Can I run a full pfSense install on a 16GB Sata-DOM?



  • Thanks in advance for all who assist me in these 4 questions.

    I have researched everywhere, including this thread (https://forum.pfsense.org/index.php?topic=34381.0) but can't find a definitive answer. I do find a lot of contradictions.

    (1) If I modify my setup, can I run a full, non-embedded install of the latest PFSense on my SuperMicro 16GB SATA-DOM (SuperMicro X9SCL board) without burning the SATA-DOM out in a few months? I want to run Squid, syslog-NG and other packages that do lots of writes. I also want to maintain all data across reboots.
    (2) If so, should I push all the caching and logs to a 500GB SATA HD I have already installed in the server?
    (3) With slow Squid cache writes and reads to and from the SATA HD, won't this negate the whole purpose of running PFSense on a flash type medium?
    (4) Should I just purchase a large SSD, and do the full install on it, not worrying about NAND flash cells being worn?

    Apologies for any technical inaccuracies.



  • I'm on the same boat and I just want to repost my post here:

    "So I bought a PC Engine APU2C4 system with a 16GB mSATA SSD drive in it. I'm about to install pfsense but not really sure if I need to go nanobsd or the full install. Since this SSD is one of the newer ones, I believe I shouldn't be too concerned about write failures but then again the only packages (for now) that I'm using are squid and lightsquid. Squid is quite know to write a lot as it is its purpose (caching). So with that, which version should you think I go with?"



  • After running on my SATA-DOM for just 10 hours (not in production), and WITHOUT Squid or any packages installed, following the + marks is what SMART reports on the SATA-DOM drive.

    I have no idea if the

    "233 Media_Wearout_Indicator 0x0013  100  100  000    Pre-fail  Always      -      5280"

    value of 5280 is a tiny grain of sand on a beach of NAND cells.

    ++++++++++++++++++++++++++++++++++++++++++++++++

    SMART Attributes Data Structure revision number: 16
    Vendor Specific SMART Attributes with Thresholds:
    ID# ATTRIBUTE_NAME          FLAG    VALUE WORST THRESH TYPE      UPDATED  WHEN_FAILED RAW_VALUE
      1 Raw_Read_Error_Rate    0x000a  100  100  000    Old_age  Always      -      0
      9 Power_On_Hours          0x0012  100  100  000    Old_age  Always      -      10
    12 Power_Cycle_Count      0x0012  100  100  000    Old_age  Always      -      10
    168 Unknown_Attribute      0x0012  100  100  000    Old_age  Always      -      0
    169 Unknown_Attribute      0x0000  100  100  000    Old_age  Offline      -      22
    170 Unknown_Attribute      0x0013  100  100  010    Pre-fail  Always      -      14
    173 Unknown_Attribute      0x0000  100  100  000    Old_age  Offline      -      65536
    192 Power-Off_Retract_Count 0x0012  100  100  000    Old_age  Always      -      0
    194 Temperature_Celsius    0x0023  070  070  000    Pre-fail  Always      -      30
    196 Reallocated_Event_Count 0x0000  100  100  000    Old_age  Offline      -      0
    218 Unknown_Attribute      0x0000  100  100  000    Old_age  Offline      -      0
    231 Temperature_Celsius    0x0013  100  100  000    Pre-fail  Always      -      100
    233 Media_Wearout_Indicator 0x0013  100  100  000    Pre-fail  Always      -      5280
    241 Total_LBAs_Written      0x0012  100  100  000    Old_age  Always      -      7048
    242 Total_LBAs_Read        0x0012  100  100  000    Old_age  Always      -      404
    246 Unknown_Attribute      0x0000  100  100  000    Old_age  Offline      -      909

    SMART Error Log Version: 1
    No Errors Logged

    SMART Self-test log structure revision number 1
    No self-tests have been logged.  [To run self-tests, use: smartctl -t]



  • I've installed it on a 1GB DOM module, read this thread: https://forum.pfsense.org/index.php?topic=109772.0
    Installing it on 16GB is similar…



  • Gotcha! Thanks for that. I'm re-installing the full pfsense release now (I installed it normally earlier) by making sure to specify "*" in the partition size and deleting the "swap subpartition".

    I'm assuming I should go with the embedded kernel since my APU2C4 doesn't have any VGA output anyway, right? Why is there no "SMP" custom kernel option?

    So after installation I just need to go to System > Advanced > Miscellaneous and check "Use RAM Disks (x) Use memory file system for /tmp and /var" and that's all there is to it?



  • Hey kevindd992002!! No hijacking my thread.  ;)

    Robi, that's very helpful, but still not addressed is what to do with the Squid cache and assorted syslogs. Do I point those to a SATA HD, or would I let the RAM handle it?

    kevindd992002, maybe I'm not understanding your question, but why not go with the full install serial version?



  • @pazure

    I didn't hijack your thread since we're on the same topic anyway :)

    No no no, what I meant by my question was the "embedded kernel" custom kernel configuration DURING the installation. I did use the full memstick serial installer by the way.

    I also want to know about the issue with squid cache.



  • I know this will help me.

    http://wiki.squid-cache.org/SquidFaq/SquidMemory#how-much-ram

    I can have up to 32GB of RAM to install on this SuperMicro server, and currently have 10 installed, so I've got quite a bit of room to play with. On prelim tests with putting squid cache on the HD, web page reloads were very slow.

    Afterwards, to test if Squid cache is running properly, http://askubuntu.com/questions/323241/how-to-know-if-squid-proxy-is-doing-the-cache-correctly

    Now, about whether or not to enable TRIM….http://www.wonkity.com/~wblock/docs/html/ssd.html



  • What RAM disk size did you set for /tmp and /var?



  • yes, but don't intend on caching much with squid,etc

    would go 128-256gb ssd as they are dirt cheap



  • Thanks Messerschmidt. I ended up shelving the Sata-DOM (I'll keep it on hold for my current FreeNAS Sata-DOM installation as a backup), and instead purchased an Intel 535 Series SSD (120 GB). I've pointed all syslog-NG logs to my 500GB HD.

    The more I dig into pfSense, the more I'm absolutely loving it - this coming from my previous firewall - a Cisco ASA 5510. Anyone want to buy it?



  • @pazure:

    The more I dig into pfSense, the more I'm absolutely loving it - this coming from my previous firewall - a Cisco ASA 5510. Anyone want to buy it?

    Haha, no.  We're still running a failover pair of ASA 5510s but strictly in a VPN concentrator role.  All firewall duties are strictly on pfSense now.  Glad to hear you're loving pfSense.


Log in to reply