On 2010-Oct-29 15:51:40 -0400, Stephen Clark <sclar...@earthlink.net> wrote: >On 10/29/2010 01:40 PM, Jeremy Chadwick wrote: >> On Fri, Oct 29, 2010 at 01:12:29PM -0400, Stephen Clark wrote: >>> I am supporting over 700 units in the field that are acting as >>> firewall/router/vpn devices, >>> that are running 6.3. It would not be feasible to upgrade them to a >>> new version of FreeBSD >>> remotely. Also if I was going to move to a later release of FreeBSD >>> for the new hardware >>> it would involve months of new testing and validation of the new >>> release, where putting a patched >>> 6.3 kernel is relatively straightforward. >>> >> I'm a little confused. Did you deploy over 700 field units running >> FreeBSD 6.3 without testing it first on this particular piece of >> hardware/setup? Or did you recently upgrade from FreeBSD X.Y to 6.3 and >> found that things broke? What I'm trying to find out is whether or not >> these systems ever worked for you, and if so, at what point did they >> stop working. >Sorry for the confusion. We have a mix of hardware in the field. The current >hardware platform we are shipping is going EOL from the vendor. I am testing >the vendors next generation of hardware.
As with hardware, software goes EOL (or at least EOS) as well and the FreeBSD 6.x branch will not be supported by the FreeBSD project beyond the end of this month. Whilst you are free to continue using older code, you will not be able to rely on the FreeBSD project providing particularly security alerts and fixes. I would suggest that your testing to date shows that you will not be able to deploy your new hardware running the same software image as you currently deploy. Your new hardware would therefore seem to provide an ideal opportunity for you to also move to a newer OS (and still supported) version of FreeBSD. You could then choose whether to maintain the older software on the existing deployed base or validate the newer software on the older hardware and older units as required. -- Peter Jeremy
pgpxRiAnUDqbI.pgp
Description: PGP signature