Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    To update or not?

    Installation and Upgrades
    4
    7
    2446
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bob76535 last edited by

      I have read all the posts on updating and the sticky at the top so doing the update is not really an issue. I am just questioning if I need to.

      My pfsense firewall has been 100% rock solid stable with no issues since deployment. it has not even been rebooted since I moved to to a new rack 295 days ago.

      I am running 1.2 release on a supermicro 1U box with dual G4 xeons, 3G of ram, and dual scsi drives. I have no packages installed and I am in transparent firewall mode. I average around 12M with heavy bursts running 25-48M and I am running the onboard (realtek?) nics with no issues.

      Should I take the chance or is it not really worth it for me?

      Opinions would be appreciated.

      Thanks

      Bob

      1 Reply Last reply Reply Quote 0
      • K
        kycnotes last edited by

        In my limited experience with pfSense, but a lot of experience in other hardware related deployments, I would say no.  If you aren't using any packages, and using this box strictly to limit inbound connections (?), and the box seems to be very reliable and functional, then why change it?

        1 Reply Last reply Reply Quote 0
        • C
          cmb last edited by

          There are a number of security fixes since 1.2 mostly in the underlying components. None that leave any huge holes that pose serious issues. There are a number of bug fixes as well, but they're edge cases that aren't applicable to most users. I would definitely upgrade, upgrades are pretty low risk. Most upgrade issues come from hardware-specific regressions from one FreeBSD version to another, though those are rare.

          1 Reply Last reply Reply Quote 0
          • B
            bob76535 last edited by

            @kycnotes:

            In my limited experience with pfSense, but a lot of experience in other hardware related deployments, I would say no.  If you aren't using any packages, and using this box strictly to limit inbound connections (?), and the box seems to be very reliable and functional, then why change it?

            Thats exactly what I was thinking but I wans't sure. I prefer to leave things alone as anything I break requires a 2 hour trip to the co-lo.

            Thanks

            Bob

            1 Reply Last reply Reply Quote 0
            • B
              bob76535 last edited by

              @cmb:

              There are a number of security fixes since 1.2 mostly in the underlying components. None that leave any huge holes that pose serious issues. There are a number of bug fixes as well, but they're edge cases that aren't applicable to most users. I would definitely upgrade, upgrades are pretty low risk. Most upgrade issues come from hardware-specific regressions from one FreeBSD version to another, though those are rare.

              I think I will hold off until the next scheduled co-lo trip. That will allow me to take the firewall out of circuit and mitigate any issues.

              Thanks

              Bob

              1 Reply Last reply Reply Quote 0
              • J
                jan.gestre last edited by

                @bob76535:

                I have read all the posts on updating and the sticky at the top so doing the update is not really an issue. I am just questioning if I need to.

                My pfsense firewall has been 100% rock solid stable with no issues since deployment. it has not even been rebooted since I moved to to a new rack 295 days ago.

                I am running 1.2 release on a supermicro 1U box with dual G4 xeons, 3G of ram, and dual scsi drives. I have no packages installed and I am in transparent firewall mode. I average around 12M with heavy bursts running 25-48M and I am running the onboard (realtek?) nics with no issues.

                Should I take the chance or is it not really worth it for me?

                Opinions would be appreciated.

                Thanks

                Bob

                This is a common dilemma, the unexpected usually happens during reboot especially if the machine has been up for a long time, most problems though are caused by hardware related problems and not by software updates. I've updated all 7 pfSense boxes that I manage and so far I did not encounter any problems.

                HTH

                1 Reply Last reply Reply Quote 0
                • C
                  cmb last edited by

                  @madapaka:

                  This is a common dilemma, the unexpected usually happens during reboot especially if the machine has been up for a long time, most problems though are caused by hardware related problems and not by software updates. I've updated all 7 pfSense boxes that I manage and so far I did not encounter any problems.

                  Yeah, and other things you only hit when rebooting a box that hasn't been rebooted in months or years. The only problems I've seen with 1.2.3 upgrades thus far is boxes that didn't boot back up because of a missing keyboard, sitting at a "F1 to continue" BIOS prompt, and another where a different hardware problem and resulting BIOS prompt kept the box from booting back up. In both scenarios, obviously a reboot would have had the same effect as the upgrade.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post