pfSense 2.5 Release Date News
-
-
@ahking19 Have you seen anyone from Netgate say that they're still going to release pfsense 3.0 with VPP/DPDK and RESTCONF? Literally all evidence to date is that what was going to be PFSense 3.0 is TNSR instead, heck the preview of PFSense 3.0 looks identical to TNSR.
It's disappointing that Netgate won't just give a clear answer, but that's their prerogative. I'd never begrudge them expecting to get paid for their efforts if that's the route they chose to go, just frustrating they won't come right out and say that instead of leaving the community to guess.
https://fast.dpdk.org/events/slides/DPDK-2017-09-Ireland-pfSense.pdf
https://www.reddit.com/r/PFSENSE/comments/6wosx8/a_very_short_preview_of_30_cli_and_restconf/
https://docs.netgate.com/tnsr/en/latest/basics/working-cli.html -
@tcsac Thanks for providing this information. I did not look into TNSR, but it does look like you seem right.
It is a true shame if what you say is true, that functionality that is built into other enterprise devices, that pfSense is copying, is now bundled into a TNSR subscription. Sure the vector packet processing is great...but command and control bundled with it?
I hope I am wrong, but if I am not I will be at a loss for words soon. I do not think it is there prerogative, and I think that people deserve an answer eventuall. If they really are thinking about taking this direction with their products, and software then they should just commit to it.
It could be that is why they do not answer. Considering that the product that they release still has maintainers that do not get paid for the packages that they support. I was really looking forward to an API, and command line interfaces.
I was really looking forward to watching a company sweep the run out from under Cisco etc...I suppose soon we will have to look elsewhere, or just continue to wait?
I really still do wholeheartedly support pfSense, and Open Source software, and I do understand that companies need a strategy to profit from it, AND they may even need to hide that strategy, but the direction that we seem to be going here would need a change or we are all going to walk away disappointed.
-
@tcsac said in pfSense 2.5 Release Date News:
It's disappointing that Netgate won't just give a clear answer, but that's their prerogative.
Yes, surely it must be nefarious.... Seriously, you guys are being ridiculous. You expect them to update you on their future plans every day? Or just whenever you demand? Plans change. That's life. Netgate isn't Microsoft with tens of thousands of employees. There is only so much they can do, and sometimes plans turn out to be too ambitious or impractical based on new developments. It looks like their plans for pfSense 3.0 may have changed. Deal with it. I understand now why companies are loathe to talk about the future and roadmaps when people complain if those plans change for any reason.
I suppose the lesson learned by Netgate is to not tell you anything in advance.
-
@KOM said in pfSense 2.5 Release Date News:
Seriously, you guys are being ridiculous
What you said would have been holistic and understanding without the above statement. We all are here because we like open source software, especially pfSense. @tcsac Not only expressed himself, but also provided links to documents thus making us more informed.
-
@NollipfSense They're being ridiculous because they're jumping to conclusions and assuming bad intentions.
-
@tcsac said in pfSense 2.5 Release Date News:
https://docs.netgate.com/tnsr/en/latest/basics/working-cli.html
anyone from Netgate say that they're still going to release pfsense 3.0 with VPP/DPDK and RESTCONF?<<
"Still"? - not that I've read. I've never read that VPP was going to be part of pfSense 3.0.
VPP is at the core of tnsr and it runs on linux, CentOS I believe.Porting pfSense from FreeBSD to Linux is not something I've heard or would expect in 3.0.
-
@KOM said in pfSense 2.5 Release Date News:
@NollipfSense They're being ridiculous because they're jumping to conclusions and assuming bad intentions.
@KOM Jumping to what conclusions? PFSense 3.0 was codenamed pennybacker, which is what became TNSR. I haven't asked for an update every day, in fact I've literally NEVER asked for an update. I simply spoke up because after watching people get flamed repeatedly here for just being curious about what's happening, I thought someone should give a reasoned response. I won't even begin to try to understand why people like you have such a visceral reaction in the middle of people having a rational discussion. You might want to take a deep breath before posting your next response because you seem to be overly emotional for no reason.
https://www.reddit.com/r/PFSENSE/comments/75pt7g/pissed_with_my_edgerouter_thinking_of_switching/
level 3
gonzopancho
Netgate4 points ·
2 years agoIt's been code named "Pennybacker" for 3 years now.
Slides from two weeks ago: https://dpdksummit.com/Archive/pdf/2017Userspace/DPDK-Userspace2017-Day2-9-pfSense.pdf
One of the slides in there explains why it's not "pfSense". It's a new thing, and deserves a new name. In this way, pfSense can continue being what it is.
The name will be announced at launch.
-
@ahking19 said in pfSense 2.5 Release Date News:
@tcsac said in pfSense 2.5 Release Date News:
https://docs.netgate.com/tnsr/en/latest/basics/working-cli.html
anyone from Netgate say that they're still going to release pfsense 3.0 with VPP/DPDK and RESTCONF?<<
"Still"? - not that I've read. I've never read that VPP was going to be part of pfSense 3.0.
VPP is at the core of tnsr and it runs on linux, CentOS I believe.Porting pfSense from FreeBSD to Linux is not something I've heard or would expect in 3.0.
Yes, they literally said pennybacker which was presented at
fd.iodpdk was PFsense 3.0. Justifications for starting over from scratch/moving away from FreeBSD are in the slide deck.https://www.reddit.com/r/PFSENSE/comments/75pt7g/pissed_with_my_edgerouter_thinking_of_switching/
-
I won't even begin to try to understand why people like you have such a visceral reaction in the middle of people having a rational discussion.
And I never understand the people who come to this forum and do nothing but bitch and moan about something they haven't contributed even the tiniest thing towards. Look at you, you've been here for 5 years with a whopping 31 posts. No doubt you only post when you need help or want something.
And no, people don't get flamed for asking a question. They get negative responses because they invariably whine or jump to the conclusion that Netgate is being shady for some reason.
You might want to take a deep breath before posting your next response...
Blah blah blah
Look, if WebGUI is not your flavour and you really want a CLI, spin up a FreeBSD instance and go nuts. All the CLI and text file configs you can handle.
-
@tcsac said in pfSense 2.5 Release Date News:
Yes, they literally said pennbacker which was presented at fd.io dpdk was PFsense 3.0. Justifications for starting over from scratch/moving away from FreeBSD are in the slide deck.
https://www.reddit.com/r/PFSENSE/comments/75pt7g/pissed_with_my_edgerouter_thinking_of_switching/Yeh. I almost did not post what I wrote, but once I started reading about pennbacker I needed to chime in.
I don't know. I do not think any of us are trying to dump on the pfSense team here. I do not think any of us deserve to. I know I am trying to scratch that itch of excitement when I heard the phrase API.
I think we are all just trying to make decisions to support our future strategies, and information about pfSense direction may be needed to move those strategies along.
I apologize if I have offended anyone.
-
@KOM I think you are exaggerating what is going on here, and it should stop. You are turning this conversation into an argument, when we are all just trying to be good-natured. Please contain your passion, and maintain your respect in these forums.
-
@KOM said in pfSense 2.5 Release Date News:
I won't even begin to try to understand why people like you have such a visceral reaction in the middle of people having a rational discussion.
And I never understand the people who come to this forum and do nothing but bitch and moan about something they haven't contributed even the tiniest thing towards. Look at you, you've been here for 5 years with a whopping 31 posts. No doubt you only post when you need help or want something.
I actually have contributed, and most of my posts are me working through issues and following up with solutions and resolutions. If you had spent 30 seconds looking instead of making really poor assumptions you'd have figured that out.
And no, people don't get flamed for asking a question. They get negative responses because they invariably whine or jump to the conclusion that Netgate is being shady for some reason.
Asking about an update on something that was announced 3 years ago isn't whining.
You might want to take a deep breath before posting your next response...
Blah blah blah
Look, if WebGUI is not your flavour and you really want a CLI, spin up a FreeBSD instance and go nuts. All the CLI and text file configs you can handle.
I really don't understand what your issue is, but you should seriously take a step back and try to figure out why you're so toxic and hostile. You're jumping into a conversation and trying to start an argument for literally no reason. Everything you've thrown against the wall WRT: people whining or bitching or not contributing is literally fabricated bullshit. It has no place here or anywhere else, I'm not sure if you've got serious issues in real life or not, but chill the fuck out.
-
@tcsac I am hoping that it took a while to draft that response. I think we are all just passionate about this, and each want to express what we think. I can understand how you can feel attacked by @KOM , but I think you are both crossing some lines that should not be in this post.
While I understand that you need to defend yourself, please take the rest of this conversation somewhere else.
Thank you both for your contributions to this topic, and please continue to post relevant information.
-
@tcsac
Sounds like you have a different use case than me. I don't need 10+Gbps in near future , 2-3 years. If you do, I understand the interest in VPP. -
Just my 2 cents but I think @tcsac has a valid point. I mean there is a whole fork of pfsense and their devs who used to support pfsense (Cough Opnsense), and their followers with this premise. That is valid evidence to back up his concerns, and that came from within, not just mere speculation. Otherwise the fork devs wouldn't have deviated from pfSense development.
Maybe @tcsac is just hitting too close to home for some to accept that people have these concerns over Netgate's direction. IMHO if they take this route they should just be clear like Redhat has recently done with Fedora and more recently with CentOS.
Bitching about people bitching is not very productive to the conversation. I will say I'm still here. I still support Netgate and pfSense. It's still the superior open source firewall. I'm also in the crowd that thinks they should be more clear with direction. We are their existing or potential customers. I don't post a whole lot on here. I don't have time, but I do support the project through donations, continued use of pfSense at home, and I control IT budget for a Fortune company. Flaming people like me with valid concerns is not very conductive, whatever Netgate's strategy actually is.
-
My last post on this.
First off, I'd like to apologize to both @tcsac and @webdawg. I went off on the two of you pretty harshly. It wasn't one of my better days and for that I am sorry. I usually try to act as peacemaker when tempers flare around here, but I was lacking in this case.
My frustration came from my view of seeing people assuming the worst or assuming sinister motivations from Netgate. I don't understand it. This is how rumours get started. Just because there is something you don't know, it doesn't mean they're hiding it. Just because Netgate changed something, it doesn't mean they're pulling a fast one.
Anyway, I've blown this whole thread out of proportion. I might suggest that if there is something that one really needs to know and don't have answers for with regard to Netgate and their direction, that you send them an email, or a tweet, or summon @jimp here in the forum. They have always been pretty responsive IME, so at worst you might get an "I don't know/Not sure" reply.
-
@jimp, who we all know is very active on the forum, is taking a much-deserved vacation. In his absence let me just say that 2.5 is still in development and our engineers are actively working to a release. We try to be as transparent as possible and you can follow the development and see what exactly is being done in redmine.
-
@dennis_s said in pfSense 2.5 Release Date News:
@jimp, who we all know is very active on the forum, is taking a much-deserved vacation. In his absence let me just say that 2.5 is still in development and our engineers are actively working to a release. We try to be as transparent as possible and you can follow the development and see what exactly is being done in redmine.
It's heartwarming to see @jimp working on Sunday before he leaves for vacation...that's dedication!
-
@jimp hope you are having a good one!
-
sound more like this
-
Any updates on this thread?
-
@webdawg No updates on 2.5, you can still follow the updates in redmine to see what has been worked on recently. We did, however, release the 2.4.5 snapshots for community testing.
-
@Rod-It - for me and others, who were planning to buy new hardware anyway. The difference was speccing it with 2.5.0 in mind so we didn’t have to replace it again in a year or so, which for me meant an N3150 box instead of a J1900. Nothing world-ending.
I much would rather they announced the restconf (where the RFCs mandate hardware crypto) and delayed it in the roadmap as they have than to just silently shove it into 2.5.0 dev and upset people who had just bought hardware...
-
Netgate: So I'm assuming that 2.4.5 will be an update to get us off the end-of-life'd FreeBSD with some basic bug fixes so the bigger release of 2.5 can be perfected?
-
-
So, pfSense Santa deemed us good for an update...nice! It would be awesome if Snort inline mode and Suricata 5.01 can work with pfSense 2.4.5 while we wait for version 2.5.
-
I'm not sure 2.4.5 will drop before Xmas as there are quite a few open issues still. Snort in line has pretty much always worked with a new release, though.
-
I would be very much surprised if 2.4.5 released prior to end of January or well into February, let alone before the end of the year. They have been hammering out code all week from what I can see, but not 70 before COB on Friday. Then with Christmas being in the middle of the week and schools being off until January so the kids will be home. I don't see as much progress being made from 12/23/2019 - 1/2/2020 as was made this week.
Then you have testing to make sure all those bug fixes didn't introduce any new bugs and the stability of the near-final product before it will be offered as a stable update path.
I wouldn't hold any breath.
-
I'm making this a separate post, but I wanted to address the fight above in the comments.
Netgate is highly conservative with how much candid detail it provides on progress. So much so, that it isn't until there is sufficient noise and misinformation (i.e.: whining, complaining and bitching with elaborate conspiracy theories) that it finally ticks Jim Pingle off enough that he responds and lays the information smackdown usually laying blame firmly in the lap of FreeBSD's developers. He's not wrong.
Case in point the SG-1100 AES-NI support. That took a TON of noise and misinformation before it was revealed what the hold-up was and I think that one was only half FreeBSD's fault.
Couple that with 2.5.0 being this magical release number that was supposed to destroy the non AES-NI hardware and yes REST API! That magical buzzword that will make a sufficiently high-priced central management solution possible (see tangent 1). Truth is, they are trying to pile 10lbs of features into a 5lb release-cycle and they are trying to get onto FreeBSD 12, but 12.1 is also taking a little extra time to bake in the oven. So yeah, that's also about 40% FreeBSD's fault.
And you have to understand, pfsense is an open source project, that is free from very opinionated individuals that certainly doesn't infuriate certain users and even developers who leave the project to start a fork of their own to be free of said opinionated individuals. If you want a particular feature, start programming it in yourself and hope that your programming style and personality meshes with the non-opinionated individuals on the pfsense development team.
Netgate is a for-profit company that supports the pfsense project out of the kindness of it's heart and you need to accept that unless you pay them $100/year otherwise you need to pay them $300/year for TNSR and then your releases will come out much faster. Think of it this way, it's cheaper than a brand new F5 with 24/7 enterprise support. So count yourself lucky young man.
Tangent 1: They released on a poll on reddit an eon or so ago and their cheapest option was like $5/month/firewall. A vast majority of the replies criticized the price and their response was a very straight forward "then you are too cheap for us, go somewhere else". Not in that many words but the message was clear. This was for the central management system.
-
@PhlMike said in pfSense 2.5 Release Date News:
They have been hammering out code all week from what I can see, but not 70 before COB on Friday.
Note that the number of issues open against 2.4.5 are about 90% (60/68) issues waiting for testing and confirmation of fixes already in place. There are only 4 actual issues remaining to work on, and four release-related tasks (updating release notes, docs, etc). I still doubt it will happen before Christmas, but it's certainly not going to be months.
Edit: As always, if you want to see a release happen faster, then help test issues in the feedback state:
-
I have two rules I strictly follow in these situations. First keeps me from being constantly disappointed or agitated. The second keeps me from appearing privileged.
- If a product doesn't do something now it never will.
- If you jumped on the bus through the back door don't complain about the driver.
-
@jimp said in pfSense 2.5 Release Date News:
@PhlMike said in pfSense 2.5 Release Date News:
They have been hammering out code all week from what I can see, but not 70 before COB on Friday.
Note that the number of issues open against 2.4.5 are about 90% (60/68) issues waiting for testing and confirmation of fixes already in place. There are only 4 actual issues remaining to work on, and four release-related tasks (updating release notes, docs, etc). I still doubt it will happen before Christmas, but it's certainly not going to be months.
Edit: As always, if you want to see a release happen faster, then help test issues in the feedback state:
More than 3 months xD for 2.4.5
So what is the expected date for 2.5?
-
There is no ETA for 2.5.0.
-
@l0rdraiden To get an idea, this is how I determined an estimate for myself...I estimate that FreeBSD 12.1 will be stable somewhere around August where pfSense include it September and 2.5RC October...final release December. If it's earlier than that, alleluia...if it’s later, then I readjust my expectation. I won't have to ask anyone when it's releasing...I already have an idea. Meanwhile, I am enjoying it.
-
I would say 16 months. Looks like in the past 13 months they closed 159 issues, with another 164 to go so add an extra month for those, plus adding two-extra months because I was off two months the last time.
So May 2021. TNSR should be at version 100 by then, though...
But, No need to beat a dead horse. They refused to listen thus far and vehemently oppose our viewpoint. They did a partner survey back in February. I was talking to the other larger netgate parters, we all said the same exact thing. What we hear back? crickets....
-
Even though TNSR is basically Cisco and I know it well from decades of use, until it has OpenVPN (Or Ahem Wireguard, lol), Snort, and the pfSense front end I'm sticking with pfSense. The pfSense front end has totally spoiled me from CLI.
Netgate, you make that happen with TNSR and I'll gladly buy it. :)
-
@Zermus I concur - I have zero need for TNSR, everything I do maxes out at 10 Gb/s and I only run 1 Gb/s internet lines.
I want:
- A real central management platform that I can get fora reasonable price (< $1/firewall/month for 500+ firewalls and/or host myself that can handle 1,000 firewalls+ at under $500/month.
- A web interface on the firewall, preferably HTML5 and some nice python action in the back.
- SSLVPN, Site2Site VPN (not married to IPSEC, SSL S2S will work), pfBlockerNG and Suricata
- Updates on a 3-6 month schedule
- A wall-mount for the SG-3100.
-
Regarding pfSense 3.0, has the roadmap changed since this Reddit post?
https://www.reddit.com/r/networking/comments/6upchy/can_a_bsd_system_replicate_the_performance_of/
I'm doing some googling about potential performance bump in pfsense 3.0 and there seems to be quite lot of noise: VPP, DPDK, netmap or moving to Linux base. Would that basically mean pfsense is gonna be TNSR Lite?
Netgate seems to be very tight-lipped about roadmap, but they have every right to do so.
-
@nva Interesting read, indeed ... really wish pfSense had not drop the original plans for v2.5. Thank you for sharing!