Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DNS resolver not starting

    Scheduled Pinned Locked Moved General pfSense Questions
    20 Posts 3 Posters 1.5k Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • stephenw10S Offline
      stephenw10 Netgate Administrator
      last edited by

      In /var/log. I would recommend checking and saving the log settings on each package even if you make no changes to be sure they are using them.
      In Snort I would set an overall log directory size limit as well and the limits on individual logs.

      Steve

      1 Reply Last reply Reply Quote 1
      • W Offline
        Waqar.UK
        last edited by Waqar.UK

        Thanks as I am currently using Pfsense with no added packages. But as you have stated to limit the log files as to prevent this occurring again.
        What is the good size limits on these log files as to keep the add on functioning at their best?
        Also my SSD is showing 96% health after about 2 years usage. Is there a way to prevent this from getting worse?

        1 Reply Last reply Reply Quote 0
        • stephenw10S Offline
          stephenw10 Netgate Administrator
          last edited by

          The default log sizes are generally fine. If you have some specific need to log more or maybe your system is particularly busy so the default 512K does not span enough time then you can increase them. I would start out by doubling them to 1M or maybe 2M. But 10M logs is not that unusual and any current drive is going to be easily large enough to accommodate that.

          But the biggest things you can do to reduce disk writes if you are seeing excessive wear is to enable RAM drives:
          https://docs.netgate.com/pfsense/en/latest/config/advanced-misc.html#ram-disk-settings
          Doing that will generally leave far less space for logs since the log files are on /var
          I generally use double the default size so 80MB and 120MB for the drives. 10M logs files are not going to fit there but 1M or 2M will.

          The other thing to check is that the root slice is mounted 'noatime'. If you just re-installed it should be but it may not have been previously because: https://redmine.pfsense.org/issues/9483
          Run at the CLI mount. You should see / mounted noatime like:

          /dev/diskid/DISK-9E18E959s2a on / (ufs, local, noatime, journaled soft-updates)
          devfs on /dev (devfs, local)
          /dev/diskid/DISK-9E18E959s1 on /boot/u-boot (msdosfs, local, noatime)
          /dev/md0 on /tmp (ufs, local)
          /dev/md1 on /var (ufs, local)
          devfs on /var/dhcpd/dev (devfs, local)
          

          I have ramdisks enabled on that system too.

          Steve

          1 Reply Last reply Reply Quote 1
          • W Offline
            Waqar.UK
            last edited by

            @stephenw10 said in DNS resolver not starting:

            The default log sizes are generally fine. If you have some specific need to log more or maybe your system is particularly busy so the default 512K does not span enough time then you can increase them. I would start out by doubling them to 1M or maybe 2M. But 10M logs is not that unusual and any current drive is going to be easily large enough to accommodate that.
            But the biggest things you can do to reduce disk writes if you are seeing excessive wear is to enable RAM drives:
            https://docs.netgate.com/pfsense/en/latest/config/advanced-misc.html#ram-disk-settings
            Doing that will generally leave far less space for logs since the log files are on /var
            I generally use double the default size so 80MB and 120MB for the drives. 10M logs files are not going to fit there but 1M or 2M will.
            The other thing to check is that the root slice is mounted 'noatime'. If you just re-installed it should be but it may not have been previously because: https://redmine.pfsense.org/issues/9483
            Run at the CLI mount. You should see / mounted noatime like:
            /dev/diskid/DISK-9E18E959s2a on / (ufs, local, noatime, journaled soft-updates)
            devfs on /dev (devfs, local)
            /dev/diskid/DISK-9E18E959s1 on /boot/u-boot (msdosfs, local, noatime)
            /dev/md0 on /tmp (ufs, local)
            /dev/md1 on /var (ufs, local)
            devfs on /var/dhcpd/dev (devfs, local)

            I have ramdisks enabled on that system too.
            Steve

            Thanks a lot. I will increase my RAM disks as I have 8GB RAM in my Qotom box.

            1 Reply Last reply Reply Quote 0
            • GertjanG Offline
              Gertjan
              last edited by

              Keep in mind that the content of ram disk is gone when the system powers down.

              No "help me" PM's please. Use the forum, the community will thank you.
              Edit : and where are the logs ??

              W 1 Reply Last reply Reply Quote 1
              • W Offline
                Waqar.UK
                last edited by

                This post is deleted!
                1 Reply Last reply Reply Quote 0
                • W Offline
                  Waqar.UK
                  last edited by

                  This post is deleted!
                  1 Reply Last reply Reply Quote 0
                  • W Offline
                    Waqar.UK @Gertjan
                    last edited by

                    @Gertjan

                    I have set it to this and re-booted Pfsense.
                    If I add packages such as Snort & Pfgblocker, will this amount of RAM disk settings be enough? I have 8GB RAM in my Pfsense box.

                    2.png

                    1 Reply Last reply Reply Quote 0
                    • stephenw10S Offline
                      stephenw10 Netgate Administrator
                      last edited by

                      You don't need them anywhere near that large.

                      The RAM disks are backed up and restored across a reboot. You only lose the contents if the box is rebooted unexpectedly.

                      Steve

                      1 Reply Last reply Reply Quote 1
                      • W Offline
                        Waqar.UK
                        last edited by

                        OK thanks a lot.

                        1 Reply Last reply Reply Quote 0
                        • W Offline
                          Waqar.UK
                          last edited by

                          OK, thanks a lot. I will reduce the RAM size.

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.