Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Update to pfSense packages with XMLRPC sync functionality

    Scheduled Pinned Locked Moved Development
    3 Posts 3 Posters 187 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      marcosm Netgate
      last edited by marcosm

      Some quick background:
      There are several packages that implement XMLRPC sync functionality which allows the primary node in a High Availability system to sync its configuration with the secondary node. Some packages even allow entering addresses manually to send the configuration to multiple nodes, or even chain the syncs from node to node. The current XMLRPC sync functionality for packages works separately from the normal config sync that happens between HA nodes; because of this there's a potential race between the system's config sync and the package config sync.

      New:
      A few new XMLRPC plugins have been introduced which address the race condition and improve maintainability - see here. Packages can use these plugins to hook into the configuration sync process that happens in High Availability setups.

      Changes:
      Packages that implement their own XMLRPC code are being updated with the following changes:

      • The "auto" sync code, if applicable, will instead use the new plugins.
      • XMLRPC sync code for the (very) old pfSense versions (older than 2.4) will be removed.
      • If applicable, additional functionality in the package (e.g. manual/chained config sync and file sync) will be kept as is to minimize changes and potential issues.

      These changes should take effect starting with pfSense software releases after CE 2.8.0 and Plus 25.03.

      RobbieTTR 1 Reply Last reply Reply Quote 2
      • M marcosm pinned this topic
      • RobbieTTR
        RobbieTT @marcosm
        last edited by

        @marcosm

        The HA and non-HA setups could also be improved by a shorter boot time for recovery. I've never really understood why pfSense is so slow to boot, even with high-end hardware.

        Can we chop a minute or two off the reboot time as a project in its own right, to help reduce downtime and/or restore HA redundancy as fast as possible?

        ☕️

        1 Reply Last reply Reply Quote 0
        • stephenw10S
          stephenw10 Netgate Administrator
          last edited by

          Yup it probably could be improved. There are a number of deliberate delays that were added in the past to allow for various hardware quirks. Some of them may no longer be required.

          However making changes like that will almost inevitably break something for somebody! So we'd likely need to make it optional. 🤔

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.