Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    RAMdisk or not?

    General pfSense Questions
    4
    6
    138
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pfguy2018 last edited by

      I have installed a 256 GB SSD in my appliance, and moved the installation over to the SSD (previously was on the eMMC). Should I move the /var and /tmp folders to a RAMdisk instead of just using the SSD? I only have 4 GB of RAM, so wary of tying up too much space on a RAMdisk. Also, I did notice that in the Netgate docs say "Modern SSDs do not have disk write concerns as older drives once did" (from https://docs.netgate.com/pfsense/en/latest/config/advanced-misc.html) - the SSD is a brand new M.2 SSD, which I assume qualifies as "modern".

      Any advice?

      1 Reply Last reply Reply Quote 0
      • stephenw10
        stephenw10 Netgate Administrator last edited by

        You don't need to because of write cycle concerns. Anything vaguely recent will take many years to get anywhere near the write life with normal use.
        You might choose to to prevent filesystem damage if the firewall is installed somewhere power cannot be guaranteed. The RAM disks do not need to be very large for a basic install, I usually recommend double the default so 80MB and 120MB. If you have packages writing to /var or you have increased the log sizes significantly you would need more.

        Steve

        P 1 Reply Last reply Reply Quote 0
        • P
          pfguy2018 @stephenw10 last edited by

          @stephenw10
          I use pfBlockerNG and Snort - I understand these may cause more writes to disk. Not sure if that would affect your opinion?

          N bmeeks 2 Replies Last reply Reply Quote 0
          • N
            netblues @pfguy2018 last edited by

            @pfguy2018 Most modern ssds have a writes figure, running at the terabyte level.
            Pfsense writes mostly logs.
            Take a weeks logs size increase and do a division.
            If that figure is less than 300 weeks (which is more than five years) then its worth considering.
            Keeping a confirmation backup is always a necessity.
            Hdds fail too, especially when hot.

            1 Reply Last reply Reply Quote 0
            • bmeeks
              bmeeks @pfguy2018 last edited by bmeeks

              @pfguy2018 said in RAMdisk or not?:

              @stephenw10
              I use pfBlockerNG and Snort - I understand these may cause more writes to disk. Not sure if that would affect your opinion?

              I am the Snort and Suricata packages developer/maintainer. I do NOT recommend using a RAM Disk with either of the IDS packages! They need a lot of room for logging (can easily approach Gigabyte levels if you don't enable automatic log rotation and if you have a busy network with lots of rules triggering). They also need at least 256 MB of free space in /tmp in order to successfully download and unpack the rules update archives. A lot of folks have tried RAM Disks with those packages and encountered problems with running out of space.

              In my view, with modern SSDs, there is no really good reason to use RAM Disks if your firewall is on a UPS with either the nut or apcupsd package installed to automatically shutdown the firewall when the UPS battery is nearing exhaustion.

              P 1 Reply Last reply Reply Quote 0
              • P
                pfguy2018 @bmeeks last edited by

                @bmeeks
                Thanks for this input. I would say that your answer pretty much clinches the decision! I will stick with the SSD for logging.

                1 Reply Last reply Reply Quote 1
                • First post
                  Last post

                Products

                • Platform Overview
                • TNSR
                • pfSense
                • Appliances

                Services

                • Training
                • Professional Services

                Support

                • Subscription Plans
                • Contact Support
                • Product Lifecycle
                • Documentation

                News

                • Media Coverage
                • Press
                • Events

                Resources

                • Blog
                • FAQ
                • Find a Partner
                • Resource Library
                • Security Information

                Company

                • About Us
                • Careers
                • Partners
                • Contact Us
                • Legal
                Our Mission

                We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                Subscribe to our Newsletter

                Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                © 2021 Rubicon Communications, LLC | Privacy Policy