Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Advantages to Plus

    Scheduled Pinned Locked Moved Off-Topic & Non-Support Discussion
    21 Posts 6 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      michmoor LAYER 8 Rebel Alliance
      last edited by

      Curious but will there be any features available to PLUS customers in the future that are features with some substance?
      Just wondering where are all the new features on Plus. The updates are indeed faster than on CE so i suppose thats a feature. I appreciate that.
      But in the future if im going to pay 129/yr, i dont think a ZFS Widget or AWS VPN Wizard for example are exactly reasons to pay. Whats the feature roadmap for Plus. Redmine doesnt have anything
      Id imagine Plus will remain no cost until there is something worth paying for?

      Firewall: NetGate,Palo Alto-VM,Juniper SRX
      Routing: Juniper, Arista, Cisco
      Switching: Juniper, Arista, Cisco
      Wireless: Unifi, Aruba IAP
      JNCIP,CCNP Enterprise

      R Dobby_D RobbieTTR P 4 Replies Last reply Reply Quote 0
      • R
        rcoleman-netgate Netgate @michmoor
        last edited by

        @michmoor ZFS Boot Environments being in the GUI is a big difference.

        But there will be others. What? Not my department :)

        Ryan
        Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
        Requesting firmware for your Netgate device? https://go.netgate.com
        Switching: Mikrotik, Netgear, Extreme
        Wireless: Aruba, Ubiquiti

        M 1 Reply Last reply Reply Quote 0
        • M
          michmoor LAYER 8 Rebel Alliance @rcoleman-netgate
          last edited by

          @rcoleman-netgate said in Advantages to Plus:

          But there will be others. What? Not my department :)

          You really going to keep me in suspence?!?! Man...........
          LOL

          Firewall: NetGate,Palo Alto-VM,Juniper SRX
          Routing: Juniper, Arista, Cisco
          Switching: Juniper, Arista, Cisco
          Wireless: Unifi, Aruba IAP
          JNCIP,CCNP Enterprise

          R 1 Reply Last reply Reply Quote 0
          • R
            rcoleman-netgate Netgate @michmoor
            last edited by

            @michmoor I just work in TAC. I literally only deal with the current release, and two back for support reasons... You want an enginerd for your answers :D

            Ryan
            Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
            Requesting firmware for your Netgate device? https://go.netgate.com
            Switching: Mikrotik, Netgear, Extreme
            Wireless: Aruba, Ubiquiti

            M 1 Reply Last reply Reply Quote 0
            • M
              michmoor LAYER 8 Rebel Alliance @rcoleman-netgate
              last edited by

              @rcoleman-netgate I appreciate the response, no worries. If the Devs want to chime in it would great.

              Firewall: NetGate,Palo Alto-VM,Juniper SRX
              Routing: Juniper, Arista, Cisco
              Switching: Juniper, Arista, Cisco
              Wireless: Unifi, Aruba IAP
              JNCIP,CCNP Enterprise

              S 1 Reply Last reply Reply Quote 0
              • S
                SteveITS Galactic Empire @michmoor
                last edited by

                @michmoor There was a thread a year ago:
                https://forum.netgate.com/topic/170085/is-there-a-versus-showing-what-are-differences-between-ce-and-plus/4

                TL,DR:

                OpenVPN import tool
                QAT Crptyo
                ZFS Widget
                AWS VPN Wizard
                IPsec Export: Apple Profile
                IPsec Export: Windows Powershell
                Cert based LDAP auth

                And
                boot environments (backwards, forwards, auto-recover).
                IPsec-MB
                Firewall Ethernet Filtering
                DCO

                If you search the docs for "Plus only" it finds the word "plus" a lot but can show feature notes.

                Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
                When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
                Upvote 👍 helpful posts!

                1 Reply Last reply Reply Quote 1
                • Dobby_D
                  Dobby_ @michmoor
                  last edited by

                  @michmoor said in Advantages to Plus:

                  Id imagine Plus will remain no cost until there is something worth paying for?

                  The most users are looking for features, but I think
                  it is more a private usage and business usage "thing".

                  The better or more features will be coming by site or
                  on top, time after time.

                  #~. @Dobby

                  Turris Omnia - 4 Ports - 2 GB RAM / TurrisOS 7 Release (Btrfs)
                  PC Engines APU4D4 - 4 Ports - 4 GB RAM / pfSense CE 2.7.2 Release (ZFS)
                  PC Engines APU6B4 - 4 Ports - 4 GB RAM / pfSense+ (Plus) 24.03_1 Release (ZFS)

                  1 Reply Last reply Reply Quote 0
                  • RobbieTTR
                    RobbieTT @michmoor
                    last edited by

                    @michmoor
                    QAT of course but this week the boot environments saved my day in around 90 seconds. It does not get any better than that!

                    ☕️

                    M 1 Reply Last reply Reply Quote 1
                    • M
                      michmoor LAYER 8 Rebel Alliance @RobbieTT
                      last edited by michmoor

                      @RobbieTT Im thinking in terms of the future. At some point in the future plus will be $129/yr.
                      Is QAT or boot environments really worth that? Doesnt seem like the proper value add. The reason they will charge is that they expect growth and an increase in revenue. Thats fine. But in order to get that increase you need buy-in from customers and at the end of the day I dont think there is any powerful enough marketing to say "Pay us and get QAT".
                      To @Dobby_ point, it comes down to the feature set. There is no doubt i think in anyone's mind that if there were subscription-based packages such as url filtering or remote management, as a great example, people will pay. In fact they can charge $499/yr and people will pay.
                      Im sure Netgate has the pulse of the community but at this time im trying to figure out the "Why use Plus" question.

                      Firewall: NetGate,Palo Alto-VM,Juniper SRX
                      Routing: Juniper, Arista, Cisco
                      Switching: Juniper, Arista, Cisco
                      Wireless: Unifi, Aruba IAP
                      JNCIP,CCNP Enterprise

                      Dobby_D RobbieTTR 2 Replies Last reply Reply Quote 0
                      • P
                        Patch @michmoor
                        last edited by Patch

                        @michmoor said in Advantages to Plus:

                        will there be any features available to PLUS customers in the future that are features with some substance?

                        Is there some reason you would like to accelerate this process?
                        Imo it will happen at a rate balancing Netgate's marketing, finance and possibly development testing imperatives.

                        As for your request they should inform you of their current schedule. Seriously you have to be joking. You are not even a paying customer, never mind a Netgate owner.

                        M 1 Reply Last reply Reply Quote 0
                        • Dobby_D
                          Dobby_ @michmoor
                          last edited by

                          @michmoor said in Advantages to Plus:

                          Im sure Netgate has the pulse of the community but at this time im trying to figure out the "Why use Plus" question.

                          If you run your business and make money with their code,
                          you give them "something" from that money or you will
                          be not able to use it! This makes sense for me, because
                          if a project reaches a day where the "project holders" say
                          that they should be able to life from that or the entire
                          project will be dying or must die, then it is for us all, the
                          CE and Plus users the best option as I see it right.
                          Please fell free to correct me if I am wrong with that here.

                          And on top the CE version is still there, so there is nothing
                          to complain about.

                          will there be any features available to PLUS customers in the future that are features with some substance?

                          It is pretty new, the Plus version I mean, and when there
                          are much more differences, more features and also more
                          other "things" I am pretty sure they take that $129/year
                          because then it is "worse" and during that let us it call
                          growing phase it is not taken.

                          Again, I am not the Netgate owner or an employee, so
                          please accept it could be verry wrong or far away from
                          the real point it goes around, but for my self it is more
                          something like that;

                          You are an individual and use it private and don´t make
                          money with their code, it is free and you can´t hold or take
                          them responsible for any behaviour. And if you are doing business and making money with their code you should
                          pay for it
                          .

                          If you count all in all together, it is not only that $129/year
                          as I think about, urlHaus and spamHaus fees, snort rule fees
                          and such things comes on top of all and perhaps the
                          freeradius was not for using it in business too!!!!

                          OpenSource is for me the option that the source code is
                          open to watch it over and not free of charge software
                          for everyone, and on Sunday if a problem occurs the
                          code writers must be still available for a free call and
                          help too! This is not like it should running if the rest
                          is doing business with that code and earning money
                          much as able to realize.

                          #~. @Dobby

                          Turris Omnia - 4 Ports - 2 GB RAM / TurrisOS 7 Release (Btrfs)
                          PC Engines APU4D4 - 4 Ports - 4 GB RAM / pfSense CE 2.7.2 Release (ZFS)
                          PC Engines APU6B4 - 4 Ports - 4 GB RAM / pfSense+ (Plus) 24.03_1 Release (ZFS)

                          1 Reply Last reply Reply Quote 0
                          • M
                            michmoor LAYER 8 Rebel Alliance @Patch
                            last edited by

                            @Patch who’s accelerating?
                            I purchased 15x 6100s…I’m not a paying customer? Are you ok? You need some therapy bud

                            Firewall: NetGate,Palo Alto-VM,Juniper SRX
                            Routing: Juniper, Arista, Cisco
                            Switching: Juniper, Arista, Cisco
                            Wireless: Unifi, Aruba IAP
                            JNCIP,CCNP Enterprise

                            1 Reply Last reply Reply Quote 0
                            • RobbieTTR
                              RobbieTT @michmoor
                              last edited by

                              @michmoor said in Advantages to Plus:

                              @RobbieTT Im thinking in terms of the future. At some point in the future plus will be $129/yr.
                              Is QAT or boot environments really worth that? Doesnt seem like the proper value add. The reason they will charge is that they expect growth and an increase in revenue. Thats fine. But in order to get that increase you need buy-in from customers and at the end of the day I dont think there is any powerful enough marketing to say "Pay us and get QAT".

                              I think my point is that different users will have a different reason to select pfSense Plus, or indeed not to.

                              The good thing about this change is that Netgate remains committed to the free version (as they should be with a nod towards both development and probably OPNSense), providing Plus for free for individuals or lab use and providing it as part of a Netgate hardware purchase.

                              The price you suggest would equate to what a 6100 Max would cost over 7 years. It does not seem like a mad price to me, especially with the free or limited use options still available.

                              ☕️

                              M 1 Reply Last reply Reply Quote 0
                              • M
                                michmoor LAYER 8 Rebel Alliance @RobbieTT
                                last edited by

                                @RobbieTT Oh for sure. My question was really geared toward the value add proposition for Plus. Considering CE and Plus differences are very minor im hoping in the future plus users get more exclusive features because of the proposed charge.

                                Firewall: NetGate,Palo Alto-VM,Juniper SRX
                                Routing: Juniper, Arista, Cisco
                                Switching: Juniper, Arista, Cisco
                                Wireless: Unifi, Aruba IAP
                                JNCIP,CCNP Enterprise

                                RobbieTTR 1 Reply Last reply Reply Quote 0
                                • RobbieTTR
                                  RobbieTT @michmoor
                                  last edited by

                                  @michmoor
                                  It's hard to know the future but for me the end of the Netgate experience may be due to the BSD handicap with high-bandwidth PPPoE, rather than a 'must-have' feature.

                                  PPPoE WANs are pretty common in Europe and relying on a single core under BSD is probably a dead-end for Netgate hardware, with or without the Plus.

                                  ☕️

                                  M 1 Reply Last reply Reply Quote 1
                                  • M
                                    michmoor LAYER 8 Rebel Alliance @RobbieTT
                                    last edited by

                                    @RobbieTT yep good point. Don’t think they will be moving to a Linux based pfSense anytime soon. So where will you go next?

                                    Firewall: NetGate,Palo Alto-VM,Juniper SRX
                                    Routing: Juniper, Arista, Cisco
                                    Switching: Juniper, Arista, Cisco
                                    Wireless: Unifi, Aruba IAP
                                    JNCIP,CCNP Enterprise

                                    RobbieTTR 1 Reply Last reply Reply Quote 0
                                    • RobbieTTR
                                      RobbieTT @michmoor
                                      last edited by

                                      @michmoor No idea as to the next path. I'm still pretty new to pfSense having leapt from EdgeRouters, but I did so knowing of the PPPoE limitation and that the 6100 would be the minimum required for my needs.

                                      I think I may be able to squeeze 1.4 Gbps through the 6100, which will probably be ok for the next 2 years or so. Of course, I'd like to be able to run more demanding packages too but BSD vs PPPoE makes this impossible.

                                      What made the 6100 even a contender for my use was QAT. The offloading provided by it keeps the router relevant, along with the good selection of interfaces. I also prefer to pay for firewall/routers rather than rolling my own - it makes the compliance process considerably easier.

                                      Of course, there is always hope that with BSD pulls something out of the bag or that PPPoE is dropped from the likes of the UK Openreach network... no breath is being held for either though.

                                      ☕️

                                      R 1 Reply Last reply Reply Quote 0
                                      • R
                                        rcoleman-netgate Netgate @RobbieTT
                                        last edited by

                                        @RobbieTT said in Advantages to Plus:

                                        I did so knowing of the PPPoE limitation and that the 6100 would be the minimum required for my needs.

                                        We have many reports of PPPoE speeds on devices exceeding 800mbps on ~1Gbps service lines.

                                        I have 960Mbps Lumen FTTH that is VLAN'd PPPoE and I get full service speed on a 7100. A coworker is getting 800Mbps on the same service with a 2100.

                                        Ryan
                                        Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
                                        Requesting firmware for your Netgate device? https://go.netgate.com
                                        Switching: Mikrotik, Netgear, Extreme
                                        Wireless: Aruba, Ubiquiti

                                        RobbieTTR 1 Reply Last reply Reply Quote 0
                                        • RobbieTTR
                                          RobbieTT @rcoleman-netgate
                                          last edited by RobbieTT

                                          @rcoleman-netgate said in Advantages to Plus:

                                          We have many reports of PPPoE speeds on devices exceeding 800mbps on ~1Gbps service lines.

                                          Oh for sure - I am one of them and have also posted positively on this forum.

                                          I run a PPPoE 1 Gbps FTTP service via a 2.5 GbE ONT with FQ_CoDel on upload and download, pfBlockerNG plus some minor services, with a mixed IPv4/IPv6 environment (heavy on the IPv6 side) and LAN and VLANs in a RoS configuration on a single SFP+ (10GbE) interface. When running at the full 920+ Mbps the single core is ~80% loaded, so I currently have some CPU headroom.

                                          20230607-top -HaSP-Max Download.png

                                          Running the above on a synthetic local PPPoE load it seems to top-out at ~1.2 to 1.4 Gbps. My ISP is moving to a 2 Gbps+ service (an actual 1.8 Gbps) later this year; so from then I will be leaving bandwidth on the table.

                                          Ideally I would also be running Suricata and ntopng as additional packages but I just don't have the CPU performance needed for PPPoE.

                                          I should add the other performance metric of note - QAT offloaded IPsec is just epic. I am also trying to tune my PPPoE performance further:

                                          IMG_2299D copy.JPG

                                          I mean, who amongst us doesn't like to breakout the testing and see how far we can push Netgate & pfSense?

                                          ☕️

                                          R 1 Reply Last reply Reply Quote 1
                                          • R
                                            rcoleman-netgate Netgate @RobbieTT
                                            last edited by rcoleman-netgate

                                            @RobbieTT said in Advantages to Plus:

                                            I mean, who amongst us doesn't like to breakout the testing and see how far we can push Netgate & pfSense?

                                            .... A number of months back I requested allocation of some extra hardware so I could reasonably test 10Gbps PPPoE in the lab.
                                            As of yet... it has not been approved -- but I'm just a TAC support grunt and not in the engineering department nor do I do any testing outside of redmines and future releases.

                                            Ryan
                                            Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
                                            Requesting firmware for your Netgate device? https://go.netgate.com
                                            Switching: Mikrotik, Netgear, Extreme
                                            Wireless: Aruba, Ubiquiti

                                            RobbieTTR 1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.