To 2.5.0 or not ? that is the question :)
-
/usr/local/etc/rc.d/frr restart all Checking intergrated config... Checking vtysh.conf line 37: % Unknown command[4]: address-family ipv4 unicast line 38: % Unknown command[4]: network <ip>.64.0/20 line 39: % Unknown command[4]: neighbor <ip>.16.1 activate line 40: % Unknown command[4]: neighbor <ip>.16.17 activate line 41: % Unknown command[4]: neighbor <ip>.16.29 activate line 42: % Unknown command[4]: neighbor <ip>.16.1 send-community both line 43: % Unknown command[4]: neighbor <ip>.16.1 next-hop-self line 44: % Unknown command[4]: neighbor <ip>.16.1 soft-reconfiguration inbound line 45: % Unknown command[4]: neighbor <ip>.16.1 route-map Site_Kref_Primary_RMAP in line 46: % Unknown command[4]: neighbor <ip>.16.1 addpath-tx-bestpath-per-AS line 47: % Unknown command[4]: neighbor <ip>.16.17 send-community both line 48: % Unknown command[4]: neighbor <ip>.16.17 next-hop-self line 49: % Unknown command[4]: neighbor <ip>.16.17 route-map HDC-LOCAL-PREF80 in line 50: % Unknown command[4]: neighbor <ip>.16.29 send-community both line 51: % Unknown command[4]: neighbor <ip>.16.29 next-hop-self line 52: % Unknown command[4]: neighbor <ip>.16.29 route-map HDC-LOCAL-PREF90 in line 53: % Unknown command[4]: exit-address-family FAILED
If somebody is using FRR for BGP be carefull - Zebra and BGPd won't come up and your network is fried if you rely on it. Thanks to virtualization and snapshot it's possible to minimize damage.
-
I'm waiting for 2.5.1.
I've been on 2.4.5 for so long, I can wait a little longer for the big issues to be discovered and fixed. It's about uptime and reliability right?
Anyway, I do understand why people (including myself) want to play with the new shiny 2.5.0 toy.
-
@trony
If you have only one router with pfSense then itโs better to wait until itโs tried and tested. Hence the reason I upgraded the spare router to test it. -
@trony said in To 2.5.0 or not ? that is the question :):
I'm waiting for 2.5.1.
I've been on 2.4.5 for so long, I can wait a little longer for the big issues to be discovered and fixed. It's about uptime and reliability right?
Anyway, I do understand why people (including myself) want to play with the new shiny 2.5.0 toy.
Wonder if devel guys saw any feedback from this community warranting releasing 2.5.1 soon.
Maybe @johnpoz knows ?
-
I have seen nothing mentioned.. But I did see some redmine in about something unbound maybe if your registering dhcp, and mention of fixing the widget for QAT..
But not sure if such things would warrant 2.5.1, maybe a 2.5.0p1 or something
While I have seen some issues with ipsec reported.. I updated my sg4860 and not seeing any problems at all.. Running haproxy, openvpn both server and client. I got wireguard up and running for my iphone in a few minutes.. Everything seems to be working from what I can tell.
Not seeing any issues.. I had some problem trying to migrate to zfs vs ufs during the install. But prob something stupid I was doing trying to load the previous config during install? I will re-address that at a later time. Prob this weekend.
Keep in mind - I am sure there are thousands and 100's of thousands of pfsense installs out there. If not million(s).. Would expect the vast majority of every upgraded with zero issues..
You always see the reports of one offs.. Someone with odd hardware, odd configs, etc.
With any upgrade of this nature.. Make sure you have your plan in order, backup of your config and install media and even if the worse things happens.. You can be up and running again in a few minutes.
This is a major update.. The whole freebsd base was updated.. Many many new things and changes.. If want to wait - sure wait.. Its been a long wait for 2.5.. A few more days or weeks isn't going to matter.. Not like 2.4.5p1 stops working tomorrow ;)
But if your waiting for .1 or p1 or something like that - that could be awhile.. But sure there are many a company out there that will not update OS until service pack 1 has been released ;)
As with all the previous upgrades - many of them very major in nature.. The pfsense/netgate team has done some amazing work..
edit: I still have some devices on 2.4.4p3.. They are remote offices, and nobody there - and since they are production. Its not worth risk, even if very small of trying to upgrade them while nobody is there to recover if the something goes wrong..
-
@johnpoz said in To 2.5.0 or not ? that is the question :):
a 2.5.0p1 or something
I did mean "a 2.5.0p1 or something" :)
Thanks for detail reply !
The purpose of my initial question was to help all
concerned parties
to avoid dramatic outcomes from uninformed decisions (including myself) -
Its never a good idea to upgrade such a system without some thought to it..
Even if not a "production" system in a corporation or business.. It quite often is your connection to the internet.. If that breaks in any way - it can have all kinds of consequences.. Even if that is just your significant other or kids screaming at you that netflix is not freaking working ;)
I pulled the trigger last night vs waiting til early morning (wife not up yet time frame)... And while playing with trying to get zfs working - I got that - hey you doing something with the internet yell ;)
So I just did UFS and was backup in a few minutes..
-
This post is deleted! -
This post is deleted! -
This post is deleted! -
This post is deleted! -
This post is deleted! -
This post is deleted! -
This post is deleted! -
@johnpoz said in To 2.5.0 or not ? that is the question :):
I pulled the trigger last night vs waiting til early morning (wife not up yet time frame)... And while playing with trying to get zfs working - I got that - hey you doing something with the internet yell ;)
LOL. I know exactly what you are talking about. Been there too many times.
-
This post is deleted! -
This post is deleted! -
This post is deleted! -
We have had a very bad experience with the update to version 2.5 or 21.02 as it appears on the dashboard, and this has more to do with support for previous versions, I have more than 100 devices running on version 2.4.5-RELEASE -p1 and none of these allow me to update or install packages from the package manager
-
This post is deleted!