Faster pfSense 2.1 NanoBSD image upgrade explained!
-
[DISCLAIMER: I am posting this in the hope that it could be valuable for others to avoid wasting many hours to upgrade and get the checksum error problems as discussed in http://forum.pfsense.org/index.php/topic,64479.msg349789.html#msg349789 and in http://forum.pfsense.org/index.php/topic,64333.msg348598.html#msg348598. This was accomplished in minutes, some 10 minutes compared to 2.5 hours using GUI. I do not guarantee that it works for all.
@moderator: If this is something unuseful, please remove this thread]
1. Connect an HDD or SDD either usiing SATA/eSATA cable or USB to pfSense box (I connected directly to SATA).
2. Run
egrep 'ad[0-9]|cd[0-9]' /var/log/dmesg.bootYou shall see something like:
acd0: DVDROM <lite-on dvd="" sohd-16p9s="" fqsc="">at ata0-master UDMA40
ad4: 152627MB <seagate st3160812as="" 3.ahh="">at ata2-master UDMA100 SATA</seagate></lite-on>Else run:
atacontrol listThe output shall look like:
ATA channel 0:
Master: acd0 <lite-on dvd="" sohd-16p9s="" fqsc="">ATA/ATAPI revision 6
Slave: no device present
ATA channel 2:
Master: ad4 <st3160812as 3.ahh="">SATA revision 2.x
Slave: no device present
ATA channel 3:
Master: no device present
Slave: no device present</st3160812as></lite-on>My preferred method is:
ls /dev/ad*which will give output like:
ad4% ad4s1% ad4s1a% ad4s1b%
3. If the drive is not sliced to UFS, I suggest to create a temporary zpool/create a slice and create a mountpoint.. To learn more about the latter, visit http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/disks-adding.html
4. Then ssh to the pfSense machine and select option (8) for shell. To mount /mnt/ad4s1a to /hdd
mkdir /hdd mount /dev/ad4s1a /hdd df -hYou shall see something like (note the last line):
Filesystem Size Used Avail Capacity Mounted on
/dev/ufs/pfsense1 442M 204M 203M 50% /
devfs 1.0k 1.0k 0B 100% /dev
/dev/ufs/cf 49M 1.5M 44M 3% /cf
/dev/md0 38M 424k 35M 1% /tmp
/dev/md1 57M 18M 35M 34% /var
devfs 1.0k 1.0k 0B 100% /var/dhcpd/dev
/dev/ad4s1a 140G 1.7G 127G 1% /hddIf you want to automount the slice, just add to the /etc/fstab (but I do it manually).
5. Change to /hdd and download the latest firmware matching your configurations. Mine was amd64 1g images, so:
cd /hdd fetch http://snapshots.pfsense.org/FreeBSD_RELENG_8_3/amd64/pfSense_RELENG_2_1/updates/pfSense-2.1-RC0-1g-amd64-nanobsd_vga-upgrade-20130717-2242.img.gz http://snapshots.pfsense.org/FreeBSD_RELENG_8_3/amd64/pfSense_RELENG_2_1/updates/pfSense-2.1-RC0-1g-amd64-nanobsd_vga-upgrade-20130717-2242.img.gz.md5Then verify the md5sum manually using cat and md5 commands.
6. Note the location of the img.gz file and then exit from the shell.
7. Then choose option (13) Upgrade from console.
Enter an option: 13
Starting the pfSense console firmware update system..
- Update from a URL
- Update from a local file
Q) Quit
Please select an option to continue:
Enter 2, you will be asked to enter the location of the img and you shall see the following 'Warning' message.
Enter the complete path to the .tgz or .img.gz update file: /hdd/pfSense-2.1-RC0-1g-amd64-nanobsd_vga-upgrade-20130717-2242.img.gz
WARNING! ACHTUNG! DANGER!
This image is not digitally signed.
This means that the image you uploaded is not an official/supported image and
may lead to unexpected behavior or security compromises.Only install images that come from sources that you trust, and make sure
that the image has not been tampered with.Do you want to install this image anyway at your own risk [n]?
Enter y. You shall further get the following. It takes a few mintues to upgrade, so wait.
Continuing upgrade…
One moment please...
Broadcast Message from root@pfSense0.domain.tld
(no tty) at 11:57 CEST...
NanoBSD Firmware upgrade in progress...
Broadcast Message from root@pfSense0.domain.tld
(no tty) at 11:57 CEST...
Installing /hdd/pfSense-2.1-RC0-1g-amd64-nanobsd_vga-upgrade-20130717-2242
.img.gz.
...
Broadcast Message from root@gw0.freeregistrar.net
(no tty) at 12:04 CEST...
NanoBSD Firmware upgrade is complete. Rebooting in 10 seconds.
...........Done. Rebooting...Once the box reboots, the HDD is automatically disconnected. Connect again to pfSense box using either GUI or ssh!
Enjoy faster upgrade of NanoBSD image of pfSense!
-
If a NanoBSD upgrade takes that long, you must have one really, really, crappy CF or CF adapter/socket/controller.
It only takes a few minutes on my ALIX including the download time with a normal GUI-initiated upgrade.
Now reinstalling packages post-upgrade, that does take some time if you have a lot installed.
Do you notice the same slowness if you download straight to the CF? (/etc/rc.conf_mount_rw; fetch -o /root/ …) and then run the upgrade from that file?
-
No such problem on my Alix box. The upgrade process doesn't take more than 5 minutes.
-
If a NanoBSD upgrade takes that long, you must have one really, really, crappy CF or CF adapter/socket/controller.
It only takes a few minutes on my ALIX including the download time with a normal GUI-initiated upgrade.
Now reinstalling packages post-upgrade, that does take some time if you have a lot installed.
Do you notice the same slowness if you download straight to the CF? (/etc/rc.conf_mount_rw; fetch -o /root/ …) and then run the upgrade from that file?
yes, the same slowness even when I directly download the image to the CF card or USB stick (Kingston which supports upto 237mb/s in normal situations).
-
No such problem on my Alix box. The upgrade process doesn't take more than 5 minutes.
You are lucky then! ;-)
-
What kind of system are you running NanoBSD on?
If it's not an ALIX but something else with some more power to it, keep this in mind:
http://doc.pfsense.org/index.php/Boot_Troubleshooting#NanoBSD_on_Newer_Hardware -
What kind of system are you running NanoBSD on?
If it's not an ALIX but something else with some more power to it, keep this in mind:
http://doc.pfsense.org/index.php/Boot_Troubleshooting#NanoBSD_on_Newer_HardwareI am running on a 64-bit dual-core P4 3.2Mhz machine with 4GB RAM, fyi.
-
Just for the record, my Alix systems typically download at the (terribly slow) line speeds we have in remote places (some 192kbps = about 20KB/second = 50 sec/MB = roughly 1 hour for the download) then it takes about 5 minutes to do the writing of the ~80MB to the CF card partition, <2 minutes offline during reboot, then however much time to dribble down the package reinstall (it pays to not use big packages in the remote places!) In places with faster internet links, it happily downloads at 1-4 Mbps without apparent delays waiting for CF card writes.
My slowness is all due to the available internet speed - there is only 5 minutes in the process when it is writing as fast as possible to the CF card partition. -
What kind of system are you running NanoBSD on?
If it's not an ALIX but something else with some more power to it, keep this in mind:
http://doc.pfsense.org/index.php/Boot_Troubleshooting#NanoBSD_on_Newer_HardwareI am running on a 64-bit dual-core P4 3.2Mhz machine with 4GB RAM, fyi.
Then most likely you're seeing side effects of running without ACPI, DMA, and write caching on that hardware.
-
Just for the record, my Alix systems typically download at the (terribly slow) line speeds we have in remote places (some 192kbps = about 20KB/second = 50 sec/MB = roughly 1 hour for the download) then it takes about 5 minutes to do the writing of the ~80MB to the CF card partition, <2 minutes offline during reboot, then however much time to dribble down the package reinstall (it pays to not use big packages in the remote places!) In places with faster internet links, it happily downloads at 1-4 Mbps without apparent delays waiting for CF card writes.
My slowness is all due to the available internet speed - there is only 5 minutes in the process when it is writing as fast as possible to the CF card partition.Yes, I have 26Mbps connection. So connection is not the bottleneck.
Usually it takes some 1 to 2 hours to download, and obviously it takes only a few mintues to upgrade pfSense base in one slice, but it takes another hour to upgrade the addon packages.
Then most likely you're seeing side effects of running without ACPI, DMA, and write caching on that hardware.
However, like jimp stated that it may be related with ACPI (but I have ACPI enabled), DMA or most importantly writecache, I assume.
Thanks for your inputs.
-
Unless you manually enabled ACPI and friends in loader.conf.local, then you don't have them (regardless of the BIOS settings), because on NanoBSD we disable them by default. (as mentioned on my link)
-
Is this different for NanoBSD vs. NanoBSD+VGA?
[2.1-RC0][root@router....]/root(1): uname -a FreeBSD router.... 8.3-RELEASE-p8 FreeBSD 8.3-RELEASE-p8 #0: Mon Jul 15 16:58:10 EDT 2013 root@snapshots-8_3-amd64.builders.pfsense.org:/usr/obj.pfSense/usr/pfSensesrc/src/sys/pfSense_wrap_vga.8.amd64 amd64 [2.1-RC0][root@router....]/root(2): cat /boot/loader.conf.local hw.ata.ata_dma_check_80pin="0" [2.1-RC0][root@router....]/root(3): sysctl hw.ata hw.ata.setmax: 0 hw.ata.wc: 1 hw.ata.atapi_dma: 1 hw.ata.ata_dma_check_80pin: 0 hw.ata.ata_dma: 1 -
Yes, NanoBSD+VGA has those enabled already.
