Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Another Netgate with storage failure, 6 in total so far

    Scheduled Pinned Locked Moved Official Netgate® Hardware
    307 Posts 40 Posters 84.2k Views 36 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S Offline
      SteveITS Rebel Alliance @Mission-Ghost
      last edited by

      @Mission-Ghost No Global should mean it doesn’t override the individual settings. I just set it when creating each list so if the global settings aren’t working I profess ignorance. :)

      Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
      When upgrading, allow 10-15 minutes to reboot, or more depending on packages, and device or disk speed.
      Upvote 👍 helpful posts!

      M 1 Reply Last reply Reply Quote 0
      • M Offline
        Mission-Ghost @SteveITS
        last edited by Mission-Ghost

        @SteveITS said in Another Netgate with storage failure, 6 in total so far:

        @Mission-Ghost No Global should mean it doesn’t override the individual settings. I just set it when creating each list so if the global settings aren’t working I profess ignorance. :)

        Well, I guess it should mean it, but in context to some of of us who didn't develop the software, it isn't clear, particularly when adjacent options include "no logging" which apparently could not mean 'no' logging.

        Seems like getting an English major (>gasp!<) intern to help redefine the labels to be more meaningful to customers would be a low cost, easy improvement to the usability of the product.

        In any case, thank you for your generous help clarifying this. My problem is solved.

        1 Reply Last reply Reply Quote 1
        • S Offline
          SteveITS Rebel Alliance @andrew_cb
          last edited by

          @andrew_cb said in Another Netgate with storage failure, 6 in total so far:

          25% of the blocks are not available for wear leveling

          In the same vein, this is a bit of an edge case, but I've strung a few bugs together.

          1. there is a bug in Plus 24.03 and 24.11 where /conf/backup is not limited to 30 files (not auto pruned). Fixed in 25.03. https://redmine.pfsense.org/issues/15994, or the release notes. Workaround is to open the /diag_confbak.php config history page in the web GUI, and wait until it either loads or times out.

          2. there's a longstanding bug in pfBlocker where if DNSBL is not enabled it will still update the config file at every cron interval, e.g. hourly.
            https://forum.netgate.com/topic/174231/pfblockerng-fills-pfsense-config-history
            https://redmine.pfsense.org/issues/14409

          3. there's another longstanding bug in pfBlocker for HA setups where changes are not synced to the secondary router unless one manually runs a Force Reload (not a force update). Thus if you have, say, disabled a list, at every cron/update it will remove it from the backup and then when the same cron also runs on the secondary pfBlocker will add it again, generating two historical config files on the secondary router.
            https://redmine.pfsense.org/issues/15994
            https://forum.netgate.com/topic/179060/pfblockerng-sync-not-working/

          With these, one poster in my thread https://forum.netgate.com/topic/197685/config-history-not-pruning-on-ha-pair-has-3400-files/ has 20000 config files on disk. At our file sizes of ~300k that is in the 6 GB range, though it should be compressed on disk, if using ZFS.

          Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
          When upgrading, allow 10-15 minutes to reboot, or more depending on packages, and device or disk speed.
          Upvote 👍 helpful posts!

          M S 2 Replies Last reply Reply Quote 4
          • M Offline
            marcosm Netgate @SteveITS
            last edited by

            @SteveITS FWIW #2 should be fixed with the version in the 2.8.0/25.03 branch. As for #3 that may be fixed with https://redmine.pfsense.org/issues/16231 though the change may only take effect once the cron job runs on the secondary.

            1 Reply Last reply Reply Quote 2
            • A Offline
              andrew_cb
              last edited by

              Wow, I stop checking the forum for a bit and come back to find that the ZFS patch has been released! 👏

              Thank you to @marcosm @stephenw10 @cmcdonald @dennypage @arri @w0w @SteveITS @Gertjan @fireodo @chrcoluk and everyone else that has contributed to this discussion and process.

              Hopefully, this change will help reduce the change of storage failure for all devices running pfSense, especially those using small-sized and/or eMMC storage.

              It is encouraging to see that additional areas have been identified for further improvements to storage wear and space usage.

              We have progressed a long way from "you're holding it wrong." 😉

              1 Reply Last reply Reply Quote 5
              • S Offline
                SteveITS Rebel Alliance @SteveITS
                last edited by

                I'll add another disk write case, though it's in ISC DHCP which is deprecated. I find "Ignore denied clients rather than reject" sometimes will log the rejection even if the option is checked, which usually results in a log entry every few seconds. Restarting DHCP Server seems to fix it (no log), and at some point later (update? restart? random?) I will find it is logging again.

                Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
                When upgrading, allow 10-15 minutes to reboot, or more depending on packages, and device or disk speed.
                Upvote 👍 helpful posts!

                GertjanG 1 Reply Last reply Reply Quote 3
                • GertjanG Offline
                  Gertjan @SteveITS
                  last edited by

                  @SteveITS

                  "Thinking out loud here" :
                  If a (DHCP) client was set to be rejected, it will do the reject (it will answer "no") and normally, the client should take "no" for an answer - the the sofware is RFC compliant (I guess).
                  Let's consider 'ISC DHCP' as the old generation.
                  But its 2025, the client is probably a new generation DHCP client and won't take no for an answer, do'nt bother with RFC, so it keeps on insisting.
                  Now, ISC DHCP start to log.

                  It's in the admin's authority to take things one level up. It was the admin after all who decided who to serve, and who to reject.
                  Go visit the client, and tell him who is boss in the town.
                  Next step : MAC black list the guy and call it a day.

                  No "help me" PM's please. Use the forum, the community will thank you.
                  Edit : and where are the logs ??

                  1 Reply Last reply Reply Quote 1
                  • J Offline
                    jdstlnet @michmoor
                    last edited by

                    @michmoor

                    fwiw, It appears that Netgate only offers the 4200 with the 128Gb SSD, probably due to the eMMC issues.

                    1 Reply Last reply Reply Quote 0
                    • T Offline
                      tariqali
                      last edited by tariqali

                      Just for reference here's my 6100 MAX failure story:
                      https://forum.netgate.com/topic/198361/6100-max-nvme-failed

                      1 Reply Last reply Reply Quote 0
                      • F Online
                        FSC830
                        last edited by

                        Wow...
                        very interesting thread.
                        I found this just yesterday and it takes me half the night to to read it from start to end 😊 .
                        Actually I am using a SG-3100 device which I switched to SATA SSD abt. 3 years ago.
                        I was thinking about replacing it with a newer appliance, i.e. a SG-4200, thats why I am looking around here.
                        To be honest, there is no technical reason for that, it was just to keep pfSense at the latest.
                        But just this days a new v25.07 was released so I will keep my SG-3100 for a while.

                        And BTW: the SMART values shows the SSD is still at 94% lifetime, so I can run the device may be until a 4300/4400/4x00 is availabe 😁 .

                        Regards

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.