pfSense 2.5 Release Date News
-
Netgate: So I'm assuming that 2.4.5 will be an update to get us off the end-of-life'd FreeBSD with some basic bug fixes so the bigger release of 2.5 can be perfected?
-
-
So, pfSense Santa deemed us good for an update...nice! It would be awesome if Snort inline mode and Suricata 5.01 can work with pfSense 2.4.5 while we wait for version 2.5.
-
I'm not sure 2.4.5 will drop before Xmas as there are quite a few open issues still. Snort in line has pretty much always worked with a new release, though.
-
I would be very much surprised if 2.4.5 released prior to end of January or well into February, let alone before the end of the year. They have been hammering out code all week from what I can see, but not 70 before COB on Friday. Then with Christmas being in the middle of the week and schools being off until January so the kids will be home. I don't see as much progress being made from 12/23/2019 - 1/2/2020 as was made this week.
Then you have testing to make sure all those bug fixes didn't introduce any new bugs and the stability of the near-final product before it will be offered as a stable update path.
I wouldn't hold any breath.
-
I'm making this a separate post, but I wanted to address the fight above in the comments.
Netgate is highly conservative with how much candid detail it provides on progress. So much so, that it isn't until there is sufficient noise and misinformation (i.e.: whining, complaining and bitching with elaborate conspiracy theories) that it finally ticks Jim Pingle off enough that he responds and lays the information smackdown usually laying blame firmly in the lap of FreeBSD's developers. He's not wrong.
Case in point the SG-1100 AES-NI support. That took a TON of noise and misinformation before it was revealed what the hold-up was and I think that one was only half FreeBSD's fault.
Couple that with 2.5.0 being this magical release number that was supposed to destroy the non AES-NI hardware and yes REST API! That magical buzzword that will make a sufficiently high-priced central management solution possible (see tangent 1). Truth is, they are trying to pile 10lbs of features into a 5lb release-cycle and they are trying to get onto FreeBSD 12, but 12.1 is also taking a little extra time to bake in the oven. So yeah, that's also about 40% FreeBSD's fault.
And you have to understand, pfsense is an open source project, that is free from very opinionated individuals that certainly doesn't infuriate certain users and even developers who leave the project to start a fork of their own to be free of said opinionated individuals.
If you want a particular feature, start programming it in yourself and hope that your programming style and personality meshes with the non-opinionated individuals on the pfsense development team.Netgate is a for-profit company that supports the pfsense project out of the kindness of it's heart and you need to accept that unless you pay them $100/year otherwise you need to pay them $300/year for TNSR and then your releases will come out much faster. Think of it this way, it's cheaper than a brand new F5 with 24/7 enterprise support. So count yourself lucky young man.
Tangent 1: They released on a poll on reddit an eon or so ago and their cheapest option was like $5/month/firewall. A vast majority of the replies criticized the price and their response was a very straight forward "then you are too cheap for us, go somewhere else". Not in that many words but the message was clear. This was for the central management system.
-
@PhlMike said in pfSense 2.5 Release Date News:
They have been hammering out code all week from what I can see, but not 70 before COB on Friday.
Note that the number of issues open against 2.4.5 are about 90% (60/68) issues waiting for testing and confirmation of fixes already in place. There are only 4 actual issues remaining to work on, and four release-related tasks (updating release notes, docs, etc). I still doubt it will happen before Christmas, but it's certainly not going to be months.
Edit: As always, if you want to see a release happen faster, then help test issues in the feedback state:
-
I have two rules I strictly follow in these situations. First keeps me from being constantly disappointed or agitated. The second keeps me from appearing privileged.
- If a product doesn't do something now it never will.
- If you jumped on the bus through the back door don't complain about the driver.
-
@jimp said in pfSense 2.5 Release Date News:
@PhlMike said in pfSense 2.5 Release Date News:
They have been hammering out code all week from what I can see, but not 70 before COB on Friday.
Note that the number of issues open against 2.4.5 are about 90% (60/68) issues waiting for testing and confirmation of fixes already in place. There are only 4 actual issues remaining to work on, and four release-related tasks (updating release notes, docs, etc). I still doubt it will happen before Christmas, but it's certainly not going to be months.
Edit: As always, if you want to see a release happen faster, then help test issues in the feedback state:
More than 3 months xD for 2.4.5
So what is the expected date for 2.5?
-
There is no ETA for 2.5.0.
-
@l0rdraiden To get an idea, this is how I determined an estimate for myself...I estimate that FreeBSD 12.1 will be stable somewhere around August where pfSense include it September and 2.5RC October...final release December. If it's earlier than that, alleluia...if itโs later, then I readjust my expectation. I won't have to ask anyone when it's releasing...I already have an idea. Meanwhile, I am enjoying it.
-
I would say 16 months. Looks like in the past 13 months they closed 159 issues, with another 164 to go so add an extra month for those, plus adding two-extra months because I was off two months the last time.
So May 2021. TNSR should be at version 100 by then, though...
But, No need to beat a dead horse. They refused to listen thus far and vehemently oppose our viewpoint. They did a partner survey back in February. I was talking to the other larger netgate parters, we all said the same exact thing. What we hear back? crickets....
-
Even though TNSR is basically Cisco and I know it well from decades of use, until it has OpenVPN (Or Ahem Wireguard, lol), Snort, and the pfSense front end I'm sticking with pfSense. The pfSense front end has totally spoiled me from CLI.
Netgate, you make that happen with TNSR and I'll gladly buy it. :)
-
@Zermus I concur - I have zero need for TNSR, everything I do maxes out at 10 Gb/s and I only run 1 Gb/s internet lines.
I want:
- A real central management platform that I can get fora reasonable price (< $1/firewall/month for 500+ firewalls and/or host myself that can handle 1,000 firewalls+ at under $500/month.
- A web interface on the firewall, preferably HTML5 and some nice python action in the back.
- SSLVPN, Site2Site VPN (not married to IPSEC, SSL S2S will work), pfBlockerNG and Suricata
- Updates on a 3-6 month schedule
- A wall-mount for the SG-3100.
-
Regarding pfSense 3.0, has the roadmap changed since this Reddit post?
https://www.reddit.com/r/networking/comments/6upchy/can_a_bsd_system_replicate_the_performance_of/
I'm doing some googling about potential performance bump in pfsense 3.0 and there seems to be quite lot of noise: VPP, DPDK, netmap or moving to Linux base. Would that basically mean pfsense is gonna be TNSR Lite?
Netgate seems to be very tight-lipped about roadmap, but they have every right to do so.
-
@nva Interesting read, indeed ... really wish pfSense had not drop the original plans for v2.5. Thank you for sharing!
-
@NollipfSense I can understand why they dropped a lot of things for 2.5.0 - particularly the RESETCONF API and AES-NI requirement.
The rebase to FreeBSD 12.x is a pretty big deal. Any software rebase is a big deal. Just look at Ubiquti's EdgeRouters going from 1.x to 2.x rebasing Ubuntu versions. It's a similar thing.
Gall's Law, states that, "A complex system that works is invariably found to have evolved from a simple system that worked". So with pfSense you have a complex system. Change the underpinnings with a rebase is going from "complex system > complex system" and basically flies in the face of Gall's Law. This is why it takes a long time.
You basically have to strip the complexity back, test a massive amount of features, and build the complexity back in. So it's no wonder a lot of "new feature" things were stripped out.
I would really love to see the RESTCONF API (and any reliance on AES-NI is fine), after 2.5.x series is out in the wild and solid. Perhaps a 2.6 feature.
-
Redmine has the 2.5.0 currently at 90%, which is encouraging.
https://redmine.pfsense.org/projects/pfsense/roadmap -
Yeah it's amazing how fast 2.5 is coming, but I think they've been working on it on the back burner over the last few 2.4 releases.
-
I predicted 16 months in April with 3 month padding. They still have 13 features, 4 To-Dos plus the 66 bugs. However, in the past 6 months they have exhibited a 10.6% increase in productivity.
If that sustains, we could see a release in May/June 2021. Otherwise I still think with the Holidays around the corner that August 2021 is more likely.
What would the Vegas odds be on that? I don't gamble but I used to use insane amounts of math to cheat at fantasy football.
