Is 24.08 on track?
-
โ Right now, I'm sitting a a hotelโ
Donโt you own a bunch of hotels and manage pfsense there
-
Yeah, right, but just one hotel and it's great, as it has pfSense.
-
@Gertjan but does it have 24.08?
-
@michmoor said in Is 24.08 on track?:
@Gertjan but does it have 24.08?
I was about to ask him that too.
-
Noop.
And when 24.08 hits the road, I will not hit the update upgrade button right away. I'll observe the forum for at least one week or two.
I'm using my own pfSense enhancements right now which are portal related, and need DHCP options for that. Also, my LAN, as it is a company, only hosts known wired devices and maybe 2 or 3 Wifi devices, all of these use DHCP MAC static leases, something KEA can't offer yet.For me, 24.08 will be an update where "something very elementary that worked well since decades" gets replaced by something else, and the expectations will be as high. In other words : DHCP ISC against KEA. DHCP ISC will still be there of course, and like DNS, we will be able to select the 'old', dnsmasq, the forwarder, and the new, unbound, the resolver, at any time.
I wouldn't be surprised that 24.08 - the version number - will never exist. It will be a 24.1 or even higher, as a lot - small bits of code have to be changed everywhere. Which explains, for me, the absence of the snapshots, as at any time something get broken all the time.
-
@Gertjan one can assume that it has to do with the single pane of glass gui change.
Make sure to upvote
-
Mostly, yes.
But the GUI part of pfSense is just the visible part of the coding.
This time, another unbound part of unbound will be used : unbound-control, and will be used to insert (and remove, if needed) the DHCP lease info (host name, IP) into the unbound local cache. That's new ....Furthermore, for the DHCP server configuration, there are about 450 possible possible options and most of them have parameters (in parameters) ....
It's like writing a GUI front-end for postfix. Many have tried .... we are now in 2024, it still can't be done. bind : same thing, and probably worse. FreeRadius : don't even try, you put your your mental health at stake.
Just for the fun : the unbound config. read it ? really ? ok, great, now you know what unbound can do. -
@Gertjan Jim said no to my swap feature request because it should be hardware based ie ram not swap
-
What has swap to do with this ?
-
@Gertjan
https://redmine.pfsense.org/issues/15691
https://forum.netgate.com/topic/189784/simplifying-use-of-external-swap-and-new-size-limitsI thought this was a good idea.. guess not.
-
@JonathanLee said in Is 24.08 on track?:
@Gertjan one can assume that it has to do with the single pane of glass gui change.
Don't know where people see an UI change. That's not happening or doing anything. 24.08 I'm certain enough will have the same UI as ever, as the MIM is NOT something that is hard wired to pfSense itself. On reddit their staff has already commented, that the MIM can run on pfSense but it isn't necessary to run it on a firewall itself but it can also be run on a debian VM instead. So the UX you saw in the sneak preview is exactly that - UX of the MIM/controller part, nothing to do with pfSense itself as IMHO it will just be a standalone package that you can run on pfSense or not - similarly to ntopng - with its own UI. At least that's the intel I get from all the staff responses on their subreddit.
-
@JeGr said in Is 24.08 on track?:
@JonathanLee said in Is 24.08 on track?:
@Gertjan one can assume that it has to do with the single pane of glass gui change.
Don't know where people see an UI change. That's not happening or doing anything. 24.08 I'm certain enough will have the same UI as ever, as the MIM is NOT something that is hard wired to pfSense itself. On reddit their staff has already commented, that the MIM can run on pfSense but it isn't necessary to run it on a firewall itself but it can also be run on a debian VM instead. So the UX you saw in the sneak preview is exactly that - UX of the MIM/controller part, nothing to do with pfSense itself as IMHO it will just be a standalone package that you can run on pfSense or not - similarly to ntopng - with its own UI. At least that's the intel I get from all the staff responses on their subreddit.
I assume this is correct. However, the MIM might require some adaptations within the pfsense code to get proper status returns and such - dare I say API...... ;-) which is not a trivial task to add to the pfsense code.
-
@keyser said in Is 24.08 on track?:
I assume this is correct. However, the MIM might require some adaptations within the pfsense code to get proper status returns and such - dare I say API...... ;-) which is not a trivial task to add to the pfsense code.
Sure, but as I deduct it will be an external package that can be fixed afterwards, as it will only be a preview anyways and with limited functionality so I don't assume that the MIM is the big showstopper here.
Also about various users/people not posting: there are things like summer vacations, too
-
@JeGr All the status/return info/API part is something that needs to be in the pfSense code - not the MIM. So it cannot be added without a new pfSense release.
-
Side note I really wish that there was an SSD built for swap useโฆ.
Make sure to upvote
-
@JonathanLee optane? Any high endurance SSD like a HGST 10DWPD would suffice no?
-
@JonathanLee
Any older, good-quality MLC SSD with a capacity of around 1 TB should last longer than you might expect. Which interface are you considering? SATA? M2? -
@w0w M2
-
@JonathanLee
Samsung 960-980 Pro capacity 512GB+ or you can try EVO 960 series. More capacity, more writes allowed till die. What m2 size exactly allowed? -
This is one of those cases where the question is simple and so should the answer... but things are more nuanced in this release in particular. It essentially comes down to wanting to do cool things that many, needless to say us, have wanted for a long time and the fact that a lot of hard work is needed to do them properly. MIM is indeed part of that, but it's more so about the long term in general.
I won't go into detail because it'd take up even more time, so let me just give one example of what I mean: I'm very excited about the work happening around Kea and Unbound that will let us resolve this 9yr old bug report:
https://redmine.pfsense.org/issues/5413Speaking for myself, I think the delay in 24.08 is worth it.
