PfSense double install for maintenance failback
-
The front door for my home network is a single pfSense firewall on a dedicated headless PC running with two load balanced WANs and one LAN. I built it with pfSense 2.1.4 on a 58G SSD. It's running just fine - but of course that's an elderly build and I really ought to be updating. On the other hand, it ain't broke so I'm very wary of "fixing" it.
I don't have spare hardware to swap in, or even to test with, so I'm having to be careful as domestic crisis point will occur within minutes of internet deprivation.
What I want is to set up two matching bootable copies of pfSense on the SSD, so that I can pick either one as the image to boot. Then I could upgrade one copy of pfSense and failback instantly if it all goes wrong.
My first question: "is this even possible?"
From memory and what have read recently, the pfSense installation process seems to be oriented around a clean build - so is this likely to override any partitioning and setup I do?
Assuming it's not completely hopeless, I'm trying to sort out the boot process - which ideally I'd like to be software-settable rather than having to attach a keyboard (especially as I'm having trouble with USB keyboards during the boot phase on this box … another story!)
So far I've attached and partitioned a USB HDD to use to emulate my target setup and to act as a temporary drive while the SSD is rebuilt. I set up MBR for the whole (465G) disk and two small BSDs within that, similar to the size I expect to get for each on the SSD. As far as I can see, MBR seems to be what pfSense prefers.
[pfSense]: ~ # gpart show
=> 63 123091857 ad4 MBR (58G)
63 123091857 1 freebsd (58G)=> 0 123091857 ad4s1 BSD (58G)
0 16 - free - (8.0k)
16 114703233 1 freebsd-ufs (54G)
114703249 8388608 2 freebsd-swap (4.0G)=> 63 976773105 da0 MBR (465G)
63 60817365 1 freebsd (29G)
60817428 60817365 2 freebsd (29G)
121634793 855138375 - free - (407G)=> 0 60817365 da0s1 BSD (29G)
0 1985 - free - (992k)
1985 50331648 1 freebsd-ufs (24G)
50333633 8388608 2 freebsd-swap (4.0G)
58722241 2095124 - free - (1G)=> 0 60817365 da0s2 BSD (29G)
0 2028 - free - (1M)
2028 50331648 1 freebsd-ufs (24G)
50333676 8388608 2 freebsd-swap (4.0G)
58722284 2095081 - free - (1G)I've a feeling I've got the partition boundaries a bit wrong - but at least I can:
mount /dev/da0s1a /mnt
(or da0s2a) and rsync files to it - which would work fine for my process. I could mount the failover image onto the live one and rsync before starting an upgrade, and if there's a problem I just reboot and flip to the other image.Can't figure out quite how to make these images bootable - I've done
gpart bootcode -b /boot/boot0 da0
gpart bootcode -b /boot/boot da0s1
gpart bootcode -b /boot/boot da0s2
which I thought was enough - it might even be correct: my keyboard issue means I can see the boot0 prompt to press F5 to boot from my other disk but can't select it. I'd like to be able to script the default boot device anyway.TL/DR: Two main questions (for now…)
1. Is it possible to set up two copies of pfSense on two disk partitions and pick which one I want to boot?
2. Can I set the boot drive and partition from a command (or config file) before I reboot?