Upgrade OK

[Rene78]

Just upgraded through UI. Went flawless. Up and running on KPN NLD (IPv4 &IPv6) without issues. Acme and Caddy working. Kea IPv4/IPv6 and unbound combo OK.

[RamSense]

Upgrade went flawless here also. thnx! using Kea IPv4/IPv6 with Bind only, no unbound, Acme & Nginx.

[jonny5]

For your KEA DHCP, you are using IPv4 and IPv6?

Could you share if you are using DHCP Leases to track hostnames, or registering your hostnames in BIND or elsewhere?

I run my own BIND for my localdomain and I keep it tracking IPv4 and IPv6, but I'm a little strapped into ISC data/OPNSense API data, so without an extra box to test feature state transition I've been just waiting to see how it works for others first (KEA is still kinda new).

Thank you for any feedback, it is appreciated!!

[Rene78]

Hi, well I use Kea for ipv6 and v4. For ipv4 I have a bunch of reservations with hostnames that get tracked in Unbound. I also have some infrastructure that is in the same subnet but outside the DHCP pool for ipv4. I use unbound overrides for those to get dns resolution.

For ipv6, kea provides the dhcp and the standard router advertisement daemon in services is in assisted mode. This enables the LAN clients to get an ip from the ISP assigned /48 prefix (LAN interface configured as tracking WAN. WAN configured as DHCPv6). I use two subnets  inside the ISP assigned prefix length to provide two VLANs with separate ipv6.

As for local client IPv6 tracking and reservations as well as DNS, do not use that. Internally the clients get a IPv6 from the earlier mentioned infrastructure and that is routeable through the ISP ipv6 gateway. Internal local LAN traffic is all done with IPv4, DNS ipv4 and a Caddy reverse proxy (https with SSL wildcard certs) where applicable.

For all configurations I used guides from either this forum and/or documentation.

[Meg]

Upgrade was flawless from gui. First time I have had a successful upgrade from gui, usually ended up involving a fresh install for me, but went perfectly this time.

[4r7ur]

Same here, upgrade was flawless on my old apu2c4. Fresh install was back in 2018, since then only upgrades were made.

[Gertjuh]

Upgraded my Topton N100 bare metal installation to 25.7 without any problem.
Unbound and Adguard are working.
Wireguard server and client are working.
Nginx works.
Crowdsec works.

[cast.castovsky]

Hello,
Test installation on Proxmox. Intel i5-9500T, direct WAN on Intel I219-V, bridged LAN on USB (RT8111f)
Simple installation: no VPN, no VLANs.
Suricata, CrowdSec, Zenarmor installed.
No issues. Upg 25.1.11 >> 25.1.12 >> 25.7
Minor issue: HW Probe seems not working (endless "generating"). Reinstallation does not solve the problem.

Great work. Congratulations and thank you!

[Seimus]

Same here did upgrade my PROD unit with ZA, no problems so far all went smooth.

btw @Franco, that new Tabulator? Its a chefs kiss!

Regards,
S.

[xxup]

No problems for me, after removing the microcode (intel) plugin (forewarned by the forum - thank you), via the GUI.  A very simple configuration for home using the ACME-plugin, a few VLANs (for Wireless) and ISC DHCP (IPV4 only).  Caddy is installed, but not (yet) configured.

[BrandyWine]

The only add-ins I using now is the Proofpoint ET-Pro Telemetry free version. Even with the older OPNsense version the lobby dashboard widget for Telemtry Status almost always says "failed to load widget". At one time I did see it give an actual status.
Other than that my N150 mini pc is doing great.

[tofflock]

Upgrade via the GUI was flawless on an old Dell 9020 SFF with quad Intel I350 Gb NW card. Before the update, Intel CPU microcode updates were not installed, neither were legacy support for IPsec and OpenVPN.  ACME, Squid & Nginx all upgraded ok.  Had to manually install the patch (61d289c) to get the dynamic dns widget to display correctly.
Many thanks for all the hard work that goes into making this a well-supported system.

PeterF