Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Mountroot issues after 2.2 upgrade

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    48 Posts 15 Posters 13.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R Offline
      reqlez
      last edited by

      Can somebody change this title ? promotes negative vibes … everybody knows that if you install a product that was released YESTERDAY even if it is in "RELEASE" status issues can occur because an internal "test" cannot beat hundreds of users installing and breaking things :)

      How about renaming title to "mountroot issues after 2.2 upgrade"

      But just for the record ... what were the model / hardware configuration of your other systems that bricked ? were they installed on SD cards, CF cards, SSD ?? ... what storage ? I have seen mountroot issues unless you added a "delay" in the booting process, especially for usb connected media.

      1 Reply Last reply Reply Quote 0
      • marcellocM Offline
        marcelloc
        last edited by

        Looks like xen vm but it's on release note. "run this before update"…

        And you should never update anything without testing or backup first.

        Treinamentos de Elite: http://sys-squad.com

        Help a community developer! ;D

        1 Reply Last reply Reply Quote 0
        • R Offline
          reqlez
          last edited by

          Okay … this line here: vfs.root.mountfrom=ufs:/dev/ad6s1a

          As far as i remember, the newer versions of FreeBSD use ada0, ada1, etc for SATA and da0, da1, etc for USB or SAS HBA cards, etc.

          1 Reply Last reply Reply Quote 0
          • marcellocM Offline
            marcelloc
            last edited by

            @reqlez:

            How about renaming title to "mountroot issues after 2.2 upgrade"

            +1

            Treinamentos de Elite: http://sys-squad.com

            Help a community developer! ;D

            1 Reply Last reply Reply Quote 0
            • R Offline
              reqlez
              last edited by

              same issue here: https://forum.pfsense.org/index.php?topic=87330.0

              It's either naming or you need to introduce a delay … i'm assuming...

              1 Reply Last reply Reply Quote 0
              • E Offline
                edmund
                last edited by

                I upgraded two systems today, both via the autoupgrade.  One is a little nanoBSD box at home and the other is the main firewall at work - running on a Dell.  Both upgrades were flawless with no problems - both boxes support a pair of WAN interfaces with LAN, Wi-Fi, SIP, and a VPN and custom rules.

                I read through the upgrade notes before performing the upgrades - and uninstalled all packages prior to running the autoupgrade and made backups of the configurations.  Uninstalling the packages is something that I have not done in the past and it definitely made the whole process much quicker than past upgrades.

                1 Reply Last reply Reply Quote 0
                • marcellocM Offline
                  marcelloc
                  last edited by

                  @edmund:

                  Uninstalling the packages is something that I have not done in the past and it definitely made the whole process much quicker than past upgrades.

                  +1. This is the way I do upgrades since a while.

                  Treinamentos de Elite: http://sys-squad.com

                  Help a community developer! ;D

                  1 Reply Last reply Reply Quote 0
                  • K Offline
                    kejianshi
                    last edited by

                    4 servers updated so far and all switched to unbound - 0 problems so far.  2 in ESXi and 2 physical.

                    1 Reply Last reply Reply Quote 0
                    • C Offline
                      cheuk3
                      last edited by

                      @edmund:

                      I upgraded two systems today, both via the autoupgrade.  One is a little nanoBSD box at home and the other is the main firewall at work - running on a Dell.  Both upgrades were flawless with no problems - both boxes support a pair of WAN interfaces with LAN, Wi-Fi, SIP, and a VPN and custom rules.

                      I read through the upgrade notes before performing the upgrades - and uninstalled all packages prior to running the autoupgrade and made backups of the configurations.  Uninstalling the packages is something that I have not done in the past and it definitely made the whole process much quicker than past upgrades.

                      so uninstall the package first and then use autoupgrade and import the package backup config after?

                      1 Reply Last reply Reply Quote 0
                      • K Offline
                        kejianshi
                        last edited by

                        Thats what I did with the VMs running on GB connection with lots of packages.

                        1 Reply Last reply Reply Quote 0
                        • C Offline
                          cheuk3
                          last edited by

                          @kejianshi:

                          Thats what I did with the VMs running on GB connection with lots of packages.

                          how did you backup the package? or just import the anything after autoupgraded?

                          1 Reply Last reply Reply Quote 0
                          • W Offline
                            wbennett77
                            last edited by

                            @kejianshi:

                            4 servers updated so far and all switched to unbound - 0 problems so far.  2 in ESXi and 2 physical.

                            Upgraded with no issues as well. Is the switch to unbound automatic?

                            Cheers!

                            Dell Optiplex 390 Pfsense 2.2 / Asus AC56U Wireless AP / Asus Switch

                            1 Reply Last reply Reply Quote 0
                            • E Offline
                              exograpix
                              last edited by

                              What are you using for web filtering, squidguard not able to install

                              1 Reply Last reply Reply Quote 0
                              • K Offline
                                kejianshi
                                last edited by

                                Nope - I sort of wish it was.  Its no big deal to switch though.  1 minute?  Maybe 2?

                                1 Reply Last reply Reply Quote 0
                                • W Offline
                                  wbennett77
                                  last edited by

                                  @kejianshi:

                                  Nope - I sort of wish it was.  Its no big deal to switch though.  1 minute?  Maybe 2?

                                  Sorry for the newbie question but could you please explain the steps? Thanks!

                                  Dell Optiplex 390 Pfsense 2.2 / Asus AC56U Wireless AP / Asus Switch

                                  1 Reply Last reply Reply Quote 0
                                  • K Offline
                                    kejianshi
                                    last edited by

                                    1.  update to pfsense 2.2
                                    2.  go to services > DNS forwarder - un-check " Enable DNS forwarder" then save
                                    3.  go to services > DNS Resolver - check "enable dns resolver" then save

                                    I also enabled DNSSEC,  Register DHCP leases in the DNS Resolver,  Register DHCP static mappings in the DNS Resolver (all optional)

                                    and in the advanced settings TAB I enabled Prefetch Support, Prefetch DNS Key Support  (these should make DNS abit zippier) (also optional)

                                    I considering enabling Harden Glue and Harden DNSSEC data but I'm no sure.  Maybe someone else will chime in.  The POSSIBLE issue I see is that once I turn those on any site on the web that hasn't configured DNS 100% perfectly might just disappear and become unavailable to me even though they aren't spoofing or being spoofed?  Not sure how this will impact my network if I turn them on basically.

                                    Also, I went to system > general setup and deleted all my DNS server IPs from that list. (seems optional)

                                    Then I un-checked "Allow DNS server list to be overridden by DHCP/PPP on WAN" (seems optional)

                                    and I checked "Do not use the DNS Forwarder as a DNS server for the firewall" (seems required)

                                    And clicked save - always click save when you change things.

                                    These changes should take you off the ISP DNS, any public DNS servers and put you on the Internets main root DNS servers with DNSSEC.

                                    At this point, the only issue (not really an issue) is that large well organized very good ISPs may cache alot of content and may also direct you to the very nearest content servers if you are using their DNS, which you will not be.  I'm not too sure how big a performance hit you may take, if any.  Maybe someone else can chime in on that subject?

                                    I haven't noticed anything bad myself.  I have noticed less issues on the physical LAN with windows machines.  They seem to be resolving much faster and more reliably now.

                                    Here in my location, I'm VPNing in and using pfsense DNS over the tunnel and its resolving both IPv4 and IPV6 just fine.

                                    Hope that helps.

                                    1 Reply Last reply Reply Quote 0
                                    • W Offline
                                      wcrowder
                                      last edited by

                                      If pictures help, this is my home config, just set your interfaces and turn off Forwarder and Turn on Resolver. :)

                                      Edited to include: Wpad.dat, and the Advanced options is specific to my setup.

                                      Reslover1.JPG
                                      Reslover1.JPG_thumb
                                      Reslover2.JPG
                                      Reslover2.JPG_thumb

                                      1 Reply Last reply Reply Quote 0
                                      • W Offline
                                        wbennett77
                                        last edited by

                                        Last question (For now LOL), what is/are the advantages/disadvantages of unbound vs the current DNS Forwarder.
                                        Thanks!

                                        Dell Optiplex 390 Pfsense 2.2 / Asus AC56U Wireless AP / Asus Switch

                                        1 Reply Last reply Reply Quote 0
                                        • K Offline
                                          kejianshi
                                          last edited by

                                          Its just generally better, more robust and feature rich. (also more secure)

                                          Unbound is a validating, recursive and caching DNS server.

                                          Dnsmasq is a lightweight, easy to configure DNS forwarder.

                                          So, one is a DNS server and the other in merely a forwarder for other DNS servers.

                                          1 Reply Last reply Reply Quote 0
                                          • W Offline
                                            wbennett77
                                            last edited by

                                            I am only running a home network should I still make the change in your opinion?

                                            Cheers!

                                            Dell Optiplex 390 Pfsense 2.2 / Asus AC56U Wireless AP / Asus Switch

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.