BETA BLOWS, WANT TO DOWNGRADE ASAP
-
I've run pfsense beta in production in the past knowing that there is a small risk, and there is always a risk in all stages of development that something might break, though the risk decreases at each stage of course, having said that, it is my responsibility to check what changes have been made on redmine provided by pfsense and then evaluate if those changes affect my setup and whether its worth the risk to upgrade or not, bearing in my mind my system is in production.
Ive seen some interesting features available on 2.1 thats not on 2.0 and I'm willing to take the risk, I have a small network that consists of over 50 users, loads of application servers all on top of esxi hosts and remote locations running pfsense with vpn tunnels back to my pfsense vm in my esxi's, if I decided to upgrade my environment to 2.1 and it breaks as frustrating as it is, its my fault. :0)
It all depends on how much of an urgency you need a feature available in the beta thats not available in the stable versions of pfsense.
If it aint broken stick with stable, otherwise keep tabs on redmine to see what changes are applied in the snapshots and if something breaks dont post inflammatory headings, it doesnt solve your problem.
And the general consensus is try to use Intel NIC's if possible.
-
I will report back with logs, but I just did a simple google for "pfsense 2.1 no internet reboot" and lots of stuff comes up.
Really? ::) Replace "pfsense 2.1" with any other software or hardware product /vendor and you will also find "lots of stuff". I'm sorry but your post could be used as the poster child of "what not to post in a support forum".
-
Thanks again, I hope that the RC is much better then the BETA.
Best wishes,
MattThere is almost no information or log reports for anyone to attempt to even look at your problem.
2.1 is BETA and may have some issues especially with Free BSD drivers or interfacing with other packages. Apart from a few issues with packages (one of them BETA as well) which have been addressed, 2.1 is running fine on our home network.
We standardize on Asus motherboards and INTEL Dual port NICS and this cuts down tremendously on any other issues we may have had in the past.
-
How would I go about getting the logs? It hasn't crashed since, but the internet just stops working… the other side, lan side (lagg) is fine?
Do you think a factory reset is in order or what? I have changed nics and same thing?
By the way, telling me what I did wrong isn't helping either. I know I screwed up, I just want to move forward. If I put out a bounty for support, would there be any takers?
Thanks.
Best wishes,
Matt$100 okay?
-
-
I don't have physical access to the server, could this command be ran from the WEB GUI?
Thank you for your help :)
Best wishes,
Matt -
Go to /exec.php in the WebGUI, then enter the command there and execute it.
-
I don't have physical access to the server
SSH to pfSense from Linux/Unix system.
Putty to pfSense from Windows.Or use Diagnostics -> Command Prompt in pFsense web GUI, type the command in the Command box and click on the Execute button (essentially what gderf suggested).
-
I used the Web UI and now the Web UI is frozen lol
Guess putty would have been a better choice.
lol
Will keep you posted
-
were running pfsense 2.1 Beta on our Network for MANY MANY months in our Multi-million dollar
company. other than the brief time my boss was a moron and switched us to Cisco. that came
back to bite him in the a** and has since been fired and right back to pfsense we went..we standardized on Supermicro Servers with Dual Port PCI-e Gig-E intel Nics.
we have AT last count 60 of these pfsense servers in production in Colocation as well as Warehouses
and our offices.at our warehouses/colo sites, we run at pretty close to 75% utilization of Gig-E bandwidth.
Downtime???? what downtime? 0… nada... even on EARLY 2.1 Snapshots.... (other than the brief 2 month stint my boss
did with Cisco but that wasnt a pfsense issue)we have a HUGE mix of VOIP and Data... and lots of servers spread out...
-
@SunCatalyst:
other than the brief time my boss was a moron and switched us to Cisco. that came
back to bite him in the a** and has since been fired and right back to pfsense we went..So much for the old "nobody ever got fired for buying Cisco" mantra. ;D
What came back to bite you? Email response fine if you prefer not posting publicly (cmb at pfsense dot org), I'd like to know even if it's not something I can share.
-
Oh right make public accusations but only share in private.
If not backed up in public. It did not happen. Or the cause was actually something else and blamed on Cisco.
I want to know too.
-
Or the cause was actually something else and blamed on Cisco.
Cisco does have its strengths and weaknesses, but based on human nature I find it a bit hard to believe that a "multi-million dollar" company's IT manager would be fired for choosing "enterprise-grade" Cisco gear (unless the company has a very tech-savvy management that really understands the issues involved, which usually means that said company is itself in telecoms or IT).
-
what we ran into when we switched to Cisco…
no unbound, no radius, and other packages which we run on pfsense, plus UniFi controller
software for the Wireless Access Points in some of our offices, warehouses.
our Links were congested to start with at 75% link usage and it went to
almost 90%. (which in turn forced him to order another Gig-E drop to everywhere)which in turn forced him to spend LOTS more money on servers to run services on, which
in turn took up more rack space, more man hours to deploy , time to send techs to every
place we have routers in. etc etc.as far as Cisco hardware itself. Works great BUT the incured EXTRA costs every
month surely didnt help is ALREADY crazy amount of money he dropped on cisco
hardware... and then the servers. when he ordered the Cisco routers , he didnt order
ones rated at passing Multi Gig-e worth of traffic.. and that caused problems of its own..
(heard some of the purchases WERENT approved and he ordered this stuff anyways)all in all , management was pissed we had some downtime during the what should
have been a 6 hour maint window per site to cut over (on different days according to when
our utilization was at the lowest) and in some cases it was BEYOND 24 hours....
(boss was shipping hardware that HADNT been config'd to places, and techs didnt realize
what happened until they tried to cut over) , CEO found out what was going on and
they called him in the office and it was game over... think it was the combined mess
that ultimately got him fired.... -
Sounds more like a planning, process, procedure, and MANAGEMENT issue to me.
-
Exactly. Switching significant parts of your network infrastructure is probably going to cause problems no matter what two things you're switching between. You can minimise those problems by careful planning and testing, something it sounds like this guy didn't do (or not carefully enough anyway).
Steve
Oh and this thread probably wouldn't be attracting nearly as much attention had it been titled:
BETA BLOWS ON MY HARDWARE, WANT TO DOWNGRADE ASAPOr even better.
Beta is not working well on my hardware, is it possible to downgrade? ;D
-
Steve, he didnt listen to reason and test in the Lab before deploying…. EVERYONE in the dept is glad he is gone.
things have changed tremendously for the better after he was fired.i could have fixed all the messes with the Cisco hardware . but was easier to cut back over to a system that works and pull the other hardware.
were currently looking at 10GE for places that need more than 1 Gig-E drop. 2 times Gig-E seems to be more expensive than 10GE.
and were looking at which 10GE adapters are supported and work well in FreeBSD and then order and Test extensively in the Lab.
all of our stuff is on Extensively tested Supermicro Xeon servers (2 different models) and have onboard intel nics. unfornately NOT 10GE.back to the subject... Downgrade... just backup your config and reinstall... takes me all of about 10 minutes to
have a working system from the time the CD goes in the drive til i have a working config. -
Here is the output finally from that command:
rl0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
options=3808 <vlan_mtu,wol_ucast,wol_mcast,wol_magic>ether 00:04:e2:06:65:1d
inet6 fe80::204:e2ff:fe06:651d%rl0 prefixlen 64 scopeid 0x7
nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
rl1: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
options=3808 <vlan_mtu,wol_ucast,wol_mcast,wol_magic>ether 00:04:e2:06:65:1d
inet6 fe80::2e0:29ff:fe94:cb6a%rl1 prefixlen 64 scopeid 0x8
nd6 options=3 <performnud,accept_rtadv>media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
re0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
options=209b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic>ether d8:5d:4c:d0:74:c9
inet6 fe80::da5d:4cff:fed0:74c9%re0 prefixlen 64 scopeid 0x9
inet 75.157.237.26 netmask 0xffffff00 broadcast 75.157.237.255
nd6 options=1 <performnud>media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
re1: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
options=209b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic>ether d8:5d:4c:d0:76:ad
inet6 fe80::da5d:4cff:fed0:76ad%re1 prefixlen 64 scopeid 0xa
nd6 options=1 <performnud>media: Ethernet autoselect (none)
status: no carrier
fxp0: flags=8802 <broadcast,simplex,multicast>metric 0 mtu 1500
options=4219b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,tso4,wol_magic,vlan_hwtso>ether 00:07:e9:bc:61:42
media: Ethernet autoselect (none)
status: no carrier
enc0: flags=0<> metric 0 mtu 1536
pfsync0: flags=0<> metric 0 mtu 1460
syncpeer: 224.0.0.240 maxupd: 128 syncok: 1
lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384
options=3 <rxcsum,txcsum>inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0xe
nd6 options=3 <performnud,accept_rtadv>pflog0: flags=100 <promisc>metric 0 mtu 33200
lagg0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
options=3808 <vlan_mtu,wol_ucast,wol_mcast,wol_magic>ether 00:04:e2:06:65:1d
inet6 fe80::204:e2ff:fe06:651d%lagg0 prefixlen 64 scopeid 0x10
inet 192.168.25.17 netmask 0xfffffc00 broadcast 192.168.27.255
nd6 options=1 <performnud>media: Ethernet autoselect
status: active
laggproto lacp
laggport: rl1 flags=1c <active,collecting,distributing>laggport: rl0 flags=1c <active,collecting,distributing>poes10: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500
poes11: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500
poes12: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500
poes13: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500
poes14: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500
poes15: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500
poes16: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500
poes17: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500
poes18: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500
poes19: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500
poes110: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500
poes111: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500
poes112: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500
poes113: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500
poes114: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500
poes115: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500
poes116: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500
poes117: flags=8890 <pointopoint,noarp,simplex,multicast>metric 0 mtu 1500Thank you for your help!</pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></pointopoint,noarp,simplex,multicast></active,collecting,distributing></active,collecting,distributing></performnud></vlan_mtu,wol_ucast,wol_mcast,wol_magic></up,broadcast,running,simplex,multicast></promisc></performnud,accept_rtadv></rxcsum,txcsum></up,loopback,running,multicast></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,tso4,wol_magic,vlan_hwtso></broadcast,simplex,multicast></performnud></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic></up,broadcast,running,simplex,multicast></full-duplex></performnud></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic></up,broadcast,running,simplex,multicast></full-duplex></performnud,accept_rtadv></vlan_mtu,wol_ucast,wol_mcast,wol_magic></up,broadcast,running,simplex,multicast></full-duplex></performnud,accept_rtadv></vlan_mtu,wol_ucast,wol_mcast,wol_magic></up,broadcast,running,simplex,multicast>
-
BUMP
Any ideas?
-
Nothing jumps out. You are running quite a few PPPoE connections though, it's possible you are testing this further than other users.
Unfortunately your ifconfig output is so long it has obscured the output of /etc/rc.banner. If you could run just that part and paste the output here that might show something.Steve
