Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Anyone Else Having the SG1100's Drive Fail on Heavy Remote WireGuard Use

    Scheduled Pinned Locked Moved
    Official Netgate® Hardware
    3
    6
    356
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      StokedOnIt
      last edited by StokedOnIt

      Is anyone else having the SG1100's drive fail on heavy remote WireGuard use?

      I have had 2 x SG1100's drives fail on me after about 1 year. Those were not all WireGuard, though; IPSec/PPTP at first and later Wireguard later for the second.

      I may have the same issue with a 3rd SG1100 unit I purchased after the other 2's warranties expired, and Netgate would not replace them. The first failed and bought a second; the second failed a year later and bought a third.

      I am only remote 7 hours away for the next three weeks, so I cannot physically check. Still, I only receive a few Kilobytes after handshake/connecting to WireGuard from remote, and I cannot truly connect. It sort of looks like the same symptoms that the last failure had: very slow drive performance right before full drive failure.

      I have been a network security consultant for the past 30 years. This new one has only been connected to a CyberPower UPS, so it isn't a power issue. On the RJ-45 side, WAN is a brand new Netgear Modem, and LAN is a Netgear Switch, then Netgear WiFI, etc.

      Please let me know if anyone else is having this issue. I may have to switch to Cisco Firepower 1000, which I really really really do not want to do.

      S 1 Reply Last reply Reply Quote 0
      • S
        SteveITS Rebel Alliance @StokedOnIt
        last edited by

        @StokedOnIt You can check write life remaining via : https://docs.netgate.com/pfsense/en/latest/troubleshooting/disk-lifetime.html

        Any packages installed? Some heavily recommend an SSD.
        https://www.netgate.com/supported-pfsense-plus-packages
        Or heavy logging for some reason?

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote 👍 helpful posts!

        S 1 Reply Last reply Reply Quote 0
        • S
          StokedOnIt @SteveITS
          last edited by

          @SteveITS Thanks for replying; there are no packages besides the Wireguard stuff. Should not be doing excess logging and I will check the drive write life. Still, it should last at least 5 years.

          S 1 Reply Last reply Reply Quote 0
          • S
            SteveITS Rebel Alliance @StokedOnIt
            last edited by SteveITS

            @StokedOnIt In a vacuum I’d agree. We haven’t set up many 1100s, specifically, for clients but in general I don’t know that we’ve seen a drive failure [edit: on any model]. Though we do things like turn off logging of the default block rules and often set up a RAM disk.

            Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
            When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
            Upvote 👍 helpful posts!

            1 Reply Last reply Reply Quote 0
            • stephenw10S
              stephenw10 Netgate Administrator
              last edited by

              Mmm, wireguard itself doesn't log much. I wouldn't expect that to affect it by itself.

              1 Reply Last reply Reply Quote 0
              • S
                StokedOnIt
                last edited by StokedOnIt

                UPDATE: Well, it looks like this issue is the ISP's (Optimum internet of California) fault. The signal sending from the modem wasn't strong enough to send more than a few KB back per minute. The issue is completely on their system's end, as we are using a brand new DOCSIS 3.1 Netgear modem.

                1 Reply Last reply Reply Quote 1
                • First post
                  Last post