pfSense Plus Software Version 23.01 is Now Available for Upgrades
-
After running for about 3 days on 23.01, I had to back out to 22.05. I am running on a Netgate SG-6100. 900 down/100 up Mbps PPPoE connection (UK Zen). Not a complicated configuration, only a few firewall rules.
I was having performance problems that mostly showed as slow web page loads. I thought it might be a DNS problem, but I found nothing conclusive. I spent waaay too much time troubleshooting this, so I decided to back out.
After backing out to 22.05 with a ZFS snapshot, the performance was back to normal.
Just adding my $.02
FollyDude
-
@follydude-0 Next try, or for others with a similar issue…if you have DNS Resolver set to forward, uncheck the option to use DNSSEC and see if that helps. It did here, I’ve seen a few other posts, Quad9 says it can cause false failures, and Netgate has that tidbit (to disable it) in a troubleshooting doc or other doc page I’m not finding again at the moment.
-
Hi all,
just my experience: very poor network performance on upgraded version.
Immediately revert back to 22.05
barber
-
Thanks for your input, in my case I am not using DNSSEC but DNS over SSL/TLS with Cloudflare DNS servers.
-
I would like to know what is the most correct procedure for updating to version 23.01.
I had problems updating with 3 devices. 2 non-Netgate hardware and 1 Netagate 2100.
A. For a non-Netgate hardware and the Netagate 2100 the procedure was as follows.
1. Backup to the configuration, 2. disabled pfblocker (Keep Settings), 3. System/Update/System Update.
At the first pfsense crashed and the Netgate 2100 did not boot.B. For the second non-Netgate hardware the procedure was as follows.
1. Backup to the configuration, 2. pfblocker enable, 3. System/Update/System Update.
Also pfsense crashed.I still have about 4 devices to update and I don't know what I should do to avoid situations like this
-
@iulianteodor The recommendation in the upgrade guide is to uninstall packages, not disable them. It’s supposed to work, and the upgrade will upgrade the package too, but it’s cleaner if you do it.
The 2100 (and 1100) had a bug apparently due to early (ufs?) models having a small EFI partition. I hit it too but I expected it because I was intentionally testing it for Netgate in a thread discussion. The update was pulled: https://forum.netgate.com/topic/178049/pfsense-plus-23-01-updates-on-the-1100-and-2100-systems. Per other threads, even knowing the conditions Netgate wasn’t able to replicate it.
Sorry to hear of your experience. I’ve updated many routers at many clients the last 15ish years and problems are rare. 23.01 was a major OS upgrade and a major PHP upgrade so I personally was expecting some rough edges, especially in packages, which are often by third parties. Usually I watch the forums for a week or two before starting to test.
-
@steveits I've been using pfsense for more than 5 years and it's the first time I've encountered problems like this.
I recovered the Netgate 2100 with installation with ZFS. I did not succeed with UFS. Clearly, as you say, due to the small partition.
The following devices I will do as you said with the uninstallation of the packages.
Thank you very much! -
@mwatch what about a CE 2.7 release? Are there plans for a new release or will CE be phased out silently? In former times CE and plus arrived at the same time, until now i can't here anything about a new CE release ...
-
@saerdna https://redmine.pfsense.org/projects/pfsense/roadmap
-
@steveits thnaks for the link to the roadmap. The open bug reports have "Target Version: 2.7.0" and "Plus Target Version: 23.05", so the new CE 2.7.0 will be released with plus 23.05 in maybe 4-6 months?
-
@saerdna I was just trying to point out 2.7 still existed. re: target versions, they tend to show a version instead of "next" for open issues. Up until 23.01's release they were all 2.7 and 23.01. So I don't think one can assume 2.7 will be tied to any Plus version. Seems they are disconnected now. Per https://www.netgate.com/blog/pfsense-plus-pfsense-ce-dev-insights-direction "There will be CE releases after 2.6, but unlike Plus, they’ll be done when they’re ready, not on a regular cadence."
-
There is a certain irony here with this split between the CE version and the + version in that those paying for (via hardware) or opting for the + version end up being BETA testers for the upgrade process and the new version.
Those not opting for the plus version and so deliberately getting the upgrade delayed to their CE version, actually end up with the better experience!
Just seems a bizarre approach by Netgate.
-
@phil_d
Well, I had a strong allie this time : I could install/upgrade the new RC, and test drive it.
With the click of a button I could get back to 'stable (22.05 for me), thanks to ZFS.RC was ... event-less. It worked for me.
Btw : I have 2.6.0 at home.
I'm not in a rush to update that one.
2.7.0 will be fine. Or maybe a RC if that shows up first. -
@jarhead the upgrade that is presented in the GUI does not show 23.01 as an option. The only path currently is 22.01 and then move from there. However that isn’t really an option because of all of the changes made to the code base. For example I need support for the Intel 226i NIC which works fine in 27.0 but not 22.01.
-
@patryan said in pfSense Plus Software Version 23.01 is Now Available for Upgrades:
GUI does not show 23.01 as an option. The only path currently is 22.01 and then move from there.
So, you wind up in 22.01, and several minutes later in 23.01.
23.01 doesn't have 226i NIC support ?
Or 22.01 doesn't have 226 support, leaving your system in a state without NIC's ?Ask support for a copy of 23.01, and clean install - it's just a minute or so more work.
-
Can you really ask support for a pfsense plus installer for generic x86-64 hardware?
I thought the only options are factory images for Netgate hardware or install CE and upgrade to plus. I didn’t think fresh installing plus on generic hardware was possible.
-
@bradsm87 said in pfSense Plus Software Version 23.01 is Now Available for Upgrades:
I didn’t think fresh installing plus on generic hardware was possible.
If it is - I have missed that announcement, which I think would be a pretty big one.
-
@bradsm87 said in pfSense Plus Software Version 23.01 is Now Available for Upgrades:
Can you really ask support for a pfsense plus installer for generic x86-64 hardware?
No, one must upgrade from 2.6. Netgate doesn't have a download for Plus so one needs to request the image from TAC. Usually it takes only 15 minutes or so, they are pretty fast.
-
@steveits said in pfSense Plus Software Version 23.01 is Now Available for Upgrades:
Netgate doesn't have a download for Plus so one needs to request the image from TAC
Just to clarify - this would only be for netgate appliances - I am not aware of generic install for non netgate devices.
If your running say for example a netgatte 6100 or 5100 or like me an older 4860, then sure you can get image from TAC, and they are normally johnny on the spot in answering with a link to the download.
-
@johnpoz said in pfSense Plus Software Version 23.01 is Now Available for Upgrades:
this would only be for netgate appliances - I am not aware of generic install for non netgate devices.
That's what I was trying to say (by the "no"...), without enough coffee. Thanks. :)
Almost all of the Netgate hardware models have their own (re)install instructions at https://docs.netgate.com/pfsense/en/latest/solutions/ which is what their support will send with the image.