151,6 +151,7 @@
 #define	V_pf_sendqueue	VNET(pf_sendqueue)
 
 static struct mtx pf_sendqueue_mtx;
+MTX_SYSINIT(pf_sendqueue_mtx, &pf_sendqueue_mtx, "pf send queue", MTX_DEF);
 #define	PF_SENDQ_LOCK()		mtx_lock(&pf_sendqueue_mtx)
 #define	PF_SENDQ_UNLOCK()	mtx_unlock(&pf_sendqueue_mtx)
 
@@ -172,11 +173,16 @@
 #define	V_pf_overloadtask	VNET(pf_overloadtask)
 
 static struct mtx pf_overloadqueue_mtx;
+MTX_SYSINIT(pf_overloadqueue_mtx, &pf_overloadqueue_mtx,
+    "pf overload/flush queue", MTX_DEF);
+
 #define	PF_OVERLOADQ_LOCK()	mtx_lock(&pf_overloadqueue_mtx)
 #define	PF_OVERLOADQ_UNLOCK()	mtx_unlock(&pf_overloadqueue_mtx)
 
 VNET_DEFINE(struct pf_rulequeue, pf_unlinked_rules);
 struct mtx pf_unlnkdrules_mtx;
+MTX_SYSINIT(pf_unlnkdrules_mtx, &pf_unlnkdrules_mtx, "pf unlinked rules",
+    MTX_DEF);
 
 static VNET_DEFINE(uma_zone_t,	pf_sources_z);
 #define	V_pf_sources_z	VNET(pf_sources_z)
@@ -767,7 +773,7 @@
 
 /* Per-vnet data storage structures initialization. */
 void
-pf_initialize()
+pf_vnet_initialize()
 {
 	struct pf_keyhash	*kh;
 	struct pf_idhash	*ih;
@@ -827,13 +833,9 @@
 	STAILQ_INIT(&V_pf_sendqueue);
 	SLIST_INIT(&V_pf_overloadqueue);
 	TASK_INIT(&V_pf_overloadtask, 0, pf_overload_task, curvnet);
-	mtx_init(&pf_sendqueue_mtx, "pf send queue", NULL, MTX_DEF);
-	mtx_init(&pf_overloadqueue_mtx, "pf overload/flush queue", NULL,
-	    MTX_DEF);
 
 	/* Unlinked, but may be referenced rules. */
 	TAILQ_INIT(&V_pf_unlinked_rules);
-	mtx_init(&pf_unlnkdrules_mtx, "pf unlinked rules", NULL, MTX_DEF);
 }
 
 void
@@ -876,10 +878,6 @@
 		free(pfse, M_PFTEMP);
 	}
 
-	mtx_destroy(&pf_sendqueue_mtx);
-	mtx_destroy(&pf_overloadqueue_mtx);
-	mtx_destroy(&pf_unlnkdrules_mtx);
-
 	uma_zdestroy(V_pf_sources_z);
 	uma_zdestroy(V_pf_state_z);
 	uma_zdestroy(V_pf_state_key_z);
Index: sys/netpfil/pf/pf_if.c
===================================================================
--- sys/netpfil/pf/pf_if.c
+++ sys/netpfil/pf/pf_if.c
@@ -103,9 +103,11 @@
 static VNET_DEFINE(struct pfi_list, pfi_unlinked_kifs);
 #define	V_pfi_unlinked_kifs	VNET(pfi_unlinked_kifs)
 static struct mtx pfi_unlnkdkifs_mtx;
+MTX_SYSINIT(pfi_unlnkdkifs_mtx, &pfi_unlnkdkifs_mtx, "pf unlinked interfaces",
+    MTX_DEF);
 
 void
-pfi_initialize(void)
+pfi_vnet_initialize(void)
 {
 	struct ifg_group *ifg;
 	struct ifnet *ifp;
@@ -115,8 +117,6 @@
 	V_pfi_buffer = malloc(V_pfi_buffer_max * sizeof(*V_pfi_buffer),
 	    PFI_MTYPE, M_WAITOK);
 
-	mtx_init(&pfi_unlnkdkifs_mtx, "pf unlinked interfaces", NULL, MTX_DEF);
-
 	kif = malloc(sizeof(*kif), PFI_MTYPE, M_WAITOK);
 	PF_RULES_WLOCK();
 	V_pfi_all = pfi_kif_attach(kif, IFG_ALL);
@@ -166,8 +166,6 @@
 		free(p, PFI_MTYPE);
 	}
 
-	mtx_destroy(&pfi_unlnkdkifs_mtx);
-
 	free(V_pfi_buffer, PFI_MTYPE);
 }
 
Index: sys/netpfil/pf/pf_ioctl.c
===================================================================
--- sys/netpfil/pf/pf_ioctl.c
+++ sys/netpfil/pf/pf_ioctl.c
@@ -87,7 +87,8 @@
 #include <altq/altq.h>
 #endif
 
-static int		 pfattach(void);
+static int		 pf_vnet_init(void);
+static int		 pf_vnet_uninit(void);
 static struct pf_pool	*pf_get_pool(char *, u_int32_t, u_int8_t, u_int32_t,
 			    u_int8_t, u_int8_t, u_int8_t);
 
@@ -205,17 +206,15 @@
 pflog_packet_t			*pflog_packet_ptr = NULL;
 
 static int
-pfattach(void)
+pf_vnet_init(void)
 {
 	u_int32_t *my_timeout = V_pf_default_rule.timeout;
 	int error;
 
-	if (IS_DEFAULT_VNET(curvnet))
-		pf_mtag_initialize();
-	pf_initialize();
+	pf_vnet_initialize();
 	pfr_initialize();
-	pfi_initialize();
-	pf_normalize_init();
+	pfi_vnet_initialize();
+	pf_vnet_normalize_init();
 
 	V_pf_limits[PF_LIMIT_STATES].limit = PFSTATE_HIWAT;
 	V_pf_limits[PF_LIMIT_SRC_NODES].limit = PFSNODE_HIWAT;
@@ -287,7 +286,55 @@
 
 	return (0);
 }
+VNET_SYSINIT(pf_vnet_init, SI_SUB_PROTO_IFATTACHDOMAIN, SI_ORDER_ANY - 255,
+    pf_vnet_init, NULL);
 
+static int
+pf_vnet_uninit(void)
+{
+	int error = 0;
+	int number_of_vnets = 0;
+	VNET_ITERATOR_DECL(vnet_iter);
+
+	V_pf_status.running = 0;
+	swi_remove(V_pf_swi_cookie);
+	error = dehook_pf();
+	if (error) {
+		/*
+		 * Should not happen!
+		 * XXX Due to error code ESRCH, kldunload will show
+		 * a message like 'No such process'.
+		 */
+		printf("%s : pfil unregisteration fail\n", __FUNCTION__);
+		return error;
+	}
+	PF_RULES_WLOCK();
+	shutdown_pf();
+	pf_normalize_cleanup();
+	pfi_cleanup();
+	pfr_cleanup();
+	pf_osfp_flush();
+	pf_cleanup();
+
+	/*
+	 * For the last VNET we perform the final cleanup
+	 */
+	VNET_FOREACH(vnet_iter)
+		number_of_vnets++;
+	if (number_of_vnets == 1)
+		pf_mtag_cleanup();
+	PF_RULES_WUNLOCK();
+	if (number_of_vnets == 1) {
+		destroy_dev(pf_dev);
+		rw_destroy(&pf_rules_lock);
+		sx_destroy(&pf_ioctl_lock);
+	}
+
+	return (error);
+}
+VNET_SYSUNINIT(pf_vnet_uninit, SI_SUB_PROTO_IFATTACHDOMAIN, SI_ORDER_ANY - 255,
+    pf_vnet_uninit, NULL);
+
 static struct pf_pool *
 pf_get_pool(char *anchor, u_int32_t ticket, u_int8_t rule_action,
     u_int32_t rule_number, u_int8_t r_last, u_int8_t active,
@@ -3715,27 +3762,11 @@
 static int
 pf_load(void)
 {
-	int error;
 
-	VNET_ITERATOR_DECL(vnet_iter);
-
-	VNET_LIST_RLOCK();
-	VNET_FOREACH(vnet_iter) {
-		CURVNET_SET(vnet_iter);
-		V_pf_pfil_hooked = 0;
-		V_pf_end_threads = 0;
-		TAILQ_INIT(&V_pf_tags);
-		TAILQ_INIT(&V_pf_qids);
-		CURVNET_RESTORE();
-	}
-	VNET_LIST_RUNLOCK();
-
 	rw_init(&pf_rules_lock, "pf rulesets");
 	sx_init(&pf_ioctl_lock, "pf ioctl");
-
 	pf_dev = make_dev(&pf_cdevsw, 0, 0, 0, 0600, PF_NAME);
-	if ((error = pfattach()) != 0)
-		return (error);
+	pf_mtag_initialize();
 
 	return (0);
 }
@@ -3743,40 +3774,16 @@
 static int
 pf_unload(void)
 {
-	int error = 0;
 
-	V_pf_status.running = 0;
-	swi_remove(V_pf_swi_cookie);
-	error = dehook_pf();
-	if (error) {
-		/*
-		 * Should not happen!
-		 * XXX Due to error code ESRCH, kldunload will show
-		 * a message like 'No such process'.
-		 */
-		printf("%s : pfil unregisteration fail\n", __FUNCTION__);
-		return error;
-	}
+	V_pf_end_threads = 1;
 	PF_RULES_WLOCK();
-	shutdown_pf();
-	V_pf_end_threads = 1;
 	while (V_pf_end_threads < 2) {
 		wakeup_one(pf_purge_thread);
 		rw_sleep(pf_purge_thread, &pf_rules_lock, 0, "pftmo", 0);
 	}
-	pf_normalize_cleanup();
-	pfi_cleanup();
-	pfr_cleanup();
-	pf_osfp_flush();
-	pf_cleanup();
-	if (IS_DEFAULT_VNET(curvnet))
-		pf_mtag_cleanup();
 	PF_RULES_WUNLOCK();
-	destroy_dev(pf_dev);
-	rw_destroy(&pf_rules_lock);
-	sx_destroy(&pf_ioctl_lock);
 
-	return (error);
+	return (0);
 }
 
 static int
Index: sys/netpfil/pf/pf_norm.c
===================================================================
--- sys/netpfil/pf/pf_norm.c
+++ sys/netpfil/pf/pf_norm.c
@@ -34,6 +34,7 @@
 #include "opt_pf.h"
 
 #include <sys/param.h>
+#include <sys/kernel.h>
 #include <sys/lock.h>
 #include <sys/mbuf.h>
 #include <sys/mutex.h>
@@ -107,6 +108,7 @@
 };
 
 static struct mtx pf_frag_mtx;
+MTX_SYSINIT(pf_frag_mtx, &pf_frag_mtx, "pf fragments", MTX_DEF);
 #define PF_FRAG_LOCK()		mtx_lock(&pf_frag_mtx)
 #define PF_FRAG_UNLOCK()	mtx_unlock(&pf_frag_mtx)
 #define PF_FRAG_ASSERT()	mtx_assert(&pf_frag_mtx, MA_OWNED)
@@ -180,7 +182,7 @@
 #endif	/* INET */
 
 void
-pf_normalize_init(void)
+pf_vnet_normalize_init(void)
 {
 
 	V_pf_frag_z = uma_zcreate("pf frags", sizeof(struct pf_fragment),
@@ -196,8 +198,6 @@
 	uma_zone_set_max(V_pf_frent_z, PFFRAG_FRENT_HIWAT);
 	uma_zone_set_warning(V_pf_frent_z, "PF frag entries limit reached");
 
-	mtx_init(&pf_frag_mtx, "pf fragments", NULL, MTX_DEF);
-
 	TAILQ_INIT(&V_pf_fragqueue);
 	TAILQ_INIT(&V_pf_cachequeue);
 }
@@ -209,8 +209,6 @@
 	uma_zdestroy(V_pf_state_scrub_z);
 	uma_zdestroy(V_pf_frent_z);
 	uma_zdestroy(V_pf_frag_z);
-
-	mtx_destroy(&pf_frag_mtx);
 }
 
 static int