Is embedded going away?

  • My apologies if this has been discussed.  I don't follow the forums very closely and search wasn't helpful (embedded returns a lot of results).  I have a couple of pfsense boxes that are running off of CF drives.  Rock solid reliable for the last few years.  There is a disk interface but it's PATA (which shows how old the h/w is).

    Do I need to be planning a h/w upgrade in the near future to accommodate a full install on a SATA SSD or mSATA SSD?


  • afaik, 2.4 will be 64bit only & without nanobsd.

    2.3.x will keep getting security updates for a while after 2.4 is released

  • Interesting direction since that all but eliminates Netgate's line of flash based platforms as well as other repurposed network gear that commonly used industrial CF's. Netgate uses either micro SD or eMMC storage.  Maybe I'm misunderstanding the impact of not having an embedded version.

    thanks for the reply

  • Rebel Alliance Developer Netgate

    All of the current offerings from the pfSense Store run full installations from eMMC, not NanoBSD. We have not shipped anything with NanoBSD in quite some time. Likely since we stopped selling APUs (which could run full installs from mSATA, but used NanoBSD on the cheaper SD card option).

    In most cases you'll find that things can run a full install OK and don't really need NanoBSD. If you are worried about writes, you can enable the option to keep /var/ and /tmp/ in RAM which will cut down on disk usage.

  • @jimp:

    If you are worried about writes, you can enable the option to keep /var/ and /tmp/ in RAM which will cut down on disk usage.

    Or, depending on the amount of data, RAM disk backup schedule (how frequently), and how frequently reboots are done (initiates a backup), it may increase the disk writes.  With out RAM disk there may be more frequent smaller writes.  But with RAM disk there may be less frequent but much larger writes.

    I've not seen any definitive data either way.  Has there been a comprehensive evaluation of this?

  • Rebel Alliance Developer Netgate

    I don't know that anyone has ever done a significant comparative analysis, but given how many writes happen in /tmp and /var on a regular basis, I'd find it hard to believe the periodic backups would write more, at least if they are done on a sane schedule. Log files, RRD files, status files, etc. They get rewritten constantly.

  • On NanoBSD, the option to keep /var/ and /tmp/ in RAM was enabled by default, and RAM disk backup schedule was disabled by default.
    If somebody enabled RAM disk backup schedule on NanoBSD, or even disabled the option to keep /var/ and /tmp/ in RAM, causes the same stress on the media as a full install does.

    So - actually the fight titled NanoBSD versus Full Install is really, really decided by this. You can simply keep /var/ and /tmp/ in RAM, and not use any RAM disk backup schedule at all, and your system will act just like a NanoBSD in regads of disk writes. (there are of course other differences too between NanoBSD and Full Install, but have much lower importance in this aspect).

    For somebody who cares about things in /var like logfiles, the best idea is to set up a Syslog server in the LAN on a separate machine (like a VM), and set pfSense up to log everything there. This way,  /var/ and /tmp/ can stay in RAM, and no need for periodic backups either.

    I use Full Install like this with 2.3 on thin clients with only 1GB DOM flash installed, and they work flawlessly. Previously it was NanoBSD, now it's full install - and no problem.

  • Rebel Alliance Developer Netgate

    With the periodic backup disabled, it does still happen at shutdown. Though since it's a firewall, shutdowns are relatively rare (or should be).

    If you are that concerned with disk writes, then the logging and graphing and such could all be done remotely and then there wouldn't be much need for a periodic backup on the box itself.

  • That's what I'm saying also.