Update from 2.2.4 to 2.2.5 went as a charme.



  • Hi

    Update from 2.2.4 to 2.2.5 on a homebrew C2758 went as a charme as usual (with backups, with all packages installed)

    Thanx guys.

    Wallbog



  • A freshly installed v2.2.4 amd64 a month ago was updated from the Web GUI yesterday (using manual upgrade and auto mode) and it came up with "invalid signature" even though the MD5 of the downloaded file checked out correctly.

    Attempting a console upgrade now. The ping of the updates.pfsense.org site yielded the IP: 162.208.119.39 from India and Singapore,

    The hardware tested was an i5 HP workstation using the 4G NanoBSD install on a 4GB HP usb pendrive.



  • 
    Tracing route to updates.pfsense.org [162.208.119.39]
    over a maximum of 30 hops:
    
      1    <1 ms    <1 ms    <1 ms  pfSense.localdomain [192.168.2.1]
      2     5 ms     5 ms     5 ms  static-50-53-160-1.bvtn.or.frontiernet.net [50.53.160.1]
      3    10 ms     5 ms     5 ms  50.38.7.77
      4    11 ms    10 ms    10 ms  ae2---0.cor01.bvtn.or.frontiernet.net [74.40.1.217]
      5     9 ms    10 ms    10 ms  ae4---0.cor01.sttl.wa.frontiernet.net [74.40.1.221]
      6    12 ms    17 ms    17 ms  ae0---0.cbr01.sttl.wa.frontiernet.net [74.40.5.122]
      7    11 ms    10 ms    10 ms  six.zayo.com [206.81.80.19]
      8    53 ms    53 ms    52 ms  v11.ae29.cr1.ord2.us.zip.zayo.com [64.125.31.49]
      9    73 ms    72 ms    72 ms  v12.ae29.cr1.lga5.us.zip.zayo.com [64.125.31.170]
     10    75 ms    75 ms    75 ms  ae4.mpr1.ewr1.us.zip.zayo.com [64.125.20.70]
     11   100 ms   110 ms   100 ms  xe-0-0-0.mpr1.ewr4.us.zip.zayo.com [64.125.25.246]
     12    75 ms    75 ms    75 ms  208.185.20.242.IPYX-076763-002-ZYO.above.net [208.185.20.242]
     13    82 ms    76 ms    75 ms  cs90.cs99.v.ewr.nyinternet.net [96.47.77.42]
     14   101 ms    97 ms    97 ms  162.208.119.39
    
    Trace complete.
    
    


  • @NOYB: Thanks for the traceroute.

    Finally managed to upgrade using the console option 13 as you described in this post. From a Windows machine could not figure how to set the local path of the downloaded file in the "update from local location" choice. I finally had to take the "auto" choice in updation from console.

    The earlier iteration of updation from the WebGUI failed when the main WAN was down even though the secondary WAN was up. This might be a pointer to modify the image check code on other available WANs if the main one is down.



  • The earlier iteration of updation from the WebGUI failed when the main WAN was down even though the secondary WAN was up. This might be a pointer to modify the image check code on other available WANs if the main one is down.

    The firewall itself just uses the default gateway to get stuff like updates, so if the default gateway is down then that sort of stuff does not come.
    You can enable "default gateway switching" if you have a "standard" kind of installation where all the interfaces with gateways are good routes to the internet. Then the firewall itself should be able to failover its general internet access. But usually anyway I would only do an upgrade when I seem to have a good primary WAN. Introducing an upgrade when there is a primary WAN issue feels like an extra risk that is best avoided.


Log in to reply