Announcing pfSense plus
-
@jeremy11one Would love to know your thoughts around that.
-
That is really up to how the project progresses itself, separate and distinct from Netgate - which is a company with its own products. If the community chooses to progress feature set, testing, documentation, and release packaging, there will obviously be progression beyond Release 2.5. Netgate will continue to participate both as a community member, and as project steward.
That wording really sounds like pfsense CE could just die off.. I don't like that wording at all.. And prob going to throw up the most red flags to the community at large..
-
@dennis_s said in Announcing pfSense plus:
@jeremy11one Would love to know your thoughts around that.
I use pfSense at home on a 3rd party machine, at church on 3rd party, and at work with 2 official Netgate devices. I really appreciate what Netgate has done with the project and think they've improved the world with their donations to open source pfSense.
The first Q&A I referenced sounds like pfSense CE will depend on community developers going forward. Netgate wrote that future "releases" and "progression" will happen "if the community chooses to progress" "separate from Netgate". It kind of contradicts what Netgate wrote in several other places, so maybe the answer to that Q was just not written as clearly as intended. If it's true though, we all know how it goes with most open source projects when their primary developers leave - the projects die. Netgate is 100% entitled to earn profits and they have no obligation to continue donating to pfSense as they used to, but it's still sad that the biggest contributors to pfSense are hinting that they're moving on.
As to the closed source QA, I think many IT people would agree that being open source is important for security products. So upgrading to the new Plus version to get its benefits is tempting, but so is staying with the old CE and hoping that some other organization picks it up to carry the torch for a while like Netgate used to.
Again, I'm not complaining. I'm just pointing out these QAs on the Netgate FAQ that jumped out at me when I read them. Those things are more clear on the FAQ than on the press release.
-
@johnpoz said in Announcing pfSense plus:
That is really up to how the project progresses itself, separate and distinct from Netgate - which is a company with its own products. If the community chooses to progress feature set, testing, documentation, and release packaging, there will obviously be progression beyond Release 2.5. Netgate will continue to participate both as a community member, and as project steward.
That wording really sounds like pfsense CE could just die off.. I don't like that wording at all.. And prob going to throw up the most red flags to the community at large..
Exactly. The wording definitely looks like Netgate is leaving all future progression of open source pfSense, its features, testing, documentation, and release packing up to the community after 2.5. Though I realize several of the other FAQs hinted otherwise, that Netgate would at least do bug fixes and things in CE and would only move the majority of their effort to Plus. Which still isn't great for the future of CE, but it's better than nothing.
-
@jeremy11one
unfortunately, for me it look like to the same.We support pfSense/Netgate with the gold membership years ago, use it on our own hardware and buy Netgate appliances.
@dennis_s
it would be great to see the gold membership back to support an CE edition! -
@johnpoz said in Announcing pfSense plus:
That wording really sounds like pfsense CE could just die off.. I don't like that wording at all.. And prob going to throw up the most red flags to the community at large..
I agree! Sounds like "either community takes over the job or it will die slowly when no new updates from Plus will get downported".
-
Will try to address this the best I can
As stated in the blog we will continue to provide updates to CE around security vulnerability protection, FreeBSD related updates, common code, etc. So pfSense users are free to stay on pfSense CE, particularly if they place a premium on openness.
At the same time, our customers are asking for newer, greater value. We will deliver. But, through a Netgate product, with Netgate value-add meant for Netgate customers. In addition, we will also provide this value to home and lab users at no cost. As everyone knows, it's certainly not free for us to build products. We think a value-exchange is fair.
While no one is forced to become a customer, we do welcome all who choose to become one.
-
@dennis_s said in Announcing pfSense plus:
As stated in the blog we will continue to provide updates to CE around security vulnerability protection, FreeBSD related updates, common code, etc. So pfSense users are free to stay on pfSense CE, particularly if they place a premium on openness.
I think the main point that you'll get measured by people is: If you are still driving updates on CE (or backport them from Plus) or if the OSS variant will get a slow silent death. Additionally so, as there was almost no real "outside" developers that are that deep into pfSense CE codebase/building that "community" could even take over (in my understanding at least).
Many projects (initially at least) got a commercial "step-brother". Nagios or others hop in mind, where "of course, OSS variant was still there" but the main development was into the paying Nagios3 enterprise product and the free core got almost no love for quite a long time until the community break-off with Icinga did happen. I think that's the point where all of us are looking how you will progress further after 2.5 (and 2.6). Because no one wants another fork or split of communities :)
-
@dennis_s said in Announcing pfSense plus:
We think a value-exchange is fair.
Agreed.
Some people will be happy with the closed source version, others will be happy with a free feature-limited open source version. But some people would be willing to pay to get the best of both worlds: a product that is full-featured and open source. But Netgate is not offering that product so those people will be forced to find it elsewhere. I think this is the end of something and the beginning of something else. -
@jeremy11one said in Announcing pfSense plus:
But some people would be willing to pay to get the best of both worlds: a product that is full-featured and open source.
Ah missed that one in my answer above. Yes, that's exactly one point. As last year was quite a happening in terms of cyber security if we look at things like Citrix fails, Fortigate, etc. etc. a main point in having such a strong (selling) base for pfSense IS the OSS point. Otherwise it's just another "closed source enterprise product" for many of those, that want to switch. May it be as good as it is.
-
I think maybe it could just be worded a bit differently.. From reading that - it does sound like CE could just die..
I really didn't get that impression from our talk, but the wording of that does not sound good for future of CE.. Just my take on it, and seems a few others as well.
I really don't have concern personally, because I don't really plan on not having a netgate appliance ;) I love my 4860 and can't really see not just buying whatever current model is out when it reaches end of life. So + is fine with me, and I don't have a personal issue with closed source either. Not like I ever compiled pfsense on my own ;) Closest I came is when compiled dhcp client from freebsd with change for hop count (TTL) and provided that to users that were having a problem. After bug report was filed with freebsd by me.
And from my take, and you can run pfsense + on your own hardware with home/lab license sort of thing.. But the wording in the faq kind of screams the end of anything new for CE.. But from our talk - took it that stuff would be ported to CE from FE..
-
I might get vilified for saying these things, so be it.
I am going to give credit to Netgate for being honest today. They haven’t tried to talk circles around what is going on. The CE edition is not going to be a priority for them after v2.5. That's just the way it is.
I’m not Richard Stallman, I’m not a FOSS purist. I use pfSense at home. It works very well for my purposes. I’ve learned a lot by both trying things until it’s not broken and from those much more experienced than I on the forum. It’s been a very positive experience. I expect that I will continue to use and learn while using the plus version. This will have very little real impact on me.
Look, I’m just a guy who uses this at home. If pfSense vanished next week I’d be just fine, a little disappointed maybe. I don’t have any skin in this game and I’m not inclined to be critical of Netgate for making the business decisions they feel are best for their business and their customers.
-
Actually, this sounds great. I had been thinking about this mainly for guys, such as, BBCAN177 and BMeeks.
-
@dennis_s said in Announcing pfSense plus:
We think a value-exchange is fair.
100% ACK
That's why I'm asking for the gold membership again.
Open Source is in one oft the best benefits of pfSense. -
Personally I find it sad that pfSense CE and the paid options are going to diverge re. their code bases, because that means that people that otherwise would contribute with fixes etc. (because of the openness of the source code) now will feel less enthusiastic about contributing.
How can I say state that? Well I have previously contributed fixes etc. for dhcpv6 - primary for handling leases in the GUI. I must say that this really feels like a downer to me.Does the management think that closing the source code on new development will put more trust into the product seen from the perspective of the users?
Now, seen from the outside, it will become easier for 3 and 4 letter organisations to get code pushed into the product.
How will you convince users that they can keep investing time into using pfSense regardless if they consider using CE, the paid options or contributing code fixes etc. when they are less likely to be allowed to browse the (up-to-date) source code? -
While this seems to be focused on Netgate's appliances, will it cover the whole line, including the SG-1100?
-
@mlines said in Announcing pfSense plus:
While this seems to be focused on Netgate's appliances, will it cover the whole line, including the SG-1100?
In addiction to this question, how is going to be releases once netgate hardware is EOL?
-
@mcury said in Announcing pfSense plus:
@mlines said in Announcing pfSense plus:
While this seems to be focused on Netgate's appliances, will it cover the whole line, including the SG-1100?
In addiction to this question, how is going to be releases once netgate hardware is EOL?
I meant, in addition to the question, for an unknown reason I can't edit the previous post.
-
@mlines Yes the SG-1100 will be included.
-
@mcury From what I understand right now you should be able to get pfSense plus on all Netgate appliances. Keep an eye on our product lifecycle page for more info later on how it works with EOL appliances.