Chapters
00:00 Why I Am Not Using OPNSense
01:50 My Perspectives and Framing
02:40 Security Fixes
03:19 FreeBSD Code Contribution
05:34 VPN Performance
07:12 Building on FreeBSD Main
I definitely appreciate your point of view on this and you made some good points. As someone who switched from offense to nonsense, I’ll admit that I didn’t realize it was so slow on some of the security patches (I did realize it was behind on BSD versions).
The one thing I would disagree with, is equating upstream contributions with being “better.” While it is always good for companies that use open source to give back by contributing code upstream, and it undoubtedly makes open source stronger, I don’t think it makes them more appealing than the competition, especially given the requirement that you buy their branded hardware or a subscription to get their full product. Don’t get me wrong, they have to make money somehow, but I’m not sure that would affect my decision.
I am curious on how you still feel about netgate and their shenanigans. Are you so invested in pfsense and as for your company you deploy this everywhere you can’t go back on your word on using pfsense? Do you think that what they have done in the past is worth supporting them as a company?
I still bought a 2yr license for pfsense+, but I do plan on moving away from them on down the road. I still would like to hear from you and your thoughts.
Typo squatting is immature and so is the OPNSense people defacing the pfsense wikipedia page, but if all you do is judge people by their bad actions of the past without the ability to forgive you are going to have a hard time using any open or closed source project.
As I noted in the video we are tasked with securing our clients and pfsense is among the firewalls we use, but not exclusively. CNWR offers Meraki, Cisco, and Arista as part our offering. Also as noted in the video Netagte contributes much of firewall related code to and network driver support to upstream FreeBSD so they are keeping that project going and of course this helps the downstream projects.
And as the title says: “Why I am not using OPNSense” not why others should not use it. Use what makes you happy but that video will continue to be my reply to all the people in my YouTube comments and other forums & social sites as a reply as to why I am not doing videos about OPNSense.
I’m not an OPNSense user and probably wont be in the future and I do appreciate your feedback on this. I am in no way trying to bat for them at all lol.
Those are decent points, the best being the security fixes. The point about VPN performance won’t affect medium/large companies or experienced admins. Code contribution to the kernel is not something a small company should be expected to support in 2024. Where else would you expect small companies (and by implication, socially conscious buyers of said product) to have kernel developers in 2024?!? I know, BSD is a special case, but they are doing this to themselves. I think the only reason you harp on this is because it appears to be a solid punch in their gut. Which it is. But it kind of looks like you are casting too much shade on a small open source community with far less resources.
I should not comment on this b/c I don’t use either of these products. But I have a little free time today and I’m bored.
x.com
Lawrence Systems's Amazon Page
https://www.patreon.com/lawrencesystems