Pfsense CE 2.7.0 Release (?)
-
@michaellacroix said in Pfsense CE 2.7.0 Release:
Anyone know when CE 2.7. will be out of beta and the official release? I'm curios when or if netgate will let you upgrade from ce 2.7.0 to 23.01. Thanks
-
I don't expect to see it anytime soon. The number of outstanding issues has been growing; previously it went down over the weeks prior to an actual release. It is now quite clear to me that Netgate is gently pulling the plug on CE and focusing on Plus.
-
@cellobita Thanks
My hope is to be able to do a clean install of 23.01 soon without having to use CE 2.6.
I have frontier fiber so if I did that now I would need to use a netgraph script and it becomes a whole thing. -
@cellobita Thats why we are moving away to OPNsense... many more releases and much better support.
-
@cool_corona I've been considering the same path. I really like pfSense - have been using it over the last twelve years or so - but I think that OPNsense is now a credible (perhaps even preferable) alternative. Most of my clients here in Brazil have slashed their IT budgets post-pandemic, and moving to Plus and a paid annual license is a non-starter.
-
@michaellacroix said in Pfsense CE 2.7.0 Release:
when or if netgate will let you upgrade from ce 2.7.0 to 23.01
@rcoleman-netgate said in Upgraded from 2.6.0 CE to Plus. Now I'm stuck.:
As of this afternoon [yesterday] you can go from 2.6RELEASE to 23.01 directly.
-
@cellobita said in Pfsense CE 2.7.0 Release:
Most of my clients here in Brazil have slashed their IT budgets post-pandemic, and moving to Plus and a paid annual license is a non-starter.
Do not understand this really, buy the hardware from Netgate and you don't have any costs.
And OPNsense business has also costs, so be fair here. -
@slu But the release, support and patch windows are much shorter and the users are much better supported on the forum.
-
@cool_corona
it's up to you to moving...Yes the patch time is in my eyes sometimes to long, I agree in this point.
-
@michaellacroix said in Pfsense CE 2.7.0 Release:
I'm curios when or if netgate will let you upgrade from ce 2.7.0 to 23.01.
It is now possible to upgrade from 2.7 to 23.01 but if you're planning to do that you should use a version that is running the same php version as 23.01(8.1). So before 2.7 went to php82 which means the Feb 15th snap or earlier.
If you're running a later snap with php82 and you upgrade to 23.01 you will (currently) need to do a forced pkg reinstall afterwards to get the required php81 modules.
Hopefully an update to pfSense-upgrade will remove that problem shortly.
Steve
-
@slu I'm not complaining or being unfair, merely stating what I believe to be a fact: with the introduction of Plus, the release pace of CE has been severely impacted - BTW, Netgate's hardware is definitely not cheap in Brazil. So, when a credible, free alternative exists, under active development, capable of running on hardware that my client already has, and able to do what he expects of a routing/firewall platform (esp. multiple WAN links and WireGuard support), I'd be remiss if I did not point that out to him.
-
@stephenw10
Thanks Steve, good to know. -
Hey Steve, I wonder how the pfsense developers are going to reconcile that? My guess is there will be a coordinated effort to get both CE and plus on the same php version on a public release?
-
Yes, the Plus dev branch is also on php82 it's just not public at the moment.
-
@cellobita is OPNsense (Desico) hardware any cheaper? If it’s the same or more then I’m not understanding why cost is an issue.
Secondly if cost is an issue then why can’t a white box server be purchased and Pfsense + installed?
The conversation around costs seems to be largely nonsensical. IT budgets are slashed….I get that…but is the cost of a Dell 610 let’s say that much more expensive than a Desico(Opnsense)?Lastly the conversation about updates is largely nonsensical as well. As I always ask and never get a good answer “What specific vulnerability that is present in pfsense that the development team has been made aware and are not addressing?”. Please post the CVEs as well.
-
@michmoor Thank you for your input - I understand the points you are making.
All my remaining deployments of pfSense are currently running on standard white boxes - their hardware specs more than enough; I wouldn't be buying dedicated hardware from OPNsense, but simply migrating to their open source, community edition software, which has no upfront cost.
I believe that over time the delta between CE and Plus is bound to get bigger; I'm not trying to convince anyone here - and have a profound respect for pfSense, having used it on dozens of clients since 2010 (my earliest deployment was on version 1.2.3) -, just present my two cents.
-
@michmoor said in Pfsense CE 2.7.0 Release:
Please post the CVEs as well.
There is no such thing. People became too spoiled. Their logic is "if its not getting updated, its abandoned".
I also like conspiracy theories where people think that rising number of outstanding issues is actually Netgate`s trick to force people to switch to + version. I laughed.No one is forcing anyone to use pfSense. If you are not happy with it, just make a transition and switch to something else. Saying that you are going to switch to alternative solution is not going to make 2.7 come out faster. No one cares.
You should be happy that release has been pushed back. It means that someone somewhere is working hard on fixing bugs. For you. For free.
Be more grateful.
-
@cellobita no one knows how big a delta will be between CE and Plus. The death of CE comes up every few months when there is an OS update so I’m not surprised.
Pfsense+ is free. Just like CE. So why aren’t you upgrading to Plus? I really have no idea what the fuss is about.Netgate has a small but dedicated development team. I’m sure there is a laundry list of things that are planned or in the works. It’s all about prioritization.
I’m still waiting on what specific update you think needs applied to pfsense. CVEs…The update argument is ridiculous to be frank.
-
@cellobita said in Pfsense CE 2.7.0 Release:
@slu I'm not complaining or being unfair, merely stating what I believe to be a fact: with the introduction of Plus, the release pace of CE has been severely impacted - BTW, Netgate's hardware is definitely not cheap in Brazil. So, when a credible, free alternative exists, under active development, capable of running on hardware that my client already has, and able to do what he expects of a routing/firewall platform (esp. multiple WAN links and WireGuard support), I'd be remiss if I did not point that out to him.
You are just contradicting yourself. You admitted you use whitebox hardware. Why bring up the cost of Netgate? You’re saying pfsense project is not in active development but you see the 2.7 roadmap. What are you complaining about here??
-
@michmoor I was under the impression that they are going to start charging for it - "The cost will increase to $129/yr for commercial use in the future." - but English is not my native language, so perhaps I misunderstood the meaning of this.
Anyway, I am not - repeat, NOT - making the case for widespread adoption of OPNsense or migration from pfSense, just considering the specific situation for my clients.
I am grateful to have a choice, even if it means staying on CE, all things considered.