Is 2.0 stable? I say yes.



  • I know there is always someone asking if 2.0 is stable for production use, and despite it being a beta, I say 100% yes it is.

    My router is running 2.0-BETA1 built on Mon Mar 29 20:17:20 EDT 2010 and as of right now shows an uptime of 30 days, 23:30. Dual WAN, single LAN, absolutely no new problems to report.

    However, I'm going to ruin the uptime and upgrade to the latest build anyways, even though I'm not having any problems. I'm sure lots has been fixed in the last month. =)



  • Individual builds can potentially be stable, but you don't know what the next build will break/fix. :)  Sometimes there are builds after something was put in that breaks things but before someone had a chance to fix it.



  • im running the latest nanobsd snaps in production and currently seem a lot stable with most of the basic functionality and a bit of the advanced stuff as well enough to get the job done



  • I kinda agree - pf2.0 has been stable throughout April, but it does need some enhancements with the interface:

    • Outgoing load balancer needs to manage different bandwidths and latency thresholds for each member as well as having a routable address (ie a 127.0.0.0/8 virtual IP address) to allow routing to go through the load balancer (think of things like DNS queries or packages like Squid needing to be balanced etc)
    • I also think interfaces still need more love, for instance being able to duplicate an interface like you do in MacOSX rather than having a virtual IP as an IP Alias or when setting OVPN interfaces given the fact OVPN does it's own magic with ifconfig independently of pfSense - all need a little bit of attention.
    • A lot of bits need interface additions, ie the Cert Manager allowing the import of PKCS#12 certs, OVPN having auth-user-pass fields
    • A few defaults need to be set based on the hardware, for example if a hifn/gslxb device is present, configure all usage of OpenSSL to use the engine cryptodev setting and set tunables accordingly
    • L2TP/Ipsec isn't at all straightforward

    But as you can see both from this list and the redmine bugtracker, virtually everything now is more superficial 'spit and polish' than serious. That said, these superficial aspects still need to be bolted down before RC1…


  • Rebel Alliance Developer Netgate

    @MrHorizontal:

    • Outgoing load balancer needs to manage different bandwidths […] each member

    That is there now. You can set a 'weight' for each gateway which will be considered when used in a gateway group. I have 3Mbit DSL and 10Mbit Cable, so I have DSL set with a weight of 1, and Cable with a weight of 3, so if I try four connections, it uses Cable 3/4 of the time.

    Some of your other points are debatable, but others would be nice to see. You might want to open feature request tickets in redmine for anything you don't already see.



  • @jimp:

    Some of your other points are debatable, but others would be nice to see. You might want to open feature request tickets in redmine for anything you don't already see.

    The issue I have with the interfaces especially is indeed debatable - but basically my train of thought is that anything to do with ifconfig should be manifested under the pfSense interfaces - though I do fully understand that due to the power of the BSD pf, there's always a bit of an argument as to whether something should be handled within pf or the base routing tables…

    This debate however is something that can be left till another time. Rather than constantly bugging you guys to get the GUI all gooey, IMO it's far, far, far more important for you guys to really bolt down 2.0 into a release candidate. All this stuff can wait for 2.1, so unless something that is really important is raised now for the GUI, I'd say stick to the raw plumbing  ;)



  • I have had no problems with the latest  build .The only thing i would like to see is nat ability in Pfsense since were are using a large case's  it would be nice to have a storage drive in pfsense like a 1 or 2TB drive .



  • I understand 1 build can be rock solid and the next install will break everything, but I haven't had that problem with 2.0. Some of my bandwith graphs are busted, etc, but that has been reported and I doubt I'll be able to recover any of the data from the 1.2.3 days, but it's okay. I will probably wipe the drive and do a fresh 2.0 install when the final build is released anyways. =) Glad to see there is progress being made across all fronts in 2.0 though and I look forward to the final build and hopefully a 2nd edition book to go along with it. ;)



  • @cdx304:

    I have had no problems with the latest  build .The only thing i would like to see is nat ability in Pfsense since were are using a large case's  it would be nice to have a storage drive in pfsense like a 1 or 2TB drive .

    pfSense is a firewall and should be treated as that! It is kinda insecure to put your valuable data right into your firewall!


Locked