WireGuard in pfSense 2.5 Performance
-
https://lists.zx2c4.com/pipermail/wireguard/2021-March/006499.html
JFC, this is not shaping up to be professional conversation and collaboration. Netgate/pfSense I am so disappointed... Argh...
-
This post is deleted! -
@kom why feel bad for netgate?
netgate decided to spend money on one of their products & got a working "thingy" as a result ... netgate's goal has been meta month later someone else claims they'll supply an even better "thingy" for free.
this doesn't even matter to netgate because the decision to spend money on "thingy" is in the past. the money is gonewhat does matter:
we get a shit-throwing competition on reddit / phoronix & a mailing list
all this for FREE ... opensource entertainment at it's finest -
@heper It seems that Netgate should have coordinated with Jason D. and perhaps get his input on the patches they planned to submit, then this could have been avoided.
-
Netgate is being completely trashed in the comments of the Ars article. It seems that Netgate Scott's msg to Donenfeld isn't being received very well.
-
@xparanoik
Only the parties involved can comment on that.... Shoulda woulda coulda are pointless when uttered by outsiders -
@heper But my suggestion is still objectively a positive thing, assume the opposite is exactly what happeneed as said by Jason himself (and confirmed via other means, such as other mailing list threads).
-
@heper this has nothing to do with "FREE". I don't want to be a Netgate customer or use products if the company is going to treat the open-source community which its ENTIRE product line is based off of, both TSNR and pfSense, like garbage and threaten them when they speak up/out.
I sort-of got the whole pfSense+ thing. Seeing things like the Wireguard contributions, made me think they still know that open-source is a big portion of their ecosystem.
But... Scott is acting 1000% unprofessional. Jason's reply was after months of trying to work with Netgate, which apparently went unanswered. And then Scott, so unprofessionally threatens Jason with blog post "warning people not to work with him"... now its the whole OPNsense stuff all over again.
Netgate, grow up. Admit your Wireguard port was not quality, you failed to work with Wireguard properly, apologize to Jason, and more forward with the community.
-
@dirtyfreebooter said in WireGuard in pfSense 2.5 Performance:
Netgate/pfSense I am so disappointed... Argh...
That was an interesting read. Disappointed sounds charitable, childish comes to my mind.
It's going to be hard for Netgate to get past this. I do hope someone has the courage to take ownership, admit what needs to be admitted and set the tone for a more adult demeanor going forward. Any words from Netgate (blog post or whatnot) will sound disingenuous. I guess you make your bed, you have to sleep in it.
Makes me wonder what will make it past code review when they bring out the re-worked, closed source, product?
-
-
This post is deleted! -
As predicted, disingenuous. I'd call it typical CYA, but it's too defensive to be that.
A dog knows not to poop where they eat. Scott?
-
yea, this is insane..
We had hoped for a better collaboration than this, and it makes me doubt the motives of the attackers. And yes, I make deliberate use of the word “attacker” here, because that’s what this is, an attack on Netgate and on the FreeBSD and pfSense communities.
JFC. I looked at the code review. Dear god, its nothing like the linux implementation, and if anyone should be critical, Jason is the AUTHOR of Wireguard. Scott did not address why Jason's communication went unanswered or why they didn't reach out to Wireguard in the first place. And I wasn't even looking for a complete apology, I think both sides handled stuff badly and lessons could be learnt, but Netgate not admitting to anything, including the piss-poor threats to Jason, is just gross.
i am new to pfSense, I just started using it when 2.4.5 came out. Read about the OPNsense non-sense and was really turned off, but hell, there are always too sides to the story. Seeing this unfold and the way Netgate is responding makes me sick.
So what have I learned from this? I’ve learned to be a little less trusting.
I have learned not to trust Netgate. I guess it time to look at alternatives, which is a shame, because one, i never thought i would be this person, saying in a forum that i am leaving Netgate because they are totally unprofessional, and two, because pfSense is a really nice project and product. I was really looking forward to some new hardware in 2021 and moving from my self-built setup to an official netgate setup this year.
-
new freebsd mailing list activity...
https://lists.zx2c4.com/pipermail/wireguard/2021-March/006504.html
Kyle from FreeBSD, admitting his mistakes and moving forward.
Scott from Netgate, writing a finger pointing blog post. -
This post is deleted! -
@dirtyfreebooter I'm at the same point. Might be a good time to move away from the one box does it all appliance and the brittleness that can cause when upgrading.
-
@jwj sure but i already do that, one nice part of VPN on the firewall, its easy to apply firewall rules to it, though you probably work around that in various ways.
pfSense is nice. the interface is nice and easy. its a good product. Having it do firewall, DNS, DHCP, VPN is pretty nice, especially when you are not in an environment that is needs anything separate, with the hidden cost there of maintaining multiple machines, VMs, etc and keeping them updated.
i just wanted Netgate to be the mature ones here and show they are adults and want the best for FreeBSD and the community as well, and all else could be looked at and forgiven. especially during covid with all the extra stress on folks on all sides.
-
@rcmcdonald91 i mean kinda, so scott has to see the other side take the high road before netgate/he will. gross and pathetic is that is the case.
-
@dirtyfreebooter said in WireGuard in pfSense 2.5 Performance:
Netgate to be the mature ones here and show they are adults
Yup. Two ways to see this. Leadership didn't review the blog post in the context of the other chatter going on or they did and approved it. Not good either way.
[Edited: someone had the good sense to pull Scott Long's last blog post down]
Takes just a moment to break trust. Takes a long time to regain trust once lost.
Netgate isn't going to miss me. I've not spent money with them other than one $100 gold when that was a thing. I'm not going to say they are going to loose revenue generating business, but I will say this isn't going to generate any business for them. I wish them luck. A lot of the people on their payroll are good people and I hope for a good outcome for them.
I already have a multi-layer switch (catalyst 1000-24p-4x) and I could use my current gateway HW for DNS/DHCP and VPN server plus other things in VM's. Maybe get an ISR 931? I'd do it just to learn. It wasn't that many years ago I was still using consumer networking gear. AirPort Extreme...
We'll see. I need to let this soak for a while...
-
Netgate is pissed off and they have good reason for that. But is there really something to learn (in a good way)? I doubt that.
We can only hope, that something better comes out of this, a compromise.