Are there major issues in the 2.5.0 nightlies currently(Sept2020)?
I was trying TLS 1.3 on HAProxy but I got a huge list of what would be disabled instead. Here in the forum I found that I need 2.5.0 for that. I tried it around March and it was good but sort of quirky.
Could there be like a modular pfSense in the future? I know it is now, but I mean like further isolated, containerized or, since it's FreeBSD: jailed. Like Fedora ostree, I think it's called, the one that you can take in and out things and re-base the system underneath the app above. That's so cool. And now I forgot why I was here...Is it 2.5.0 OK? The FreeBSD 12 warning is taunting me a little.
️ 🧩
Currently it's not a good idea because they just switched to 12.2 branch and there are some serious bugs that are not yet fixed and some old bugs also still present...
We rarely if ever recommend using development snapshots for the next branch in production, so whatever you end up deciding, be sure to test it first before making it live.
I'm not aware of anything too broken right at the moment but we did make quite a few changes at the end of last week to resolve some stability problems people had before. There are still several areas which are a work in progress as well.
Check the list of open issues on Redmine and try it in a lab. If it works for you, it should keep working, but honestly if you need more up-to-date features for a package like HAProxy you probably shouldn't be running it on the firewall anyhow.
I cloned the firewalland converted the old one into a VM template so I don't accidentally do anything to it and upgraded the clone to skip setup. So far so good. I haven't tested HAProxy yet because I'm attempting a separate deployment as you suggested. It won't beat pfSense's UI for HAProxy though.
I noticed this bug, I think, about routed IP locking VTI interfaces but it's on 2.4.5p1 as well, so I guess it's irrelevant.
I will check Redmine, I forget it's there. FWIW there weren't any issues with the new FreeBSD bc of the hypervisor, I have seen them in FreeBSD 11 though, I have this machine that will not go in an endless loop a little after the FreeBSD's user/multiuser selection, but with a hypervisor it, or rather being a hypervisor, it starts fine. :) When this happens I've noticed that even ESXi becomes selective when will it start (installer's disk format, BIOS vs EFI, enabled CPU features...) but after it bootss whatever was locking up the diskless machine is cleared and all OS installers will boot again.
Thanks guys!
I'm using it at home with Haproxy-devel and it works without any major problem, the only problem is maybe traffic shaper, last time i tried it it didn't work
I didn't find issues at all, I'm not using traffic shapers or any super advanced feature. I think.
In the end I sort of panicked and restored the official version just for peace of mind. I think it might be ready to go, at least in VMs.