Addressing Licence Changes to pfSense Plus Home and Lab

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
welcome to a special live stream because apparently no one thinks I have internet access or something because they feel the need to comment on every nonpf sense video that that apparently neate change your license and I was aware of this this morning this is why I have forums where there's also a discussion going on about it but let's start with the changes and I'm not here to Doom and Gloom with the rest of you you are just throw hate although you are absolutely correct that this was not communicated well was why would you make the changes have people complaining of forums make changes to the site before the blog post seems like the blog post should come first to let people know hey this is a decision we're going to make and wind it down but I don't run negate and by the way I will actually I'll show you something real quick here's I've been a neate or more specifically pfSense if anyone recognizes this old logo I've been using pfSense forever my relationship as I like to disclose is nothing more than a user who does occasionally talk to people who work for netgate because they have let me have products at a slightly Early Access uh and I've done reviews on that's it that's my entire business relationship I'm not even a reseller checked your website I just happen to do a lot of videos on firewalls and I've been working with open- Source firewalls for let me share this tab real quick to give you an idea um if anyone can recognize just based on the text on there what firewall I'm running bonus if you can throw that in the comments here uh but this is from 2002 uh happen to have a camera and this was my old firewall set up from over 21 years ago so I'm no it's not news to me working in the old open source world and then I had monowall Smooth Wall all kinds of different uh wall that was included in many of the Linux and then of course monowall being being a BSD and then pfSense and everything else so I'm a longtime person who's been inside of this which is why I wanted to talk about it here so this is pretty simple and we're just going to jump right into what the changes are officially from negate because they have a blog post now I didn't really want to make a full produce video uh that's why I'm just doing this live I'll try to answer some of the questions but this is not to be the end all Beall for license changes I'll do a more concise video later because who knows this happened seemingly a little bit quick so I'm going to go with there may be more changes coming from neate so why do one video just start with a live stream to address the elephant in the room addressing changes to pfSense plus and H laab today we're announcing the home lab version of pfSense plus the commercial Fork of the open source firewall pfSense is no longer available for free download the decision to stop offering home lab home plus I say home lab it's home and lab those were two separate versions one version was for home users one was for people who want to set this up in a lab you get pfSense plus and yeah they've discontinued it so I'll leave this blog post of course is linked right into this video and the reason they're doing it and this is important at least from their perspective here decision stop offering the home plus lab version of pfSense was made in order to align with netgate's business model to better serve worldwide customer base and partners while continuing to invest in development of product support further unauthorized redistribution of pfSense plus h lab is a growing Challenge and multiple Appliance vendors downloading pfSense homelab commercial version of the software and installing it on their own appliances which then they Zen sell on multiple marketplaces and their own websites in addition to copyright violations on legal issues this elicit activity puts our value relationship with all of our stakeholders in Peril um you can find these on eBay there's no doubt Amazon eBay probably numerous other places where companies preload these with pfSense the non- netgate one and I get that that's a problem but I think this could have been handled differently but I don't run pfSense so this is not my decision to make I'm just like all of you except I have a YouTube channel as well that doesn't I do a lot of tutorials on pfSense but I'm really not different than any of you and any of this but the part I want to get clear because this is the question a lot of people have is what does this mean for the future and because they're still offering the Community Edition although every version of the Community Edition according to every doom and gloomer for the last eight years is the last version of the Community Edition it still has not died the C version you can still convert back to now unfortunately and I believe it says that right in here uh upgrading from pfSense C to pfSense plus nope we want to do the opposite what happens to my current install of pfSense of home and lab if you currently have PSN home laball you can continue to use it as we continue to transition away from the free home plus lab the ability to get media updates and Bug fixes features may be limited and require tax subcription if you need to reinstall version you will be unable to provide a no cost upgrade path from pfce now the good news is if you are running the current as of October 25th 2023 here version you shouldn't have any problems reinstalling pfSense CE 2.7 and that config file should work so I don't think there's any ISS with that I haven't absolutely tried that but it shouldn't be a problem because I don't believe there's anything different in the config files so you can just go back to running standard pfSense CE but the thing is the it it's aggravating to me because they pushed plus that's the best way to describe it they're like hey we should use plus they did a blog post and they had this Plus for you know I think it said oh let's get the dates right so I don't want to be wrong about this so let's pull this back up and I believe the plus started in yeah right here February 14th Happy Valentine's Day uh is when they started offering the home Edition for home users and I had done a video like hey let's use this and I love some of the Fe well I I really didn't think the features were huge except I loved the boot slicing thing loved it that was just having the boot environments awesome like that as a feature that's probably the biggest home lab feature that you get out of it though the other features aren't exactly as is exciting for it so yeah that's how it's going to be like that's it you're not going to be able to um get that feature now unless you buy their more expensive license now from a business standpoint just so you know I've deployed absolutely a ton of not just for our managed clients but Consulting and everything else and networks we built for lots of customers the netgate appliances so this is actually no effect on any of them from a business standpoint the bigger audience that I have that watches these videos I mean there's a lot of business audience as well but obviously the home lab people that I am enthusiastic with and love getting people in technology are going to be the most directly affected that listen to me to say hey let's support plus and I feel bad now because well now it's got to be switched back to CE unless you would like to pay for the license and I don't understand this is the part that I'm hoping netk clarifies at some point what happened to the $129 deal I think a lot of Home users would have been happy to pay 129 I think the companies violating the copyright would not be happy to pay 129 therefore it wouldn't work for them to try to you know keep loading this on Appliance I think there's a happy middle and I don't think we it's just most things I I don't think neate found the happy middle personally maybe they're going to have a blog post later so I'm throwing this out there because I was like this is a problem you you've switched it but if they would have just went to that 129 I don't think when I talked about it I didn't have any hate in the comments and this has been discussed on Reddit a lot like hey 129 a year for a firewall that's doesn't seem unreasonable you know there's always someone that says if it's anything more than free um it's unreasonable but for the most part I would say the community was happy about it but instead they've decided that well it's not a thing they're just dropping it and now the and we can go ahead and pull up the pfSense where you bu the license now because there's a price on this so let's pull up their site software subscription throw it back up on here because this is the current as of October 25th of 2023 it starts at 399 and or $799 for their Enterprise support if I I think they would have done good to just say you know we said at some point in the future because that was what the statements if you go back to February of 2021 or two they said when they came out with this they're going to have pfSense at some point in the future cost $129 a year I think that's very reasonable for people to build it on their own Hardware 129 a year you get kind of a basic level of support but cool you get the plus version I don't understand why they dropped it there's something I'm missing and don't understand and I see it that way because I don't run pfSense I like the company I should say I don't run netgate I do run pfSense actually but specifically netgate so I don't necessarily understand that change but there's another elephant in the room I do want to address and it's not a popular topic and I'm not really sure how to approach it so I I did a little bit of a write up in my forum and this is just back to me working in open source for a long time watching all these projects come and go and this is a real hang-up right here of the things you have to deal with somehow and everyone wants their free firewall I get it and people like open source because it's free I get it but look at red hat look at all these companies there are some big contributors to open source that you have to address because if these companies whether you like them or not don't exist and don't contribute the projects shrivel up and die that's just the way it works and if you start looking closely here and hopefully you guys can read this on the screen this is in my forums there's a link to this it's easy to find in my Forum because it's titled pfSense license changes it's going to be a hot post but please note who's don't code back to this this is one of the things I pointed out and this is something I wrote up in my forums that whether you like netgate or Juniper in there too but Rubicon netgate the contributors as a matter of fact they're contributing more than Juniper and by the way Juniper's also based on free BSD these are not insignificant contributions Juniper Networks and Rubicon why would they commit so much code to the open source thing well because it benefits them but inadvertently it benefits anyone who builds firewalls all off of this which is going to include open sense so while the pitchforks are out and everyone wants to just hate on netgate and hey like I said they miscommunicated this this is not in defense of but it's an understanding of the ecosystem that I'm preaching here of you have to understand that this ecosystem does require someone to contribute code back or the ecosystem for firewalls fails now Netflix is a huge contributor but I don't think and I could be wrong but if you went through the commits that NE that Netflix is pushing back to FreeBSD yeah I don't think they're going to be all about uh making firewalls work better or anything like that I I can probably guess that uh chel IO does but Nvidia probably has different interests as well in what they contribute there so you kind of have to look at the commits and breakups and it's by the way you can look up like sponsor commenor people broke this down for Linux as well I've left the source to this this is actually from the FreeBSD Foundation this year and this is just something you have to deal with so you can actually have a update and all of the features keep coming through for open sense if FreeBSD doesn't get contributions to update the firewall because missing from this percentage breakdown is open sense which the reason I bring up open sense is because and Let me refresh the page again to I want to see like the open sense counter um okay we're up to 38 comments on here in this Reddit post uh I'm switching to open sense or people talking about open sense which is fine I don't have a problem with people who want to use open sense people like try to people love commenting that that's fine I don't have a problem if you would like to switch that's completely your prerogative to do so and it's just something to consider that we have to think about the entire ecosystem on this now I just wanted to get that out there this is not the end all Beall for this particular topic I know this is going to go on I am concerned with it I have reached out to neet Kate and their reply so far has just been hey let's have have a uh we're going to do a blog post on it I said great and um I know at some point because I do you know I know a couple of people there so I said hey what's going on guys and maybe we'll have a talk and I can have a more informed decision and maybe they can update some of the release that's why I wanted to do this video now to say yes I'm completely aware of it yes I think some of it's kind of dumb I wish they would have handled it better but this is where we're at and uh we just have to figure out what's going to happen next and go from there there not there's not like a uh easy option for this of we're just going to use another firewall and all that because someone still has to write all the code that goes into the kernel that updates the drivers that makes all the things happen to make this usable now I'm going to run uh down here and see if I can answer a few questions before I wind this down some people saying make it backup and install it yeah I predictably people saying I'm happy with open sense that's fine I use open sense if it what makes you happy looks like IP fire there we go people people recognize that one uh it's actually going to be um back then which would I have used I have to look up which ones were available because I want to say it was IP cop IP fire came later and IP cop was in the first post I had shown about that uh let's see oh this is probably a good question if you have a negate Appliance you still get pfSense plus so you just if you need to reload it now as far as CE I think you have to ask them for it I don't that would be with the arm version it's very specific to the arm models that negate use so you have to reach out to them to get the appliance versions uh for their arm devices and well actually any of them if you want uh the reload that's you just open up a ticket with negate for that let's see I don't know if this will work you have a product key in your email well this will be honored if I do a clean install do you happen to know I don't think so I don't think that'll work negate following IBM and red hat it's a tough thing um you have to figure out the balance between making money on this I think they're missing an opportunity by not charging 129 but that's my opinion and I hear other people agreeing with me 120 in a year I'm okay with I don't need most of the pro features it's I mean from a business standpoint $3.99 is cheap matter of fact as a business I want to say just some of the Arista stuff because we have a project that required Arista and for those of you who don't know how much some of the you know even the Arista equipment c i we're like 30,000 into just a few switches and things like that when you start looking at even the Cisco equipment and some of those other firewalls you're talking about a substantial jump in price it's not even on the same scale as What netgate charges for Price uh that's why we like it and it's why why we buy so many appliances from our business use case but I always like encouraging people to use this I just you know I'm not going to go over what I said earlier but basically it's the same thing like I wish they didn't change it but here we are sounds like I'll be dropping back to CE yeah I mean I I [Music] am Jason yes I did go live uh me and Jason slel were talking about this uh Jason's president of cnwr and was a discussion that me and him had just early today we're talking about how BSD is really dying so to speak he I think the words Jason used was uh the bstd mailing list is kind of becoming a ghost town the Jason's a longtime BSD user by the way and yeah it's not what it used to be and this means we kind of rely on these couple companies propping it up you know back over to looking at this you got Clara systems who I believe does storage and ZFS um so you just don't have a massive amount of commits from other companies this is um a narrow focus and the Linux version of firewalls yeah we're not talking a lot about those because outside of open wrt the Linux firewalls aren't what they used to be either those have mostly just fallen behind on features and things like that so it's kind of it's a big challenge Weather Channel Apple Etc most moved on yeah what happens if BSD dies well if BSD dies uh so does everything that's going to be based on BSD essentially if there's not enough contributions now it's not it's not like it would die in the same way necessarily but if you had let's say if the people who interested in using BSD as a firewall stop contributing such as going to be your negate and Juniper Networks then it's not likely you're going to see new firewall features or enhancements come through to the BS SD Netflix has their own use case because Netflix uses it for streaming and so they are a big contributor for the things that they're most interested in now the nice thing about the way a lot of this code Works they are interested in building better streaming service so they contribute codeb which means that you get better streaming from the project even if you're not Netflix anyone who wants to you know use whatever their enhancements that are being contributed in there they get those back and that's great but if these companies stop using it this becomes a challenge this is a challenge with yourass this is partly and just the way things kind of worked out is you have a challenge of let me get some water real quick in keeping the interest aligned in the companies that contribute to it and ah it's it yeah someone said isn't Apple BSD yeah but you notice Apple's on a list um Apple's not but we just pull back up anro Apple's not on a contribution list and Apple's not exactly free BSD it's it is but it isn't that's a different the how you get the derivatives because uh if I'm not mistaken PlayStation I don't know if it still is but I know the earlier PlayStations I believe for free BSD as well uh someone can correct me in the comments if I'm wrong about that but I believe they were based on at the core BSD but if the license doesn't require you to contribute back well that's what's going to happen is it's not going to there's not going to be any contribution back um I don't think they're going to grandfather anyone in on on the license like it's not you're I have for example a non- netgate appliance I purposely load and use with my pfSense home Edition and this is still working right now I'm I'm using it to stream this live to you it didn't die it still seems to get updates so I don't think they're going to get rid of it but at some point uh you're not going to be able to probably upgrade to the next release cycle would be my assumption uh this is some clarification that I think they could probably use in there open uh wrt is pretty cool um that project is one I've actually wanted to take a look at because I wanted to test it some more as an alternative um but they always seem just kind of yeah that not as polished as pfSense was as far as especially because I use it for so many Advanced things uh the Apple user space was originally for EBS the next step in Colonel IRC but it's been forked a long time yeah it's so custom it's not really BSD it's that was probably a better way to describe that okay so yeah PlayStation 4 is orbis uh OS a fora for ebsd as well not a reasonable Target price for strickly homies for pressional of budgets no big deal yeah blog post is up from negate yep I have that uh Alexi I do have that um uh in the in the for in the links down below yeah last time I looked at it it just felt I see someone else called it clunky I'm assuming that's what they're talking about it and this is kind of my answer right here for home use you can still use PFC CE there's the only thing you're really in my opinion like your big thing you're missing out on with pfce is the boot environments I think that's a really cool feature and it sucks that now you would have to pay $3.99 a year to get boot environments I think I don't know I I really think pfSense missed the boat on that 129 I know I said that earlier but yeah I'm not going to keep this going for too much longer um and yes open WT is definitely more targeted routers but it's kind of interesting because they have for the zema board an open wrt uh install but open JT just doesn't uh feel polished is the way I would Des CBE it you know that's the that that's probably easy just the simplest and it's been a while since I use it but every time it just I don't know and it doesn't feel as easy to load it doesn't feel to be as well documented so these are all just kind of uh big challenges that you face if you're trying to use that this is what you're missing out on for anyone who hasn't seen it I seen someone asked I'll throw this in here you know this is the system boot environments that you can set up so you can just reboot it to a different environment now if you have a p if you have negate device this doesn't change anything for you by the way if you didn't hear that earlier but if you are like myself and this particular one it's because I wanted to do something that the home community that I talk to a lot is doing this is an appliance that is not a negate Appliance and it's still working so far so uh open WT is a fun Tinker toy but not great for production use yeah it and someone says open WT is like N64 so be versus PS4 I that's how I felt when I looked at it last so I'm glad it wasn't just me I I sometimes think I might be biased because I know pfSense so well and I'm like ah you know I feel like a lot of things are missing and stuff like that but yeah uh for businesses 399 is a sales tax for some commercial options uh yeah that's negate still from a business standpoint and this is what we do at cnwr that's where the teex side of things go for those you don't know aler systems is where I produce all the content cnwr is where everything else is and yeah that's um at cnwr we we still look at that as a really reasonable cost compared to other options when you start looking what else is out there and I mean granted there are things missing from pfSense and when people say my use Cas is I really need great lever layer save and filtering I will steer you away from pfSense if layer Sav and filtering is a requirement I'm sorry PF sense is not it if you would like a centrally managed Syra cotta or snort IDS system sorry pfSense is not your if that's your on your requirement list you're not going to get a recommendation for me to use pfSense simple as that and Jason's Point not here to beer licenses have always been restricted for PFS plus from production business use yeah it's ah it's just different how I don't know it's aggravating that they're doing all this there is no that's why I made the video here but I'm not here to dump on them I'm here to just talk about the big picture the FreeBSD elephant in the room that if neate doesn't contribute codeb back and many other people yeah that's uh G to be a challenge and the other side of this because I see I don't know how many more people have mentioned uh oh Vios cool we got a Vios mention awesome Vios is cool the The Challenge and this is where when we Fork out to what are we going to use instead is what you know the community whenever the community is unhappy they vote with their free download somewhere else because you're not punishing netk by not downloading the free version from them you're just choosing a different version where you're putting a download there ultimately though what makes pfSense so popular and why I've done so many videos on it is one it works two there's a ton of documentation I am re as someone has so eloquently said on many of my videos Tom all you really do is rtfm make it into a video and I'm like yeah somehow I made a YouTube channel that has a whole lot of me reading a manual and then doing a video tutorial um that's not wrong but that required documentation to exist this is where PF senses excelled is keeping really good documentation that is something to be said still and it makes it hard to switch so for those of you looking for the solution the now solution because you want to do something well you can just switch back to CE but if you don't have to do anything today because nothing broke today other than if you're going to load fresh today you're going to load version CE and best I can tell and I will do some validation on this and confirm all of it you can load using the same XML file that you download from your current home plus Edition the whatever the current release model uh is of October 205th of 2023 and then you can load that config file into CE and it should work perfectly fine so you don't have to reset everything back up let's see here uh I don't understand that question yeah open source has fueled the products now they think they've gotten big enough that they don't need that uh time will tell this patter open source stuff stay tuned in general uh I I'm I'm a big fan and if you follow me on whatever elon's calling today I think it's X or Twitter and Linkedin and other socials I've posted the series from Cory do about the inen ification cycle and that's what we're always watching to see if uh companies are going through that you can use boot environments via CLI just not web gooey I don't think think so I believe if you have the C version you can't do it via the uh I there was a discussion someone sent that they thought they should be able to do it that way and it didn't work and I don't remember why it didn't work but it didn't so and here's someone else I use a c version because it works for my needs CE is perfectly fine for most personal usage yeah you're as far as like you have wire guard you have openvpn you have the two most common things people ask about uh you have tail scale there's another one and what else do you need boot environments would be nice but they're not required so the other features that come with it are I don't think is you know uh that big of a deal why do you recommend pfSense so much over open sense uh my biggest challenge I've had in the past with open sense is really the fact that open sense is just a little different not as well documented as PF sense and has a lot more updates those updates uh can be a problem and so I don't always know how to get things done in open sense I might be a final one because I've had things where I don't know why I couldn't make something work in open sense because I tried a couple times and I scratched my head and I'm like this is easy to do in pf sense why isn't this working in open sense could be completely me but my Googling wasn't helping me solve the problem so I got aggravated with it more than once and I tried to actually I was for a while I was going to see if I could do vide videos on both but uh trying to do both just became too much of a challenge for too little value there's other people making open sense videos so that exists there's lot of people documenting it and I haven't tried it in at least a year now maybe two I think it's been two years since the last time almost two years at least since last time I tried it but I have no problem people try it like I don't have any hate for it but uh dco is still in beta but it is a pfSense plus feature so yeah IP set client export I can't really think of that being a popular home user feature um so yeah I that's another one there sofos home is great soos home licens for free um you know and I believe yeah Jason's nailing it right here what I said earlier me and Jason agree we think a lot of like a $100 a year or what they were saying was 129 a year which I whatever $100 a year to to uh get a home lab license makes sense to I bet the majority of the 478 people watching this video right now so hopefully there's a future where pfSense goes you know there's 478 people watching Tom's live stream thousands that will probably watch this later and uh we could probably make a oh I don't know 100 bucks off each of them I mean and and support the project and not have angry people I'm hoping that's the decision they make I'm not anything more than some dude on YouTube who uses pfSense but hey I want to give voice to all of you who probably agree that a hundred bucks a year would be really reasonable uh to do this so uh last time I use open sense the traffic shaper still use IPFW which has a different set of rules you need to use for pfSense you can Alias and put qqing your rules yeah there's there's some Nuance differences on there you know I've done some untangle videos that were never popular um but untangle that exists as well but yeah I I'm gonna wind this down here and I I think uh back to TV later uh yes I think same thing for me I've answered as many questions I don't want to just drag this on forever I'll up repeating myself and that's not very effective hopefully I will have more information at some point in time and maybe PF sense and the netgate will make netgate will make some changes maybe they'll bring back the license maybe there's some reason that they'll add an addendum to why they didn't that would be really cool uh until then well check their blog post that's where the official things are stated feel free to hit their forums up there's lots of discussion going on right now go jump on Reddit and say open sense because I'm curious how many times on these Reddit post people will say open sense Let me refresh it and see how many more times they've said it cu is oh it's still at 38 I'm just you know looking at these Reddit posts and things like that so hopefully this helps everyone at least know that Tom is aware and uh yeah have a good night everyone more news when there is news that's all there is for now just reread that neck Gate Post a couple times and uh hopefully changes in the future thanks
Info
Channel: Lawrence Systems
Views: 65,450
Rating: undefined out of 5
Keywords:
Id: rXI6-E1nc5M
Channel Id: undefined
Length: 32min 19sec (1939 seconds)
Published: Thu Oct 26 2023
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.