https://redmine.pfsense.org/issues/14004

@cmcdonald said in Strange kernel messages (zfs) after upgrading to 23.01:

fixed in snapshots

Don't know what exactly it means, but sounds like it will be fixed with the feature updates.
As far is not critical and looks like a debug message, I'll not worry about :)

Thanks.

There are workarounds to allow it but the config becomes increasingly complex!

Like add the primary as a gateway on the secondary and use that as a failover group.

@steveits said in Unplug WAN before device flash?:

In that state no OS is running, so no routing

Perfect, this was what I was after. Thank you

@viragomann Thanks this completely resolved my issue.

@bearhntr I had the same issue and evenrually gave in and did a clean install. As a benefit, I got boot environments setup on my SG-4860, which given how long I have had it, did not have it configured.

Make sure you have online (autoconfig backup if Plus) and locally downloaded as well before you take the plunge to do a clean install.

The php library error was almost certainly caused by it pulling in a bunch of pkgs from a newer version. On a much older version like that you would need to ensure the update branch is set to match it in order to remain there. By default it will be set to 'Current Stable' version.

Steve

@stephenw10

Sorry my miss, I've tested on my iphone with speedtest app near the accesspoint on wifi6 as just a quick random test. The problem was with my iphone, god knows why the speed halved, a restart of the phone was helped. Back to around 850Mbps. PfSense was flawless.👍

@stephenw10 When we installed the patch, the symptoms were completely gone So thanks a lot for pointing us in the right direction!

So case solved ✅

Additional info:

We think we know why this happens only on those two firewalls. It happens that they are the ones with the most rules and aliases (by far) in our environment. we couldn't pinpoint it at first, because the 15min reload interval kept the load on maximum, so we couldn't see the interval (=the underlying mechanism) at all. But we could trigger the behavior in a "calm phase" by editing and applying a random rule (and thus triggering the reload). Then the load would be up for several minutes.

please don´t forget performing a proper "chmod"
after downloading files from outside.

FreeBSD chmod

@manjotsc Great!

I'm just going to reference this other thread on the same topic, same solution.

@keyser

Seeing that FreeBSD 14 is now at the core of pfSense
in 23.01, and Wireguards ChaCha20-Poly1305 cipher
has been made available for both IPsec and OpenVPN
DCO, where are we in terms of hardware acceleration
of this stream cipher?

It rumours here and there but not really something that
will be available soon for usage.

Is it supported at all at this point?

The new Intel Atom C5000 or P5000 SoC series will be sorted with QAT 2 or QAT 3 as I am informed.

If so in which cases - AES-NI, QAT on Intel? SafeXcel on > arm?

The DPDK has something right now "available", that is using the Intel QAT to support the ChaCha-Poly algorithm
as I know it is the only available source about at this time.

This patchset adds Chacha20-Poly1305 implementation to Intel QuickAssist Technology pmd.

I know ChaCha20 is much faster (soft) on the CPU than traditional AES block ciphers, but still, Intel released benchmarks on linux that showed wireguard could see anything from 3 to 10X speed increase using AVX512 and QAT.

Linux is not FreeBSD, and FreeBSD is the underlying OS for pfSense. They are both "unixoide" OS but nothing more.

I would really like to switch to Wireguard for my Site 2
Site tunnels, but since I have SG-2100’s in the other end,

The ARM architecture is different from the x86_64 and comes also with an own crypto unit, its strong and powerful but not the same as Intel QAT.

@00sjsl said in After upgrading to 23.01 Status/Monitoring Thermal Sensors not updating:

I'm curious as to why corbuc_0 (which seemed to convey real information) is gone, but thermal_tz0 which is always 26.9 C remains.

Sorry, I don't know the why, just the what.

@tiekoetter

After upgrading to 23.01 I noticed some issues:

The most of us all, more or less. I find out the best methods
told around here and over the internet was the following;

Fresh install 2.7 and upgrade to the 23.01 and then over CLI
upgrade to the latest version 23.01 RC From 2.6 (zfs) to 2.7 and then to 23.01 and once more to
23.01 RC as now would be the best two ways to walk.

Upgrade > reboot > update the packets and reboot again
let went away many of the most problems of my box.

@stephenw10
Yep, going to look in to a noctua cpu fan.

@stephenw10 I guess I just removed and pasted and didn't really pay attention to what was before. But confirmed on another 23.01 and indeed it is.

So I have no idea about what 'fixed it'. I repeat the same steps as before when I got the error, and I can't replicate.

@stephenw10
Thank you!
I went back and downloaded the correct version. That didn't fix my core issue, but it did clear up why I was not seeing those choices.

@steveits thank you. I don't know if my lastpass is trying to log me in, but this is the first time I have even heard of CSRF. I was going to clear cookies and try again, but on Ubuntu 22.04 Vivaldi and Firefox time out getting to the appliance (192.168.1.1). It works fine on Windows and Ubuntu 20.04.