Brutal last edited by
I have been using PfSense for a few years and absolutely love it. Lots of great new features in 2.1, but I'm now gun shy of it. I have had some strange happenings.
I have about 80 of the netgate Alix.2D3 boxes for SMB firewalls.
First I ran into issues on upgrading from 2.0.3 to 2.1 where the ramdisk space was totally consumed and the webgui became unresponsive. An ssh reboot brings it back up and it works.
Then I noticed problems with the apinger service. Delays and packet loss had wild swings when there wasn't any issue actually happing. The only thing I noticed looking through the xml backup was the old tags for the DNS entries were there along with the new tags. The old dnsint tag vs the new dns1gw tag. I manually removed them and rebooted. Didn't have the same issue on a clean CF install.
Then a situation when adding an openvpn and applying an interface, the routers default gateway automatically changes to the new openvpn interface. When adding the gateway within the interface screen, "default gateway" is NOT checked.
Then this morning DNS resolving broke on one. One DSL on a 2 wan unit was down. I manually changed the default gateway to the 2nd interface. On the second interface IP address pinging worked fine, it just wouldn't resolve the name. A reboot didn't change things. My intention then was to stop and start the dnsmasq service. Stopping the DNS forwarder from the gui caused an error and now the screen shows "Fatal error: Cannot use string offset as an array in /etc/inc/service-utils.inc on line 205" and only a couple of the services. It breaks at the "Status" section of the dmsmasq service. I had to ssh in and start the resolver from the command line. That fixed the resolving, but the fatal error still shows and that screen doesn't complete.
I've upgraded about 15 or so and have about 10 clean installs and have just decided to stick with 2.0.3. for right now until my confidence is back. It's a shame because there's some really great new capabilities on 2.1
I've not done well with 2.1 either. It's my first use of pfSense, so I don't know if I'm doing something wrong or if my hardware's no good.
I added a D-Link 10/100 NIC on the BSD supported list to an old PC, but it was not detected. I tried a different D-Link and a few others until it finally detected an old 3com.
I assigned the 3com 10/100 PCI card to a Comcast modem (no router, DCHP giving public Internet address) and the motherboard Realtek 10/100/1000 to the LAN, changing only its subnet to match the LAN's and disabling its DHCP server.
It ran very well when booted from the Live CD for some minutes, but then slowed down and down more until it was useless - DNS lookups and pings to IPv4 addresses timed out. Rebooting Live CD worked well again for some minutes and then slowed down to useless.
Installing to the disk seemed to work until the first parameter save after setting the password. I don't know if it was the parameter save or if it was merely up too long like the Live CD. Booting the disk but not running the setup worked just like the Live CD - fast for some minutes and then slow down to useless.
I used the release 32 bit .iso on a 2GB P4 HT and just downloaded the 64 bit .iso to see if it's any better. After reading this posting, I started downloading 2.0.3.
I skipped booting Live CD and installed 32 bit 2.0.3 32 bit on the same PC, same PCI NIC as above.
I set the LAN's IP and disabled DHCP server when installing to disk, rebooted, and then continued webConfigurator. Unlike the 2.1 I wrote above, this 2.0.3 continued to work after I set the password and wrote the parameters.
After webConfigurator set the password and wrote parameters it went to Status: Dashboard. 2.0.3 shows a WAN IP address, public from Comcast modem DHCP. 2.1's Dashboard did not show a WAN IP address after saving parameters.
I have to go out for a while. This has been up longer than many 2.1 Live CD boots and unlike after any of many 2.1 webConfigurator parameter saves, is still working. I'll call it good if it hasn't gone out to lunch while I'm out.
It's been up all night. I have to believe 2.1 or its BSD had a problem that 2.0.3 and its BSD don't have on my hardware Compaq dx2200 with Realtek motherboard NIC, Hyper-threaded P4, 2GB (1GB + 1GB) DDR2, SATA disk, 3com PCI NIC.
I'd like to start looking at IPv6, but I can wait.
If anyone wants any dumps or other diagnostic information I'll be happy to send it in.
SysIT last edited by
Running pfsense 2.1 on a Dell R610 with integrated broadcom and a PCIe Intel dual port nic, no problems reported also on an older Dell R210 with no issues on it either with 3 WAN connections, 1 LAN.
What NIC's are you using?
mind you i am not doing anything overly fancy, i have 2 WAN connections but no mult-wan or fail over set up on my main box.
stromnov last edited by
pfSense 2.1-RELEASE (amd64)
Before squid3-devel (or squid3) installation:
After squid3-devel installation: