Main container

Author Archive

Happy World IPv6 Launch Day!

Today is World IPv6 Launch day, when many major websites have permanently added AAAA records to make their sites accessible via IPv6. All our sites have been IPv6-enabled (on native connectivity thanks to since last year, running behind pfSense 2.1. Many others are using the current snapshots in production networks.

We’d hoped to have 2.1 released in time for today, but getting to the point we consider full IPv6 support has taken far more work than anticipated. As has become the norm for us over the last several years, we do much more than put a GUI on things, having to implement and/or fix things in the underlying software to meet the needs of our users. There was far more to implement and fix in the underlying software than we anticipated. We have the last major piece addressed this week with CARP IPv6 support now functional. We’re just validating things at this point and fixing some last issues, with the official release coming roughly in the next 1-2 months.

IPv6 isn’t yet a critical need for most every network, but it will be getting to that point quickly. I know many IT professionals have been ignoring it, but it’s time to get up to speed for those who haven’t yet. I encourage everyone to at least start experimenting with it at home if you haven’t yet. For the bulk of us who don’t have an option for native IPv6 at home, our Using IPv6 on 2.1 with a Tunnel Broker document will get you going.

2.0.1 release now available!

pfSense 2.0.1 release is now available. This is a maintenance release with some bug and security fixes since 2.0 release. This is the recommended release for all installations. As always, you can upgrade from any previous release to 2.0.1, so if you haven’t upgraded to 2.0 yet, just upgrade straight to 2.0.1. For those who use the built in certificate manager, pay close attention to the notes below on a potential security issue with those certificates.

Change list

Read the rest of this entry »

7 year anniversary of pfSense

7 years ago today, the name pfSense was settled on, and domains were registered. It’s grown from the volunteer efforts of a handful of people, to one of the most widely used platforms in the world, with a whole team of people making a living working on the project thanks to our support and reseller customers. Thanks to everyone who makes the project possible, and here’s to the next 7 years and beyond!

pfSense exceeds 100,000 known live installs

One of the common questions we get is how many installs are out there. While we don’t have any means of definitively knowing, we do have one metric that can be counted. Each month every system updates its IPv4 bogons list once, pulling from one of our servers. By counting the number of unique public IPs using FreeBSD’s fetch to pull that file within one calendar month, we know how many live installs are out there that have Internet connectivity at least.

October 2011 is the first month that number has exceeded 100,000, with a total of 103,137. We’re adding 3000 net new installs on average every month in 2011, with over 4000 additional installs in October.

This under-counts the total for several reasons:

1. Only versions from November 2008 and newer pull this file from our servers, so it does not include older versions. While I expect the vast majority are on newer versions than that, we routinely encounter systems running versions that old and much older.
2. Some systems do not have DNS configured and hence cannot fetch the update.
3. Some systems are on private internal networks that cannot reach the Internet.
4. Some networks have multiple systems that go out from a single public IP, which we only count once.

No telling how many total installs are actually out there, but it’s definitely in excess of 103,000.

Thanks to all our users for helping us reach this significant milestone!

Hackathon 2011 / EuroBSDCon wrap up

Thanks to many of you who contributed to our hackathon fund. It was a great success. We had 6 developers together here in Louisville. The primary areas of focus were 2.1 development, in the following areas.

  • Moving packages to PBIs – the package system in 2.1 will switch to using the PBI package system, originally from PC-BSD, though also used by some on stock FreeBSD installs. The benefit of using PBIs is each package has all its dependencies included in the package, which eliminates the dependency messes that can happen currently, such as one package requiring a certain version of a dependent package but another requiring a different version, uninstallation of one package stomping on another package by uninstalling a dependency it requires, uninstallation of a package breaking the base system by deleting things it uses (though we already work around that one automatically), easing clean uninstall of packages, amongst other benefits. This will be a great improvement in the package system for 2.1.
  • Read the rest of this entry »

Seeking donations for pfSense Hackathon 2011

In a couple weeks, several of the developers will be coming together here in Louisville for another Hackathon, where we get together and work on various things related to the project for a week, as we’ve done approximately every 18 months since the project’s inception. This year we’ll have 7 developers, from 4 different continents. There isn’t a set agenda, though 2.1 release and IPv6 will be two items (of many) of focus. We like to make sure we can feed everyone, and provide coffee, beer, etc. for 7 days. Plus we’ve covered some travel expenses.

Whether you can just spare a few bucks for a fine beverage at Heine Brothers or Highland Coffee (both of which should be sponsors with the amount we spend there in a week), or enough for a few dozen pizzas, every bit helps!

Donate Here



Interest in US training session?

After our coming session at EuroBSDCon 2011, we are planning to host a session in the US this year. It will be either one or two full days, and I’m leaning towards two but open to suggestions. It would likely be held in our home base of Louisville, KY, easily reachable by air or road.

In our past training sessions at BSDCan and EuroBSDCon, we’ve had between 15 and 70 people. This year looks like we’ll have about 40 at EuroBSDCon. We will have to charge more than the BSD conferences charge for a single tutorial, as they have sponsors who help cover the costs involved. I don’t know how much yet though. I need to get some kind of an idea of how many would attend, so I know what kind of venue. We won’t be selling out the Yum Center¬†with 22,000 seats, but I’m not sure if we need space for 10 or 50. I would limit it to some reasonably low number, like 75 at most and maybe less. If this is something you would definitely travel to attend (depending on dates, cost), let me know in the comments or email.

Live streaming

Some people just can’t afford to travel, so we’ll also do what we can to provide live streaming, or at a minimum it will definitely be recorded for later purchase. Streaming capabilities may be dependent on the facility. We do have multiple 4G cards with pretty impressive performance, so that should suffice if nothing else. I expect we will find a way to offer this via live streaming on the Internet available for purchase. Those people will not be able to interact like those in person, simply watch and listen, and we’d probably bring up a special IRC channel for it.


To get an email when these things get finalized, make sure you’re on our announcements mailing list.


2.0 Release Now Available!

I’m proud to announce the release of version 2.0. This brings the past three years of new feature additions, with significant enhancements to almost every portion of the system. The changes and new features are summarized here. This is by far the most widely deployed release we’ve put out, thanks to the efforts of thousands of members of the community. We also have hundreds of customer systems that have been running 2.0 in production for months and years in some cases. More than 108,000 unique IPs have downloaded snapshots in 2011 from alone, not counting downloads from the mirrors.
Read the rest of this entry »

pfSense 2.0 training at EuroBSDCon 2011

Ermal Luci and I will be presenting a full day training tutorial at EuroBSDCon 2011, in Maarssen, The Netherlands on October 6, 2011.

This tutorial will be a training-focused session, covering many of the changes in the 2.0 release, both from the perspective of a new user and providing information on changes for existing users of the project. Common usage scenarios, deployment considerations, step by step configuration guidance, and best practices will be covered for many features. Many configurations will be demonstrated in a live lab environment. We will also cover the new functionality in pfSense 2.1, which is already being used in production for its IPv6 capabilities.

Registration is now open. We look forward to meeting many of you there!

Most features of the base system will be covered in good technical detail. It will not be simply an overview of features, we’ll do live demos to configure various scenarios, and get into configuration detail for many items.

Future US Date

We’re also in the planning stages for hosting a training session in the US later this year. It will probably be in Louisville, KY and last one or two full days. Sign up to our announcements list to be notified when it’s scheduled.