OPNsense Forum

Archive => 20.7 Legacy Series => Topic started by: GreenMatter on September 29, 2020, 09:15:22 pm

Title: Backup - restore 20.1.9 in 20.7.3/4?
Post by: GreenMatter on September 29, 2020, 09:15:22 pm

Currently I use 20.1.9 (awaiting final Netmap patch - Sensei/vmx) and I'm wondering whether is better to just update or do a fresh install and restore settings from backup?
Does backup include all settings for plugins and system? On the other hand, Sensei has its own backup...
What's better and more safe choice?

Title: Re: Backup - restore 20.1.9 in 20.7.3/4?
Post by: JL on September 29, 2020, 10:10:15 pm

If you have the ability to deploy a test machine with 20.7 i'd go ahead with that, it appears to not yet have been fully stabilzed in some ways

Title: Re: Backup - restore 20.1.9 in 20.7.3/4?
Post by: GreenMatter on September 29, 2020, 10:20:26 pm

Yes, I could have deployed test instance of OPNsense. But before doing so, I would like to know what to expect and which way is better one  8)

Title: Re: Backup - restore 20.1.9 in 20.7.3/4?
Post by: JL on October 02, 2020, 10:28:38 pm

Quote from: GreenMatter on September 29, 2020, 10:20:26 pm

Yes, I could have deployed test instance of OPNsense. But before doing so, I would like to know what to expect and which way is better one  8)

well eh, deploying a throw away VM with 20.7 is the prferrable way if you are curious

Title: Re: Backup - restore 20.1.9 in 20.7.3/4?
Post by: ThyOnlySandman on October 11, 2020, 01:56:14 am

I too am waiting for netmap patch to upgrade a particular site that cannot afford to have potential issues.

However I did upgrade my own few weeks back.  ESXi7 hosts.  If you like to try.
Full VM backup + snapshot.
Disable Sensei from auto boot.  Disable Suricata entirely.
Upgrade VM via ISO.  Update Opnsense / plugins post upgrade.  Reboot if necessary.
Run "opnsense-update -kr 20.7.3-netmap" as stated here - https://www.sunnyvalley.io/post/opnsense-kernel-netmap-status/
Reboot.  Upgrade Sensei.  Start sensei leaving auto boot off.  Test - if VM goes into kernel panic / reboots.
If good can enable sensei auto boot & try enabling Suricata and test.

I will note that I also migrated my POST upgrade 20.7 config to a fresh 20.7 VM with large vdisk.  Not sure if it was the config migration or the 20.7 update itself but my GEOIP Aliases WAN rules did not work.  I simply had to re-create them and re-apply to existing rules.  Also had to re-disable hardware offloads.  Besides those - using the modified Netmap kernel w/ Sensei in native mode has been stable w/o crashes.  Also have Suricata in inspect hyperscan.