PfSense w/Squid: SSD still ill-advised?



  • I currently have pfSense installed on an old 300GB HDD, which is not long for this world. I use it for my home network, and I do use Squid. I want to replace the HDD. I have read previously that SSDs are ill advised because of their sensitivity to being written to frequently. However, I have also read that modern SSDs have many TB of “endurance”, which for me, would theoretically outlast most spinning hard drives, even cheap SSDs.

    Is it still best practice to use spinning HDDs?



  • Well it’ll always be true (at least for the forseeable future) that an SSD “wears out” where as a spinning platter doesn’t (though it can of course fail in many other ways!)

    So I’d say that yes, the advice still stands, but for a small network you’ll probably be OK.  Do you have plans/the ability to recover should the SSD fail hard in 5 years?  If yes, then I’d proceed.

    I think the bigger question is, in 2018, what benefit does Squid give you on a small home network?  You can probably rest easier at night removing squid from the network.

    If you’re using squid just to do some sort of site ACL stuff, well if you have enough memory you can run squid “in memory” with no disk caching and thusly solve your “problem” that way too.



  • It really depends on the workload and the SSD. A big SSD with reasonable firmware will do fine. But a small SSD with crappy firmware in a high-load setup will die within months.



  • The write duration is the write duration.  If the specs suit your needs, it should be fine.

    I’ve been running several old SSDs for about 6 years for pfsense and none have failed.



  • @kejianshi:

    The write duration is the write duration.  If the specs suit your needs, it should be fine.

    I’ve been running several old SSDs for about 6 years for pfsense and none have failed.

    Well, Squid might hammer with tiny writes all day long, and that could have an impact bigger than you’d expect. Hard to put a number on the amount of writes, but I suspect it’s a non-standard workload (from a desktop perspective).



  • My disks are old SLC drives and I love SLC.

    I am currently only running mlc tlc vnand etc on desktop computers.



  • @kejianshi:

    My disks are old SLC drives and I love SLC.

    I am currently only running mlc tlc vnand etc on desktop computers.

    Yeah, one of those marketing wank nand (3d nand? v-nand?) had an issue where if you did a lot of tiny writes, i.e. use it as a log device or ZIL, it would die really fast because the only way they could make it fast and reliable was to optimise the firmware for desktop use or something like that.

    Too bad they don’t ship SLC more often, it’s mostly the older or more expensive DC-type SSDs that get that.



  • I think there are still a few never used SLC drives out there from years ago for sale.

    You can buy modern SLC drives also, but they cost a fortune…  Probably because they are no better than the MLC, TLC etc etc drives (joke).

    Have you noticed that people will completely lose their cool if you insinuate that SLC is better?  Seems like the price would give it away.



  • Could you give an example of a good used SLC drive to look for ?

    I bought a fanless i3 7100U /16GB mini pc considering running
    either pfsense directly on hardware or pfsense + cisco virtual
    wireless controller as VM’s on ESXI (all newbie territory to me)
    and was wondering whether I would need something better
    than eg an Intel S3500 SSD (have a couple of small /120GB laying around)
    i.e. something like an S3700 (more write intensive) ?



  • @kejianshi:

    I think there are still a few never used SLC drives out there from years ago for sale.

    You can buy modern SLC drives also, but they cost a fortune…  Probably because they are no better than the MLC, TLC etc etc drives (joke).

    Have you noticed that people will completely lose their cool if you insinuate that SLC is better?  Seems like the price would give it away.

    They’re more expensive mainly because they’re much lower density/lower yield, and low demand/low volume parts. There’s no way a squid instance on someone’s home network is going to push through the write limits of even a consumer grade SSD.

    That said, I second the opinion that implementing squid is mostly a waste of time that will slow things down, regardless of the drive choice.



  • Running Squid will have a few small use cases like limited connections where speed isn’t the issue but traffic cost is, or as stated before, ACL.

    Most setups will have a serious negative impact with Squid because of the added latency and the ton of crap websites load today to display a simple page.



  • You really need to know your use case. Many are saying squid gives less than a 1% hit rate for the modern internet. Places where it could really help is caching updates, but these kinds of issues may work better using a special purpose cache. like WSUS for Windows Updates.



  • I’m not actually a proponent of squid for most people either.


  • Administrator

    Yup, both those things are true IMO:

    Any half decent SSD should have no problems. Most of the bad rep comes from early cheap drives.

    Squid is of very limited value for most users.

    Steve



  • Chime in as well on this.  Any current SSD is not going to have any sort of issues… They have 100’s of  TBs of writes in their life… No possible way your going to come close to this in some home system proxy in any amount of time where that drive would have been replaced normally from just being old and slow…

    And 2nd to be honest the use of proxy in a home setup for “caching” purposes in modern internet pretty pointless.  Are you wanting to filter your you son’s or something from p0rn?  if so there is prob easier solutions based upon dns vs actual proxy that would be easier to implement and manage, etc.


 

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy