diff --git a/sys/netpfil/ipfw/ip_fw_dynamic.c b/sys/netpfil/ipfw/ip_fw_dynamic.c
index af6cc08..3c8d843 100644
--- a/sys/netpfil/ipfw/ip_fw_dynamic.c
+++ b/sys/netpfil/ipfw/ip_fw_dynamic.c
@@ -42,6 +42,7 @@ __FBSDID("$FreeBSD$");
 
 #include <sys/param.h>
 #include <sys/systm.h>
+#include <sys/hash.h>
 #include <sys/malloc.h>
 #include <sys/mbuf.h>
 #include <sys/kernel.h>
@@ -127,10 +128,12 @@ static VNET_DEFINE(struct ipfw_dyn_bucket *, ipfw_dyn_v);
 static VNET_DEFINE(u_int32_t, dyn_buckets_max);
 static VNET_DEFINE(u_int32_t, curr_dyn_buckets);
 static VNET_DEFINE(struct callout, ipfw_timeout);
+static VNET_DEFINE(uint32_t, hashseed);
 #define	V_ipfw_dyn_v			VNET(ipfw_dyn_v)
 #define	V_dyn_buckets_max		VNET(dyn_buckets_max)
 #define	V_curr_dyn_buckets		VNET(curr_dyn_buckets)
 #define V_ipfw_timeout                  VNET(ipfw_timeout)
+#define V_hashseed			VNET(hashseed)
 
 static VNET_DEFINE(uma_zone_t, ipfw_dyn_rule_zone);
 #define	V_ipfw_dyn_rule_zone		VNET(ipfw_dyn_rule_zone)
@@ -253,10 +256,11 @@ static __inline int
 hash_packet6(struct ipfw_flow_id *id)
 {
 	u_int32_t i;
-	i = (id->dst_ip6.__u6_addr.__u6_addr32[2]) ^
-	    (id->dst_ip6.__u6_addr.__u6_addr32[3]) ^
-	    (id->src_ip6.__u6_addr.__u6_addr32[2]) ^
-	    (id->src_ip6.__u6_addr.__u6_addr32[3]) ^
+
+	i = murmur3_32_hash32(id->dst_ip6.__u6_addr.__u6_addr32,
+	    sizeof(struct in6_addr)/sizeof(uint32_t), V_hashseed) ^
+	    murmur3_32_hash32(id->src_ip6.__u6_addr.__u6_addr32,
+	    sizeof(struct in6_addr)/sizeof(uint32_t), V_hashseed) ^
 	    (id->dst_port) ^ (id->src_port);
 	return i;
 }
@@ -1583,6 +1587,7 @@ void
 ipfw_dyn_init(struct ip_fw_chain *chain)
 {
 
+	V_hashseed = arc4random();
         V_ipfw_dyn_v = NULL;
         V_dyn_buckets_max = 256; /* must be power of 2 */
         V_curr_dyn_buckets = 256; /* must be power of 2 */