2.0.1 to 2.3.4-p1 update path
-
Hello,
I have a firewall deployed in a DC colo cabinet running:
Version 2.0.1-RELEASE (i386)
built on Mon Dec 12 19:00:03 EST 2011
FreeBSD 8.1-RELEASE-p6Platform nanobsd (4g)
NanoBSD Boot Slice pfsense0 / ad0s1
CPU Type Geode(TM) Integrated Processor by AMD PCS ALIX.2and identical spare kit in the office with me.
My plan is to:
- export the config of the remote fw to a file
- do a fresh install of pfSense 2.3.4-p1 (AFAIK the hardware doesn't support 2.4) on the spare kit
- import config from the file
- take it to the DC colo cabinet and swap the devices over
Is it the best approach or is it e.g. safer to install 2.0.1 first, import the config and then perform / test an upgrade to 2.3.4-p1?
It's quite a big leap (6 years to cover including BSD version) so maybe a stage update in between is required?Please advise.
Thanks
Adam -
Importing the config in a clean install should have the highest succes-rate.
Beware that numerous packages have been discontinued since 2.0.1
-
Thanks heper.
Nothing is showing under "installed packages" and only dnsmasq and ntpd listed under services.
Anything else to watch out for? -
You can start reading upgrade guides for all previous releases.
Since you have a spare machine, I'd just try it & see if it works
-
I think the easiest way would be downloading pfSense image file.
Then copying to the 4GB compact flash card (with dd) and sticking it inside the ALIX.2 device.
Where can I download the latest suitable image from? -
With no packages you can probably just upgrade that straight.
But if you are going to update the hardware (as you should) you can try it 1000 times on the test bench first if necessary.
I would not do that evolution without updating hardware but that might just be me.
-
I am planning to upgrade the hardware fairly soon but don't have enough time before this scheduled DC visit to do that.
This big project involves replacement of all ALIX.2 devices (there are a few) with something much more powerful, supporting gigabit Ethernet and pfSense 2.4+I thought I might as well use this DC trip as an opportunity to swap 2.0.1 device with 2.3.4-p1 (same config).
Setting this up shouldn't take me more than a few hours and it will still be a big improvement.
If something goes wrong then I will just plug the old 2.0.1 device back in.So, where to get an image for a 4GB CF card from? :)
-
I guess I can download 2.2.5 from here:
https://www.yawarra.com.au/support/operating-system-images/pfsense-downloads/
and upgrade the he latest online.
Can this source be trusted?
-
Can this source be trusted?
Just use the official archive: https://atxfiles.pfsense.org/mirror/downloads/old/
-
Thank you for the useful info.
I believe I have now a device ready for a hot swap.
What I've done was:
- downloaded pfSense-CE-2.3.4-RELEASE-4g-i386-nanobsd.img from https://atxfiles.pfsense.org/mirror/downloads/old/
- written it to 4GB CF card using http://sourceforge.net/projects/win32diskimager/
- exported config from the old remote 2.0.1 device via web GUI
- renamed the file to config.xml and copied via USB stick to /cf/conf/ on the new 2.3.4 device
- restarted 2.3.4 and it appears to successfully embed the new config (viewed from serial console).
That's probably as much as I can do before making a trip to the DC and swapping devices.
Could somebody take a quick look at the boot log and point out any potential problems (if any)?
I have replaced real DNS names and IP/MAC addresses with dummy ones but it shouldn't alter the original concept.
Thanks
Adam
