Rebooting... a good practice?
-
Hello
I need an advise on that specific point.
On a normal use do you consider a good practice to reboot pfsense let say once a week for exemple at midnight each sunday just reset everythins to a "clean" state
Thanks for your guidance
Regards
Pierre -
Noop.
Except if you identified issues like https://redmine.pfsense.org/issues/10624 on your system.
You'll be rebooting because you want to clean the UPS - remove dust, update the firmware.
Check out the forum, and you'll find posts where people mention they have a pfSense running somewhere, for years ... not being touched neither managed .... Not good neither.
-
Thanks for your advsise
So as it is running ok I will apply the " Don't touch it stupid" attitude
-
On the other hand, you're allowed to reboot it.
Look at this one : that's me rebooting my work pfSense. Because I'm doing 'things' with it.
Being stupid with it, actually, most of the time.Other systems, like my main mail/web/whatever server is only rebooted upon major OS upgrades. I guess, the fact it's 500 miles away, somewhere in a data center, and I can't access the power switch ;)
-
@pierrelyon
PfSense doesn't run on Windows, so rebooting isn't required, other than as happens automagically during FreeBSD updates. I've been working with computers going back over 40 years, including with the big systems, and it's only with Windows you're expected to reboot frequently.
-
Yep, the first 3 finger manip on a keyboard was Ctrl-Alt-Del, at the begin of the day, and often at the end.
edit : I've a 2008R2 running somewhere, still need that combination to login ... ;) -
We do recommend rebooting at least before running an update. Often hardware failures will be discovered when you reboot or power cycle, and rather than find them in the middle of an update and blame them on the update, it's best to identify them before you manage to get the system into an inconsistent state.
-
For you to have an idea:
Netgate SG-4860: Uptime 130 Days 19 Hours 17 Minutes 59 Seconds
Netgate SG-3100: Uptime 272 Days 01 Hour 31 Minutes 25 SecondsReboot is just necessary in case of OS updates/upgrades. And its also recommended on all unix and unix similar systems to perform a system reboot before updating/upgrading, like jimp have said, mostly when those OS's have run for a long time without any restart.
-
Not only hardware failures, also filesystem problems.
-Rico
-
Sound like I started the : Who got the longest uptime chalenge
Thanks all for your advises -
@Gertjan said in Rebooting... a good practice?:
Yep, the first 3 finger manip on a keyboard was Ctrl-Alt-Del, at the begin of the day, and often at the end.
And often many times in between.
Early versions of Windows were bad and the blue screen of death common. At one point at work, I had a special startup sound. It was the Windows startup sound, which part way through would turn to the sound of a crash and a voice "Ah Crap!"!
-
@pierrelyon said in Rebooting... a good practice?:
Sound like I started the : Who got the longest uptime chalenge
The winner is the one with the worst security practices :-)
Uptime should only be at most as long as it has been since the last update + time to schedule a maintenance window to upgrade.
-
@jimp said in Rebooting... a good practice?:
Uptime should only be at most as long as it has been since the last update + time to schedule a maintenance window to upgrade.
That depends on the OS. With Linux, everything can be updated without rebooting, other than the kernel.
-
Well we're talking specifically about pfSense, not Linux, so that doesn't matter.
-
@SipriusPT said in Rebooting... a good practice?:
Netgate SG-4860: Uptime 130 Days 19 Hours 17 Minutes 59 Seconds
Netgate SG-3100: Uptime 272 Days 01 Hour 31 Minutes 25 SecondsCould you please indicate the addresses of these devices ?
Got some pen tests ready - knowing that you kept them up, I guess, to have them "tested". -
@Gertjan Ofcourse I will
P.S. those are not running any unsupported/old versions =)
-
@SipriusPT said in Rebooting... a good practice?:
@Gertjan Ofcourse I will
P.S. those are not running any unsupported/old versions =)
Well hmmm..
2.4.5-RELEASE-p1 (amd64)
built on Tue Jun 02 17:51:54 EDT 2020 only 15 days old..2.4.5-RELEASE (amd64)
built on Tue Mar 24 15:25:50 EDT 2020 less than 90 days ago..so..
-
@chpalmer said in Rebooting... a good practice?:
@SipriusPT said in Rebooting... a good practice?:
@Gertjan Ofcourse I will
P.S. those are not running any unsupported/old versions =)
Well hmmm..
2.4.5-RELEASE-p1 (amd64)
built on Tue Jun 02 17:51:54 EDT 2020 only 15 days old..2.4.5-RELEASE (amd64)
built on Tue Mar 24 15:25:50 EDT 2020 less than 90 days ago..so..
LMGFY
Current/Upcoming Supported Releases
2.5.0 New Features and Changes
2.4.5-p1 New Features and Changes
2.4.5 New Features and Changes
2.4.4-p3 New Features and Changeshttps://docs.netgate.com/pfsense/en/latest/releases/index.html
-
2.4.4p3 is still supported and came out may 2019, so yeah he could be running that with such long uptimes.
edit: I have some sg3100 still on 2.4.4p3 because they are remote and nobody in the offices - don't want to upgrade them at this time because if something does go wonky, nobody on site to fix it.
-
Well- I have a customer that is guilty.. 2.3.5 still and wont upgrade. But I still consider anything south of the versions I posted as outdated.. But I guess its just personal.