To 2.5.0 or not ? that is the question :)
-
This post is deleted! -
@bmeeks Many thanks, we are using Netgate hardware but we already try to install packages from a 2.4.5-RELEASE-p1, never updated one, and the package manager just gives us, and the premium support doesn't have the right response yet, we can not just upgrade all of our production devices without any tests, but any device with the version 2.4.5-p1 or older are not able to download or install packages via the package manager.
-
This post is deleted! -
None of my static routes are active in my routing table after upgrading. I tried disabling and re-enabling to no avail.
-
This post is deleted! -
@juanpadiaz said in To 2.5.0 or not ? that is the question :):
@bmeeks Many thanks, we are using Netgate hardware but we already try to install packages from a 2.4.5-RELEASE-p1, never updated one, and the package manager just gives us, and the premium support doesn't have the right response yet, we can not just upgrade all of our production devices without any tests, but any device with the version 2.4.5-p1 or older are not able to download or install packages via the package manager.
The translation to English is a bit confusing to me, so please forgive me asking additional questions. So are you saying you have a pfSense-2.4.5_p1 box that you never attempted to update anything on, and you went first to the Update Settings page and changed the drop-down there to "Previous Stable Version (2.4.5 deprecated)" and saved that change? Then you go to SYSTEM > PACKAGES and can't do anything? Or did you first go to SYSTEM > PACKAGES and attempt to install a package BEFORE you changed the Update Settings value in the drop-down? The sequence is critical. If you attempted to install or update a package before you changed the
pkgutility on your firewall to reference the "Previous Stable Version (2.4.5 deprecated)", then that would have immediately installed an updatedpkgbinary on your 2.4.5 firewall, but from the 2.5 (or 21.02) new pfSense repository. That newerpkgutility can't work on 2.4.5_p1. That can cause the issue you are seeing.Go check out this thread: https://forum.netgate.com/topic/160989/upgrade-packages-on-2-4-5-p1/6 and see if the solution there helps you.
-
@bmeeks Not a problem bmeeks, first devices with 2.4.5_p1 on production cant download or install packages from the package manager, i mean devices with any pfsense version upgrade I have many of them, these problem is a pretty big problem because that means that I can not add any functionality o feature to that device
The only solution to have the package manager back on business is to upgrade to 20.02 but, obviously and as @jwj says is not the more inteligent thing to do to just upgrade in a production environment
-
This post is deleted! -
This post is deleted! -
@juanpadiaz said in To 2.5.0 or not ? that is the question :):
@bmeeks Not a problem bmeeks, first devices with 2.4.5_p1 on production cant download or install packages from the package manager, i mean devices with any pfsense version upgrade I have many of them, these problem is a pretty big problem because that means that I can not add any functionality o feature to that device
The only solution to have the package manager back on business is to upgrade to 20.02 but, obviously and as @jwj says is not the more inteligent thing to do to just upgrade in a production environment
But I still need to know if you went to SYSTEM > UPDATE SETTINGS and changed the pfSense repository version to "Previous Stable Version (2.4.5 deprecated)". That is very critical! And you must have done that before trying to install or update any packages.
Changing that setting works on Community Edition (CE) pfSense. I assume it works in pfSense+ (the old Factory Edition), but I'm not 100% positive.
-
@bmeeks excellent many thanks, let me try that
-
@juanpadiaz said in To 2.5.0 or not ? that is the question :):
@bmeeks excellent many thanks, let me try that
But if you did not change that setting first, and attempted any package install or upgrade, then it would have corrupted the
pkgutility on your firewall so it will no longer function under 2.4.5. I'm wondering if that is what has happened to you as the screenshot you posted of "Please wait ....." would only happen if thepkgutility got corrupted. Or that is the most likely cause of that error. -
edit- This post was actually meant as a reply to the OP and in general. Not to you Juan..
Please read the "upgrade notes" about half way down on this page before trying to upgrade to 2.5
https://www.netgate.com/blog/pfsense-plus-21-02-release-and-pfsense-ce-2-5-0-release-now-available.html
We have only 14 boxes out there ourselves and only one had issues OpenVPN config related.. With only 14 boxes we still have a test box in a lab setting to run things on first before any major upgrades. Kinda surprises me that people with more units out there than we do choose not to test first.. But I digress.
-
@bmeeks Many thanks, the package manager back to work!
-
This post is deleted! -
@juanpadiaz said in To 2.5.0 or not ? that is the question :):
@bmeeks Many thanks, the package manager back to work!
Great!
-
This post is deleted! -
Success.
Definitely listen to jwj wise words...have backout plans...have backups...have the stuff handy. I do the same with hardware that costs 10s of thousands more...and can't count how many times that wildly expensive edge or core hardware has needed rework.
So I've been vigorously testing things on the development branch for a few months. Obviously just like everybody else, I can't test all configurations and setups, but I've had good success.
A while back there was a small issue with existing zfs setups (2.4.5 on zfs) being updated via usb/image and erring out with trying to load 2.5.x.rc with zfs. This was resolved. Did extra installs from 2.4.5 > 2.5.0 with existing zfs and ufs just fine. Also did a couple online webconfig initiated updates along the way and those were always fine.
For some reason if your temperature/cpu/update widgets aren't working on the main page; they work now when you turn on the state table size display. Not ideal but clearly not a breaking event and has a valid workaround. I believe by default the state table is shown, so 99.99% of people wouldn't even notice this until they got deep into tweaking the page config.
Packages that I use auto installed just fine after being fed the backup config.
Had a small issue on one install where I couldn't log into the web configurator after a fresh install. Super annoying. Console output said good login...but the login page wasn't going through. This was resolved after resetting all the stuff and using https. I think for the dummy setup I was doing I told it to use http instead, and that there was some small issue where the webconfigurator wasn't passing along to the config pages.
There is a package available for installing realtek drivers for those that have been suffering with that hardware. Seems easy enough, and more importantly seems more stable than previous - also haven't dropped gateway, no dpinger issues, and no unbound issues since testing the realtek driver.
pkg install realtek-re-kmod echo 'if_re_load="YES"' >> /boot/loader.conf.local reboot...winning...Test with
dmesg | grep re0Should say something about Realtek ... and leave out the alphabet soup that the previous driver said.. and show a version: 1.96.04 or something. Default driver doesn't state a version line.
To summarize...I've tested and tried to break a lot of things. It is ready.
It isn't perfect...but nothing ever is. If one finds some sort of serious breaking fault or a scenario that you feel has not been conceived of properly and planned for - you are gladly invited to help testing the development releases to make the next one even better. -
@seamonkey said in To 2.5.0 or not ? that is the question :):
None of my static routes are active in my routing table after upgrading. I tried disabling and re-enabling to no avail.
UPDATE: I was able to get my static routes to show up in the routing table by going to Diagnostics:Tables:negate_networks and emptying the table. Unfortunately, I'm still unable to ping anything on the other side of my site-to-site VPN.
-
I have updated to 2.5.0 and relayd is broken.
So if you rely on this wait a little bit with the update.
