Replacing hard drive with CF card
-
I'm also thinking of using CF card as a replacement for my usual hard disk installations of pfsense.
Is it more reliable than hard disk installs? What hardware do i need to connect a CF card as a bootable medium for my firewall?
I encounter frequent software crashes of my pfsense firewalls, even all hardware are new.
Thank you very much. -
Use an IDE-CF-adaptor like the ones pc-engines sell: http://pcengines.ch/cflash.htm
The cfcard will then be seen by the bios like a hdd. It's of course not hotplugable. -
Thanks, Hoba.
My problem is that there is no locally available CF to IDE adapter here in the Philippines. :o
Is it possible to use a USB drive (via the USB port) as a replacement for the hard drive, and would it be reliable enough?
Thanks again. -
Not sure, mainly depends on your boards bios and so on. USB support is not the greatest in freebsd currently. Haven't tried that yet.
-
Firstly, pfsense ROCKS!
Would you recommend that i replace my hard-disk-installed pfsense with the one of an embedded version install using a compact flash card as the hard disk (via CF to IDE adapter)?
I'm using pfsense firewalls (all hd installs) on all of my 5 internet cafe's here in the Philippines.
What i observed is that hd installs are very prone to software corruption due to power outtage, incorrect shutdown, or sometimes even a normal power cycle corrupts the pfsense software. We usually turns off the firewall at night.
All hardware that i am using is relatively new and without any defects since i considers pfsense as a critical part of my cafe operation.
I don't use any packages, only basic config of traffic shaping and load balancer. Traffic is only max of 2 mbps download and 1 mbps upload.
Would my systems be more corruption-free using CF since it would be loaded as read only?
Is there a way to make my hd installs load as read only after configuring everything so as to avoid the corruption?
Thanks in advance, still a newbie here. -
Also you can setup pfsense with "Disk-on-module". Not very fast, but stable, and writecycles are not a problem.
Greetings
heiko -
cheeky,
Is there a way to make my hd installs load as read
only after configuring everything so as to avoid the corruption?I think so, I have test what you ask with 1.0.1-SNAPSHOT-03-08-2007
in a couple of days without any problem.Maybe Hoba can also confirm this, he is the expert here.
this is what I did :
SSH to your router and choose option 8 and write following command :
echo embedded > /etc/platform
/etc/rc.conf_mount_ro
exitnow, choose option 5 for rebooting your router.
after this your router will act exactly like a embeded version. -
Any procedure on how to do that disk-on-module? Or the command suggested by nima.m is enough already to make my pfsense corruption-free?
Thanks again. -
The Disk-on-module is to place directly to the IDE-Port. Then you run the installation from the LiveCD. That´s it. A DOM with 4 GB costs for example 60 €/ 80 $.
-
You can also try a CF microdrive which has physical moving parts and a platter so they should last longer than your traditional CF card. A 4gb microdrive runs about $50 probably and fits in the same CF type II slot. Of course older CF readers have issues reading these drives from my experience but if its something recent, you should be fine.
-
You might mention that the Seagate 4G and 8G microdrives (the ones which cost $50 or less) DON'T WORK in CF-to-IDE adapters under FreeBSD 6.x. Not sure how this slipped your mind since you are the one who discovered it and submitted the bug report to FreeBSD! (Thank you for doing that, by the way.)
-
How do you install? I Followed the fullinstall on wrap guide using wmware but all I get is
ad0: TIMEOUT - READ_DMA retrying (1 retry left) LBA=0 ad0: TIMEOUT - READ_DMA retrying (0 retries left) LBA=0 ad0: FAILURE - READ_DMA timed out LBA=0 ad0: TIMEOUT - READ_DMA retrying (1 retry left) LBA=1 ad0: TIMEOUT - READ_DMA retrying (0 retries left) LBA=1 ad0: FAILURE - READ_DMA timed out LBA=1 ad0: TIMEOUT - READ_DMA retrying (1 retry left) LBA=0 ad0: TIMEOUT - READ_DMA retrying (0 retries left) LBA=0 ad0: FAILURE - READ_DMA timed out LBA=0 ad0: TIMEOUT - READ_DMA retrying (1 retry left) LBA=0 ad0: TIMEOUT - READ_DMA retrying (0 retries left) LBA=0 ad0: FAILURE - READ_DMA timed out LBA=0 Trying to mount root from ufs:/dev/da0s1a Manual root filesystem specification: <fstype>:<device> Mount <device> using filesystem <fstype> eg. ufs:da0s1a ? List valid disk boot devices <empty line=""> Abort manual input mountroot></empty></fstype></device></device></fstype>
I'm not realy sure what I did wrong. The hardware I use is a routerboard 200 from www.routerboard.com
-
Did you try the default embedded image first? I have heard about people using that board so it should not have any issues. If you want to have a full hdd install on there (which is not recommended) try to just install the livecd to the cf without other modifications. The WRAP has to be treated a bit special as it's bios doesn't offer a fake vga/kbd device. A soekris for example can just run a default full install to cf-card. You might want to try this with the routerboard as well.
-
Thanx for the tip. A Embeded img works. I'll try a clean install tonight. I have a industry class 4gb CF and it is my home fw so I'm not that worried about wearing it down.
-
Enable serial console option at system>advanced before moving it to the routerboard as you most likely will have to reassign nics after moving it over ;)
-
Took me a good while but now I have tried to make a clean full install from 1.2-beta1.iso I used vmware to do this but when i put my cf back on the routerboard I still get the same error.
-
I googled the error and found that it might have to do with dma settings so I looked at the wiki http://wiki.pfsense.com/wikka.php?wakka=BootOptions at boot options but even with CF card set to PIO4 i still get the question about "manual root file system specification" I have also tried to move the /boot/loader.conf file from the Embedded install (that actually boots) but I get the same result. Any ideas?
-
It's working fine now :) I had to rename partitions in /etc/fstab to point to /dev/ad0 and enable the console in advanced settings.
As the stupid newbe I'm I installed the swap partition. Do I have to reinstall to make sure that I do not use it or could I just remove it from /etc/fstab? ???