A pfSense roadmap





  • Thanks for sharing with us the road map.  It’s nice to know where the chauffeur is taking us.

    Any mile stone timeline goals, estimates, hopes, wishful thinking, anything?

    Thanks



  • Seeing all the coming changes is really exciting and I’m looking forward to playing them. I do have a couple questions after reading the blog entry though, about hardware.

    What is going to be the minimum levels of hardware to support all the new features?

    Are you or Netgate going to be able offer something in the $200.00 range for the low-end market, folks with small networks and not a lot of speed or traffic? The new SG-2440 looks really nice but the price is out of what I can justify for my needs.

    I’d really love to move on to the new 3.0 if at all possible at my price point, sounds like a lot more fun than staying with the legacy 2.X releases.



  • The PCengines APU is 64 bit, 2GB or 4GB real memory, 3 NICs and in that price range. That provides a suitable base system for me in the low-power-consumption, small office/home office niche and it should run pfSense 3.0 with no problem. And there are other low-end 64-bit systems out there also. With the ARM on FreeBSD things happening, I would guess there will be low-end 64-bit ARM hardware that will also meet the low-end needs.

    Roadmap looks good. Separating the GUI presentation code from the input validation from the backend implementation is really needed. Then other bits like pfCenter can have well-defined interfaces to use to make multi-system config changes and get monitoring data…

    If Python turns out to be the major selected language for a lot of the code, then thanks for the opportunity to learn another language 😉
    What ever happened to good old that some of us know (and loved?) Cobol, Fortran  😕



  • COBOL and Fortran in a forum thread and the late, great FZ invoked in a pfSense blog post.

    So now I feel I can post some details of my first computer.

    Yeah, Python sounds good as a new language.

    Edit by GruensFroeschli: i fixed the link



  • I tell people that programming is a never ending game of catchup.  That every single time I have a reason to code something big I have to learn a new language.  Its pretty much true.



  • @kejianshi:

    I tell people that programming is a never ending game of catchup.  That every single time I have a reason to code something big I have to learn a new language.  Its pretty much true.

    Code more “something big’s” and then you won’t have to learn a new language every single time.  Just every other time.  😉



  • Ehhhhhhh.  Sounds like so much work….  haha



  • @phil.davis:

    The PCengines APU is 64 bit, 2GB or 4GB real memory, 3 NICs and in that price range.

    But the Realtek NICs are awful.

    Be aware that Pascal is on record about engineering a replacement in the short-term. (EOY, I imagine.) The next PC Engines board has a Jaguar (so: AES-NI) 2 or 4 core CPU, 2 or 4GB RAM (ECC on the 4GB model) and (wait for it), Intel NICs (I imagine these will be i217/218 class.)

    I took this into consideration for 3.0.

    Our low-end strategy is the C2000 Avoton/Rangeley series of SoCs.

    @phil.davis:

    Roadmap looks good. Separating the GUI presentation code from the input validation from the backend implementation is really needed. Then other bits like pfCenter can have well-defined interfaces to use to make multi-system config changes and get monitoring data…

    If Python turns out to be the major selected language for a lot of the code, then thanks for the opportunity to learn another language 😉
    What ever happened to good old that some of us know (and loved?) Cobol, Fortran  😕

    I wrote a lot of Fortran in my youth.



  • @NOYB:

    Thanks for sharing with us the road map.  It’s nice to know where the chauffeur is taking us.

    Any mile stone timeline goals, estimates, hopes, wishful thinking, anything?

    Thanks

    New hardware in q3.  That’s all the hint I’ll give.



  • @kejianshi:

    Ehhhhhhh.  Sounds like so much work….  haha

    Indeed.



  • I might consider it - I have time now.  I used to be pretty good at it, relatively speaking (-;



  • It would be great to see Apinger’s issues called out with a action plan sooner vs later as I have provider issues and graphs that are unusable in helping to get these issues fixed


  • Employee

    @grandrivers:

    It would be great to see Apinger’s issues called out with a action plan sooner vs later as I have provider issues and graphs that are unusable in helping to get these issues fixed

    There’s always cacti, etc.  pfSense doesn’t have to do everything. (Not that I don’t want apinger fixed/replaced, but if it’s broken get another tool.)



  • @grandrivers:

    It would be great to see Apinger’s issues called out with a action plan sooner vs later as I have provider issues and graphs that are unusable in helping to get these issues fixed

    apinger needs a re-write.  It’s garbage code.



  • Wow!

    There is just something magical reading the project map for 3.0 while feasting on a Cadbury’s almonds and raisin chocolate bar.

    But…any consideration for the Wireless ISP guys? No MPLS implementation? No MIPS hardware as yet? Can these be options for consideration for small ISP types?



  • Fortran IV - holes in punched cards can be seen. And the 6 position is marked usual.  😉
    Python? Programming with spaces? Loss/extra space and the program behaves unpredictably? Forget copy/paste, move pieces of code, and so on?
    Great…  😞



  • @jits:

    Wow!

    There is just something magical reading the project map for 3.0 while feasting on a Cadbury’s almonds and raisin chocolate bar.

    But…any consideration for the Wireless ISP guys? No MPLS implementation? No MIPS hardware as yet? Can these be options for consideration for small ISP types?

    Did I say there would not be MPLS, or GRE support?

    No, I did not.  It’s a path, jtls.

    In any case, 2.x is always an option on existing hardware.


  • Administrator

    @Michael:

    Fortran IV - holes in punched cards can be seen. And the 6 position is marked usual.  😉
    Python? Programming with spaces? Loss/extra space and the program behaves unpredictably? Forget copy/paste, move pieces of code, and so on?
    Great…  😞

    If it forces us to maintain proper style and spacing, it’s not a bad thing.



  • @jimp:

    @Michael:

    Fortran IV - holes in punched cards can be seen. And the 6 position is marked usual.  😉
    Python? Programming with spaces? Loss/extra space and the program behaves unpredictably? Forget copy/paste, move pieces of code, and so on?
    Great…  😞

    If it forces us to maintain proper style and spacing, it’s not a bad thing.

    python is a lot like lisp without the parenthesis.  Once you figure that out, it gets easy.



  • @gonzopancho:

    The next PC Engines board has a Jaguar (so: AES-NI) 2 or 4 core CPU, 2 or 4GB RAM (ECC on the 4GB model) and (wait for it), Intel NICs (I imagine these will be i217/218 class.)

    Intel NIC’s? That is awesome, where did you see this?


  • Administrator

    @Michael:

    […]and the program behaves unpredictably?[…]

    Forgot something:

    Unpredictable behavior will most likely be caught by the copious amount of unit tests we’ll surely be adding during the rewrite.



  • @router_wang:

    @gonzopancho:

    The next PC Engines board has a Jaguar (so: AES-NI) 2 or 4 core CPU, 2 or 4GB RAM (ECC on the 4GB model) and (wait for it), Intel NICs (I imagine these will be i217/218 class.)

    Intel NIC’s? That is awesome, where did you see this?

    Pascal told Chrs months ago.



  • Sounds like nice hardware.  These will work well when its 32C outside, hotter inside and no airconditioning?  (Its a serious question)



  • I don’t design the PC Engines boards.

    The RCC-VE & RCC-DF will.



  • Totally

    @gonzopancho:

    apinger needs a re-write.  It’s garbage code.



  • rewrite can’t happen soon enough dual wan failover is what brought me to Pfsense on my connections it no longer works



  • @gonzopancho:

    …The next PC Engines board has a Jaguar (so: AES-NI) 2 or 4 core CPU, 2 or 4GB RAM (ECC on the 4GB model) and (wait for it), Intel NICs (I imagine these will be i217/218 class.)

    Do we have anywhere we can get more info on this? Sounds like it’s worth waiting for before my next upgrade!

    Thanks,
    Supe



  • They expect the new board mid-2015 and it’s also expected to deliver full gigabit transport with pfSense… (called 'em and asked).



  • Blocks declared using whitespace!!! Gotta be the dumbest idea ever…


  • Administrator

    @jcyr:

    Blocks declared using whitespace!!! Gotta be the dumbest idea ever…

    I’ll take that over an unreadable perl script with no whitespace any day of the week. 🙂

    See above, re: coding style.


  • Administrator



  • @jimp:

    Also: http://www.secnetix.de/olli/Python/block_indentation.hawk

    Mice were crying, injected, but continued to eat a cactus. ;D

    50% of the source code holds significant whitespaces. Tabs canceled because for 20 years and have not decided what to do with them.



  • @jimp:

    @jcyr:

    Blocks declared using whitespace!!! Gotta be the dumbest idea ever…

    I’ll take that over an unreadable perl script with no whitespace any day of the week. 🙂

    See above, re: coding style.

    Well, yes, it is an advantage Perl. Read compressed JS is also impossible, but one press of the button in the editor and we can see the code in your favorite style to us. Just Perl and the vast majority of system programming languages so may, not only C-like, but Python - no. 😉


  • Administrator

    Because you can’t mangle python into an unreadable mess in quite the same way, so it’s not necessary. 🙂



  • That’s what I watch a lot of programs available in Python byte-compiled code. Suddenly anyone in any wrong editor will open.  😄



  • Wot?

    I design the API in the lift line.



  • You’ve clearly put a great deal of thought into the roadmap, and I’m impressed.The recently announced Intel Xeon SOC will be very interesting with v3.

    One thought/suggestion regarding packages- have you thought about enforcing a rule that requires all third party packages to have a separate jail? Freenas does this now, and it improves the security and stability of the platform. It will make creating packages a bit more work, but with COW ZFS you won’t waste disk.

    (You are migrating to root on ZFS I hope).



  • @fatsailor:

    You’ve clearly put a great deal of thought into the roadmap, and I’m impressed.The recently announced Intel Xeon SOC will be very interesting with v3.

    One thought/suggestion regarding packages- have you thought about enforcing a rule that requires all third party packages to have a separate jail? Freenas does this now, and it improves the security and stability of the platform. It will make creating packages a bit more work, but with COW ZFS you won’t waste disk.

    (You are migrating to root on ZFS I hope).

    Yes, we knew about Broadwell-DE (the codename for Xeon D), and kept it in-mind while evaluating our options.  We have a future product based on BDE in development.

    root on ZFS: perhaps even for embedded.  The issue here is that ZFS eats ram for breakfast, and lower-end systems don’t necessarily have same to spare.

    We’re quite aware of what the guys at iXsystems are doing with FreeNAS and PC-BSD.  First step here is to get to ‘pkg(ng)’ on pfSense.



  • @gonzopancho:

    Yes, we knew about Broadwell-DE (the codename for Xeon D), and kept it in-mind while evaluating our options.  We have a future product based on BDE in development.

    root on ZFS: perhaps even for embedded.  The issue here is that ZFS eats ram for breakfast, and lower-end systems don’t necessarily have same to spare.

    We’re quite aware of what the guys at iXsystems are doing with FreeNAS and PC-BSD.  First step here is to get to ‘pkg(ng)’ on pfSense.

    ZFS only really eats RAM when deduplication is used. The COW capability of ZFS combined with Jails is light years ahead of Docker et. al.

    I agree that getting pkg working is the first step, and I love that you’re getting rid of PHP!


 

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy