I did an upgrade to 4.7.2 over the weekend on an SFT1200.
The upgrade worked OK, but I found DNS stopped working, so I reloaded the current release and restored from backup.
I have an always on Wireguard connection and while the routing was fine, checked using traceroute for a target IP address, DNS would not resolve.
The only clue I found was that there was an extra entry for the DNS servers which was populated with the SFT1200's LAN IP address. I tried various DNS server configurations but was unable to get to one where DNS worked. Hence the roll-back.
The VPN connection is configured in what is normally considered to be a Road Warrior configuration.
All aspects of the configuration looked to be running normally apart from the DNS. But that's not to say I tested the functionality of all aspects of the router. I just focused on the DNS issue.
I don't use any public VPN services. All the Wireguard services are running on OPNsense firewalls that I have full control of. The far-end for this one being in the USA. The VPN servers have been running for about 5 years and there were no DNS issues with 4.3.21 prior to the upgrade or after 4.3.21 had been re-installed.
When running traceroute (mtr) to an <IP> address timings were as expected.
ping <domain name> did not work because DNS would not resolve.
Additionally when watching the far-end firewall logs, DNS requests from the router were not seen.
I'll try and do this when I'm back from Europe, around the end of next week.