Text only | Text with Images

OPNsense Forum

English Forums => 26.1 Series => Topic started by: GambinoG1 on February 12, 2026, 03:47:42 PM

Title: Clean upgrade from 25.1.7 to 26.1.1 via fresh install + config restore
Post by: GambinoG1 on February 12, 2026, 03:47:42 PM
Hi,

I'm fairly new to OPNsense and would appreciate some advice regarding an upgrade plan.

I'm currently running 25.1.7 and am considering doing a clean install of 26.1.1 and restoring my configuration backup, instead of performing incremental upgrades (25.1.7 - 25.1.12 - 25.7 - 25.7.11 - 26.1.1).

This firewall is in production, so maintenance windows are limited. An incremental upgrade path would likely take 7+ hours, not including potential troubleshooting.

Our setup is relatively simple:

2 VLANs (IPv4)

1 WireGuard tunnel (multiple peers)

Unbound DNS

ISC DHCPv4

Zabbix agent

IDS

Since ISC DHCP is no longer supported in 26.1, I have already configured Kea DHCP to match the current ISC configuration. It is not enabled yet, but I plan to test it thoroughly before saving the final configuration backup.

My question is: would you advise against doing a clean 26.1.1 install and restoring the config? If so, what are the main risks, and what alternative approach would you recommend?

If this plan is reasonable, are there specific areas (services, plugins, config sections, etc.) that I should pay particular attention to after the restore?

Thanks in advance!
Title: Re: Clean upgrade from 25.1.7 to 26.1.1 via fresh install + config restore
Post by: franco on February 12, 2026, 04:32:59 PM
> My question is: would you advise against doing a clean 26.1.1 install and restoring the config? If so, what are the main risks, and what alternative approach would you recommend?

There's no reals pros and cons except maybe the time you spend doing this. You'll lose historic logs but normally not a big deal either.

The most pressing reasons for a reinstall are change of file system (to ZFS) or a damaged install beyond repair or switching the disk.


Cheers,
Franc
Title: Re: Clean upgrade from 25.1.7 to 26.1.1 via fresh install + config restore
Post by: julsssark on February 12, 2026, 05:27:31 PM
How did you arrive at a 7+ hour estimate for 4 incremental upgrades? Is your current install on ZFS so you can leverage snapshots for rollback?
Title: Re: Clean upgrade from 25.1.7 to 26.1.1 via fresh install + config restore
Post by: GambinoG1 on February 13, 2026, 09:12:25 AM
I ran a test VM with OPNsense 25.1 installed and updated through GUI, each update took about 1-2 hours and there were 4 updates totaling 7 hours and 35 minutes. 

I dont mind losing historic logs.

Our main OPNsense is not a VM and our disks are raidz1 ZFS.

Ok I think i get it now.

I will:
1.  Enable Kea (check so everything works with Kea)
2. Create a bectl rollback
3. Backup config
4. Clean install 26.1.1
5. Upload config
If it fails rollback with bectl.
Then do incremental updates starting from 25.1.7.

If you think I'm wrong please let me know, otherwise this is the plan I'll execute.
Text only | Text with Images