2.2-ALPHA Snapshots Available
-
For those who want to live on the bleeding edge, 2.2-ALPHA snapshots are up for testing at http://snapshots.pfsense.org/
Update URLs for use in firmware update settings:
http://snapshots.pfsense.org/FreeBSD_stable/10/amd64/pfSense_HEAD/.updaters/
http://snapshots.pfsense.org/FreeBSD_stable/10/i386/pfSense_HEAD/.updaters/Be aware there are some rough edges but many things should function. That said, you should not expect to use these in production yet. Lab environment or tinkering only at this stage.
In particular, CARP, IPsec, and Wireless are good testing targets.
-
thanks devs!
keep up the good work!
-
thanks a lot guys
-
Is there any information out there detailing the changes/features expected in 2.2?
I know the base is being upgraded from FreeBSD 8.3 to 10 but other than that, what all is different in 2.2 from 2.1? -
php-fpm instead of php in general.
More optimal usage of fcgi in general to avoid careless forking around.
strongswan instead of ipsec-tools.
Apart that not many other changes apart improvements in general and getting to FreeBSD 10.
-
i going for use pfsense dialy , but i want update pfsense alls day …
but i get this error in update manager ...sorry bad english
thanks
-
Outbound NAT - in 2.2 you can keep Automatic Outbound NAT and then add some extra manual rules, thus having a "hybrid" outbound NAT. That will help when adding new LAN-style interfaces, changing LAN-style subnet numbers… The automatic outbound NAT rules can regenerate themselves without the user having to think, and still have the option to have a couple of extra special rules.
This is a bit of code I am planning to test out and use. -
i going for use pfsense dialy , but i want update pfsense alls day …
but i get this error in update manager ...Copy the path from the first message on this thread exactly. You have the wrong URL.
-
I've also made a few changes/additions to OpenVPN, the server options and client-specific overrides.
Eventually we'll have a page with a list of changes like for other versions
-
-
@ermal:
php-fpm instead of php in general.
More optimal usage of fcgi in general to avoid careless forking around.
strongswan instead of ipsec-tools.
Apart that not many other changes apart improvements in general and getting to FreeBSD 10.
And for the first time in a very long time, pfSense will be somewhat in-sync with the mainline FreeBSD tree.
FreeBSD 10 also has a much-improved 'pf'.
The "not many other changes" was intentional. By limiting the scope we stayed out of the mess that bogged down the 2.1 release.
The method used: Set an achievable goal; Meet it. Repeat.
-
Any planned improvements regarding better AES-NI support and performance?
-
any idea if there will be ECMP support?
it could enable loadbalancing when dealing with dynamic routing protocols like ospf, bgp, rip.
might it even help to solve the issue's with loadbalancing certain services like squid? What are the devs thoughts about this?thanks
-
Any planned improvements regarding better AES-NI support and performance?
It's in development but is not likely to make 2.2. More news on that will come later.
-
any idea if there will be ECMP support?
it could enable loadbalancing when dealing with dynamic routing protocols like ospf, bgp, rip.
might it even help to solve the issue's with loadbalancing certain services like squid? What are the devs thoughts about this?It's on our radar but not terribly important for 2.2 (see above, re: narrow scope) but if we stick to the plan then 2.3 won't be far off and it may make it there.
-
THANK YOU for this.
IGB drivers seem to perform flawlessly with minimal tuning and various routing quirks have vanished.
-
Any planned improvements regarding better AES-NI support and performance?
It's in development but is not likely to make 2.2. More news on that will come later.
The issue isn't "AES-NI" support. The issue is that AES-GCM isn't implemented in FreeBSD.
We're fixing that, but as jimp said, it's unlikely to make 2.2.
-
Any planned improvements regarding better AES-NI support and performance?
"Support for AES-NI instruction and intrinsics has been added to gcc. The aesni module has been improved to use pipelining when possible. This results in a significant speed up for AES-XTS and AES-CBC decrypt. " according to: https://wiki.freebsd.org/WhatsNew/FreeBSD10#Kernel.2C_hardware_support_.26_other_low_level_improvements
-
@ermal:
strongswan instead of ipsec-tools.
Does that mean we'll get IKE v2? I'm getting a bit tired of connecting to ASAs and having their admins make comments about having to "downgrade" their equipment.
@gonzopancho:
The "not many other changes" was intentional. By limiting the scope we stayed out of the mess that bogged down the 2.1 release.
The method used: Set an achievable goal; Meet it. Repeat.
Rapid, iterative development. That's the way to go. Glad to hear this.
-
"Support for AES-NI instruction and intrinsics has been added to gcc. The aesni module has been improved to use pipelining when possible. This results in a significant speed up for AES-XTS and AES-CBC decrypt. " according to: https://wiki.freebsd.org/WhatsNew/FreeBSD10#Kernel.2C_hardware_support_.26_other_low_level_improvements
I assume that 2.2 is built with LLVM and not gcc. LLVM has had AESNI for a few years now.
