From the Palo Alto documentation below, "when a VPN is terminated on a Palo Alto firewall HA pair, not all IPSEC related information is synchronized between the firewalls... This is an expected behavior. IKE phase 1 SA information is NOT synchronized between the HA firewalls." And from the second link, "Data link (HA2) is used to sync sessions, forwarding tables, IPSec security associations, and ARP tables between firewalls in the HA pair. Data flow on the HA2 link is always unidirectional (except for the HA2 keep-alive). It flows from the active firewall to the passive firewall." https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000HAuZCAW&lang=en_US%E2%80%A9&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail https://help.aryaka.com/display/public/KNOW/Palo+Alto+Networks+NFV+Technical+Brief

Correct. Only Phase2 are Synced.

https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/high-availability/ha-concepts/ha-links-and-backup-links#id1df2d565-1765-4666-83b0-87652318e06f

Correct option is A : This is an expected behavior. IKE phase 1 SA information is NOT synchronized between the HA firewalls - https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000HAuZCAW

I believe A is the answer https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClXGCA0#:~:text=Session%20states-,IPSec%20SAs,-MAC%20Tables

Study guide page 194: The HA2 link is used to synchronize sessions, forwarding tables, IPSec security associations and ARP tables between firewalls in an HA pair. Data flow on the HA2 link is always unidirectional (except for the HA2 keep-alive); it flows from the active or active-primary firewall to the passive or active-secondary firewall. The HA2 link is a Layer 2 link, and it uses ether type 0x7261 by default

I am going with B, Phase 1 and 2 are part of IPsec VPN tunnels.