FreeBSD 13
-
Out of curiosity.. what if any security or other improvements can either of you provide that would make anything about pfsense "safer" than it is right now?
The back end teams from the history of this project don't just jump into the next so called latest and greatest without doing their homework and testing.. There may be absolutely no changes to "13" that would do a bit of good.
Besides with 2.7 still in beta status how do you know what is in the backend planning?
This seems like a drive-by thread personally.
-
@chpalmer can't remember talking about security, but anything performance related
https://openbenchmarking.org/result/2102129-HA-2102103HA72pfsense waiting for whatever reason makes opnsense a better option, which made me choose it for the exact reason in my production deployment and without any problems over the past month
Good mention "The back end teams from the history of this project don't just jump into the next so called latest and greatest", so why did truenas's production release jump to 13 already in february?
-
One reason. VLAN 0.
That's reason enough to go to 13.1. -
A lot of people are jumping on the OPNSense bandwagon at the moment due to this.
More or less weekly updates and quick error fixing.
I havent done it yet but are considering changing our 2 Datacenters to OS.
-
@cool_corona Yeah, good luck to them I say. Opnsense is a mess. I have one site using it just because of vlan0, every time i have to log into it I cringe.
-
@jarhead Why?
-
@cool_corona
The interface is too sloppy.
I especially love how the traffic graph comes from off the screen.
Why are all interfaces on the same traffic graph?
I shouldn't have to struggle to see what is what on it.Things aren't where they 'should' be and I can go on but it comes down to personal preference of course.
I've never had a problem with opnsense but the interface is just too messy for me. I always feel like I have to search instead of just see.
All of this would change if I used it more, I know that, but in my opinion opnsense is made for people who don't know enough about networking and, maybe don't need to.
It's a "dumbed down" version of pfSense.
Usually you hear people say "I like opnsense more because the people on the forum are nicer." Probably true, but if you spend any time on their forum you'll quickly realize the people are nice, but most of them have no clue what they're talking about. I'd rather have some dick teach me the right way than some nice guy teach me nothing.
I'm not trying to put down opnsense and I know it comes off like that, but my point is it all comes down to personal preference. Opnsense works great and it's made for specific people. Just like Android and iphones. -
@jarhead I hear you.
Thats why I am still on pfsense.
Its the dashboard and Suricata that does it for me.
Would be nice to rearrane the menu so its more logical though.
-
@jarhead said in FreeBSD 13:
@cool_corona
The interface is too sloppy.
I especially love how the traffic graph comes from off the screen.
Why are all interfaces on the same traffic graph?
I shouldn't have to struggle to see what is what on it.Things aren't where they 'should' be and I can go on but it comes down to personal preference of course.
I've never had a problem with opnsense but the interface is just too messy for me. I always feel like I have to search instead of just see.
All of this would change if I used it more, I know that, but in my opinion opnsense is made for people who don't know enough about networking and, maybe don't need to.
It's a "dumbed down" version of pfSense.
Usually you hear people say "I like opnsense more because the people on the forum are nicer." Probably true, but if you spend any time on their forum you'll quickly realize the people are nice, but most of them have no clue what they're talking about. I'd rather have some dick teach me the right way than some nice guy teach me nothing.
I'm not trying to put down opnsense and I know it comes off like that, but my point is it all comes down to personal preference. Opnsense works great and it's made for specific people. Just like Android and iphones.Your point with the look isn't their problem as you are using custom theme, anyhow still pfsense doesn't have anything close to search function
-
@killermantv Has nothing to do with the theme. Did the same thing stock.
Had to change the theme just to make it bearable to look at. -
@jarhead said in FreeBSD 13:
@killermantv Has nothing to do with the theme. Did the same thing stock.
Had to change the theme just to make it bearable to look at.How funny it doesn't do that to me on either the default or same theme
-
@killermantv Maybe browser related?
-
@killermantv said in FreeBSD 13:
@chpalmer can't remember talking about security, but anything performance related
One thing to remember is that just because pfsense is using FreeBSD does not mean they are using all of FreeBSD.. There are aspects of the install that are not used nor installed.. and their are many improvements to the distro that pfsense has that are not part of the stock FreeBSD install if I remember that correctly.. The choice to stay with on version or put time and resources into the next have been weighed historically. Because of that this is a great product.
Tell me how many organizations you know of that need the use of VLAN0.. The company I work for has one of the largest VOIP based systems in the world and has had to date no use for it. That does not mean it will not come up in the future..
If we weigh the cost of one thing to benefit just a few at the expense of a quality product I choose to go about it a little slower and stay a little safer. But that is just my two cents. ;)
But as I said.. This seems like a drive-by thread personally.. to push another product.
-
@chpalmer said in FreeBSD 13:
@killermantv said in FreeBSD 13:
@chpalmer can't remember talking about security, but anything performance related
One thing to remember is that just because pfsense is using FreeBSD does not mean they are using all of FreeBSD.. There are aspects of the install that are not used nor installed.. and their are many improvements to the distro that pfsense has that are not part of the stock FreeBSD install if I remember that correctly.. The choice to stay with on version or put time and resources into the next have been weighed historically. Because of that this is a great product.
Tell me how many organizations you know of that need the use of VLAN0.. The company I work for has one of the largest VOIP based systems in the world and has had to date no use for it. That does not mean it will not come up in the future..
If we weigh the cost of one thing to benefit just a few at the expense of a quality product I choose to go about it a little slower and stay a little safer. But that is just my two cents. ;)
But as I said.. This seems like a drive-by thread personally.. to push another product.
Still truenas had no problem with that already in february
-
@killermantv said in FreeBSD 13:
Still truenas had no problem with that already in february
And on the storage side there may well have been more compelling reasons to move onto it than there are on the networking side.
If you look at the use of Unixes in business, and quite often Windows as well, they rarely are on the latest-and-greatest release, they prefer to be on a solid base that is reliable and a known quantity rather than spending a huge amount of time also chasing the latest-and-greatest bugs and interactions. That way time and money can be spent on improvements for customers rather than "oops, something broke". There's a reason why there are Linux LTS versions and even Windows LTS versions.
-
@vollans said in FreeBSD 13:
@killermantv said in FreeBSD 13:
Still truenas had no problem with that already in february
And on the storage side there may well have been more compelling reasons to move onto it than there are on the networking side.
If you look at the use of Unixes in business, and quite often Windows as well, they rarely are on the latest-and-greatest release, they prefer to be on a solid base that is reliable and a known quantity rather than spending a huge amount of time also chasing the latest-and-greatest bugs and interactions. That way time and money can be spent on improvements for customers rather than "oops, something broke". There's a reason why there are Linux LTS versions and even Windows LTS versions.
Even LTT migrated to opnsense because of pfsense "quality" delay
Youtube Video – [23:47..] -
@killermantv
I'm not taking any sides here, just trying to point some facts on what online information I can find...:
Deciso maintains only one product, Netgate has to maintain and develop 2:
pfSense and TNSR.And as we can see here:
https://www.netgate.com/blog/esl-gaming-leverages-netgates-tnsr-at-dreamhack-dallas-festival
I think the most revenue comes from TNSR product. I may be wrong but I don't have any inside charts.
Now about the above, I think is about resources, and a business decision. On which project a company will allocate more development, testing and other resources ? On the product that gives it more revenue.
I'm not saying this in a negative way, and I may be wrong due to insufficient data.
I'm using pfSense+ for free, and I'm using it only at home, so I can wait.
For the others I can understand, that a missing driver, like in Linus case above, can become a showstopper. -
-
@stephenw10 said in FreeBSD 13:
https://www.netgate.com/blog/pfsense-software-is-moving-ahead
Good news :)
-
sounds like this will change already stated "soon" TM , cant wait !
