So far I have noticed the usual comments of “I am moving to something else…” but no one talking about the big picture of how open source get’s made and more importantly to this discussion, how FreeBSD keeps getting updates.
The sad reality is FreeBSD is not near what it used to be in term of development and contributors. Without the contributions of Netgate & Juniper pushed upstream, OPNSense does not continue to get as many new features & updates. This has nothing to do with peoples opinions or feelings about how Netgate operates as a company, and I am not here to defend what is obviously a failure on their part to communicate their changes to the community in a clear way (hoping they a have blog post soon).
I am a long time open source advocate but I am also aware of the challenges many open source project face, especially those based on BSD. Like it or not, the reality is we need companies like Juniper and Netgate to keep pushing forward for development related to firewall features or other downstream projects die.
Not clear at this time and also why I am waiting to do the video on this topic until they post some clarification. The good news is you can move back to pfsense CE using the config from the plus version which means you are not stuck rebuilding the system.
What a mess. I agree with your post about upstream contributions, but that goodwill can only go so far. This is such a slap in the face to the community.
It isn’t like they said “plus is free for now, but will require a paid support contract at a later time” … they flat out lied.
I cannot fathom how killing their base of advocates is good business.
The internet wants blood and in this case, I feel it is entirely justified.
I can understand the implications of developing the source code and keeping it current. It obviously incurs a cost. Personally I don’t need the paid support as home user and pretty much all of my training comes from Tom :). However there is also a cost per benefit to look at for us homelabbers and general home users. I have a recycled hardware box that I have installed pf on and is serving me well. Recycling older hardware is something I like to do. Personally I would not be against paying a reasonable fee for the plus version for home use - as long as this cost is in line with use case. For arguments sake lets say a fee of $40 per year for home use - this would ensure contributing to the cost for maintaining the code as well as have access to the more up to date versions. In todays world I think everyone will need to assess their use case and as to whether they will continue with pf. YMMV. Looking forward to seeing what shakes out…
Isn’t the big picture they provide a GUI for all the opensource products they use? Looks like they do kickback code to BSD which is great and all, but is that kind of it? I would guess in the next decade they migrate over to Linux just so save money. Why recreate the wheel in 2023?
Isn’t migrating to Opensene super easy? Read the menus, click a few buttons and voila you’re back in bussiness. But Tom is right, this switch would probably just buy you another 5-10 years. Unfortunately, the BSD problem will only get worse as the years go by.
That is fair. I don’t want to move away from pfsense for reasons already listed and I don’t even care if they make a little money off me to do it. I’d pay for a license, but needs to be reasonable for home use and all the features need to be there.
I also want to be able to trust this company on what they say and they need to VERY upfront about what they want to do going forward and taking feedback seriously. We will wait and see what the blog post has to say.
Had they done nothing they would have been fine. They should have never had this push to move everyone to plus. That’s where I believe the backlash is coming from. It’s been what less than 6 months, and they are already back pedaling on it.
I understand they need to make money. That’s not the issue. As a long time home Linux user, I even have paid software on my machine. However I would have a hard time giving money to a company I don’t trust. They seem to keep changing things. How many of these posts have their been recently.
It’s the reason I’ll at least be giving OPNsense a go this weekend. It seems like as good as a time as ever to try it.
$129/year per firewall for a basic home use is not reasonable. If it was $129/year regardless of number of firewalls, well, that’s something easier to swallow because I have 3 houses I run pfSense at, two of them are houses with 2 firewalls in an active/passive pair that I could live without. But $387/year is more than I am willing to pay for this software. Heck, go to a smaller monthly subscription cost for an account that has the support and allows for multiple firewalls, within reason. Say $10/month or $15/month for up to 5 firewalls, heck I’m on board with that. I know that $129/year is like $10.75/month, but the monthly bill is much easier for home users than the larger bill yearly.
I will be keeping an eye on this.
I think they underestimated those using the license illegally and that’s sadly the crux of the problem, so from a business aspect I understand their reason.
Like most things it depends on your point of view.
If the CE version is maintained then I’ll be ok with that.
If I want the Plus+ version then buying their hardware makes sense, as it will pay for itself after 2 or 3 years, which I think is their main goal.
Don’t think Chinese vendors will be stopped by this move of installing pfSense on their boxes, I really think this is a bit overstated, no businesses would buy such a box and not install pfsense themselves, doubt a user who buys such boxes also would not install pfsense themselves.
Likely to roll back to CE version in due course. Though I note if you are running Plus+ and you want to do a complete restore you won’t be able to go from CE to 23.05.1 any longer whatsoever.
They shouldn’t have introduced a free “Homelab” version of pfSense+ in the first place. I mean, anyone could have guessed that this version would also be used outside of Homelabs and test environments
I think they did it for two reasons:
To get people hooked up with the Plus version.
To avoid a shitstorm from the homelab community which, as we can see now, only has been postponed.
Anyways, as long as they are continue to maintain CE, I don’t really care.
"Additional features: Cryptographic Accelerator Support (such as QAT and IIMB), driver support for a wide range of commodity hardware, Firewall Ethernet Filtering, OpenVPN DCO, as well as many upcoming enhancements, which will not be made available in pfSense CE. "
Another differences between CE and Plus. I’ve got a unit that will be fine with CE and I have other hardware that would be nice to be able to use DCO / QAT / IIMB, but there we are.
I’ve tried Opnsense, it worked ok, but I too struggled / didn’t have the patience to work through everything. I’ve got it turned off in vmware at home atm along with other firewalls that I spin up when I’m bored. I need to get to a stage where I’m happy with xyz config and export. Done the same with pfsense when I return to it earlier this year, pfsense dev box as a VM to base setup.
As you said, mostly “nice to have” features in a homelab, and as long as they don’t start removing existing features from it, I’m fine with using CE.
And of course there is no guarantee that things won’t change again in the future, but that’s the way it has always been in the technology industry. Technologies change all the time, and so do products and services that are built around those technologies. So if a certain product or service no longer meets your needs, you will have to look for alternatives or, in some cases, even pay for certain features.
However, for the foreseeable future, I think most home users, myself included, will be just fine with pfSense CE.
I always found that I pay for IT with time or money. pfSense will likely migrate more toward the money side of this equation.
I find that perfectly fine and natural for a business in this space. How else do they grow revenue if organic growth by advertising with free versions slows down? Companies have to grow to survive.
This is a smart play for them. This is a sticky product. And they can lean on the egalitarian arguments with BSD contributions. Fair enough if you care about such things.
I bet very few people will pony up the time investment necessary to avoid the licensing fee. And probably rightfully so for most people.
