Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfBlockerNG with RAM Disk

    Scheduled Pinned Locked Moved pfBlockerNG
    5 Posts 3 Posters 943 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      anthonys
      last edited by anthonys

      I am considering implementing RAM Disk on an existing environment that includes pfBlockerNG.

      I have never tried RAM Disk, and in reading my very first thoughts are:

      • Should pfblockerng be installed before, or after, RAM Disk is enabled?
      • Once set up, are there any issues with rebooting pfsense? (note, I have UPS, so power failure shouldn't be an issue).

      I have done an inital test, and I have a good idea of the RAM Disk size required (for the lists I use), but I plan to experiment and test in more depth in a non-prod environment. Asking here for any insight or experiences from others on the above or any other issues or gotchas that await.

      provelsP S 2 Replies Last reply Reply Quote 0
      • provelsP
        provels @anthonys
        last edited by provels

        @anthonys Used to be that the pfB lists were lost on a reboot and a reload had to be manually run when the system came up again, but I think that now all of /var is written to disk before shutdown/reboot. I'm using RAM disks and running very large lists like the porn categories without issue, but I also have 16GB. As far as when to create the RAM disks, the system doesn't care ("put /var here, put /var there, I don't care").
        HTH

        EDIT - I may be mistaken about /var being written to disk. I just rebooted, /var size went way down, then rose after manually running a pfB reload.

        Peder

        MAIN - pfSense+ 24.11-RELEASE - Adlink MXE-5401, i7, 16 GB RAM, 64 GB SSD. 500 GB HDD for SyslogNG
        BACKUP - pfSense+ 23.01-RELEASE - Hyper-V Virtual Machine, Gen 1, 2 v-CPUs, 3 GB RAM, 8GB VHDX (Dynamic)

        1 Reply Last reply Reply Quote 0
        • S
          SteveITS Galactic Empire @anthonys
          last edited by

          @anthonys I know the "adult" (UT1?) list in pfB takes more than 1 GB of space to download and process, because I added it to help someone in the forums and it overran the RAM disk.

          Other than that, no issues using pfB. pfSense handles what to copy where.

          In recent versions the RAM disk size is not preallocated, it's a maximum RAM usage depending on the space actually used. A RAM disk does need a reboot to enable or change sizes.

          Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
          When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
          Upvote 👍 helpful posts!

          provelsP 1 Reply Last reply Reply Quote 0
          • provelsP
            provels @SteveITS
            last edited by

            @SteveITS said in pfBlockerNG with RAM Disk:

            In recent versions the RAM disk size is not preallocated, it's a maximum RAM usage depending on the space actually used.

            So the RAM disks are "thin provisioned" like in a virtual environment? If so, I did not realize that.

            Peder

            MAIN - pfSense+ 24.11-RELEASE - Adlink MXE-5401, i7, 16 GB RAM, 64 GB SSD. 500 GB HDD for SyslogNG
            BACKUP - pfSense+ 23.01-RELEASE - Hyper-V Virtual Machine, Gen 1, 2 v-CPUs, 3 GB RAM, 8GB VHDX (Dynamic)

            S 1 Reply Last reply Reply Quote 0
            • S
              SteveITS Galactic Empire @provels
              last edited by SteveITS

              @provels They changed the method a couple versions ago. It isn't really documented as such but that's a feature of tmpfs. (I suggested that doc change but it was declined because it could use all the allocated RAM)

              https://docs.netgate.com/pfsense/en/latest/releases/22-01_2-6-0.html#operating-system
              Changed: Convert RAM disks to tmpfs #12145

              edit: https://www.reddit.com/r/linuxquestions/comments/fjxiv2/does_tmpfs_ramdisk_use_up_allocated_ram_even_when/

              Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
              When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
              Upvote 👍 helpful posts!

              1 Reply Last reply Reply Quote 1
              • S SteveITS referenced this topic on
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.