Install on a Wear-Leveling CF Drive ?
-
I could have sworn that I posted this yesterday, but I guess not.
After this change you'll have to reboot and verify if your root filesystem is mounted read-only. If you prefer to check this using the GUI, you can do that with Diagnostics -> Command -> Command: mount -> Execute and verify if / is mounted read-only.
How do I tell what's ro or rw, because here's what mount shows me:
$ mount /dev/ufs/pfsense0 on / (ufs, local) devfs on /dev (devfs, local) /dev/md0 on /var/tmp (ufs, local) /dev/md1 on /var (ufs, local) /dev/ufs/cf on /cf (ufs, local) devfs on /var/dhcpd/dev (devfs, local)Cheers.
-
How do I tell what's ro or rw, because here's what mount shows me:
$ mount /dev/ufs/pfsense0 on / (ufs, local) devfs on /dev (devfs, local) /dev/md0 on /var/tmp (ufs, local) /dev/md1 on /var (ufs, local) /dev/ufs/cf on /cf (ufs, local) devfs on /var/dhcpd/dev (devfs, local)Cheers.
It should show "read-only" next to "ufs, local" when mounted read only, and nothing (other then "ufs, local") when mounted read/write. But judging on the output I reckon you're running the nanobsd embedded version, correct? Since I don't recall the full install having a separate filesystem for /cf. I'm doing all this from my memory, but I figure I'd better written down all the steps taken… I'll rerun the install here on a VM and take notes about the exact changes. I could very well have modified the /etc/fstab to mount the filesystems read-only by default.
EDIT: Ok, checked with a reinstall and changing a full install to embedded through /etc/platform automatically mounts the root filesystem read-only. I have changed /etc/fstab however so that it immediately gets mounted read-only since this is also done on a nanobsd install.
-
But judging on the output I reckon you're running the nanobsd embedded version, correct?
Yes, correct.
Now, here's an interesting observation. If I issue the mount command, via the Diagnostics GUI, I get the result above. However, if I log on to the box, and issue it at a command prompt, I get this:
[root@roadblock.bogolinux.net]/root(1): mount /dev/ufs/pfsense0 on / (ufs, local, read-only) devfs on /dev (devfs, local) /dev/md0 on /var/tmp (ufs, local) /dev/md1 on /var (ufs, local) /dev/ufs/cf on /cf (ufs, local, read-only) devfs on /var/dhcpd/dev (devfs, local) [1.2.3-RELEASE]Hmmmmmmmmm.
Cheers.
-
I think that the GUI config remounts the filesystems read-write during command execution. Sounds logical of course, since the command might be trying to modify the filesystem. So the only way to correctly check it is through SSH.
-
I've been running 1.2.3 on the Intel D94GCLF Atom 330 motherboard for a couple weeks now with an Innodisk 2GB Wear Leveling embedded IDE drive. I've modified the platform setting from pfsense to embedded and also set the drives to RO in /etc/fstab. I've seen the same behavior discussed below of the drives being listed as RO from the console but RW from the GUI.
Thus far, everything seems to be perfectly fine - the only effect of setting the CF drive RO I have seen is that all the RRD graphs get reset after a reboot, which is no problem for me. Operationally, I've noticed no difference between this install and my prior full install deployment on an older Athlon with a conventional hard drive.
For what it is worth, the Atom 330 runs pfSense without even starting to break a sweat. I've got a 20MBps line into the house and without running any VPN sessions, I can't get the CPU loading over a couple percent. The board with 1GB of memory, an extra GB NIC and the CF drive draws right around 30W. Based on power savings alone, the board and the Mini-ITX case will be paid for in right around 3 years when compared to my prior Athlon setup. Given the performance of the system, I can't imagine a reason why I'd touch it indefinitely - short of something failing.
The only thing I'd consider changing if I were to do this again would be to get a board with one of the 5xx series Atom processors - they have even lower power draw - but are also a little more expensive as well so I'm not sure if the ROI would change much.
At this point, I think it would be helpful if we could get an officially supported embedded install with VGA and keyboard support. I'm using this at home so I don't mind going slightly off the beaten path, but if I were doing this for my job I might think twice.
Thanks to everyone who chimed in on this thread - I appreciate the comments and information.
Best Wishes,
Stephan
http://www.intel.com/Products/Desktop/Motherboards/D945GCLF/D945GCL
http://www.mini-box.com/2GB-40-pin-Embedded-Disk-Card-4000 -
I've got a couple installs on InnoDisk IDE DOMs running full installs, and my home testing install which gets reinstalled frequently from 2.0 snapshots. All of these have been stable running for at least 18 months, the oldest is about 24 months with no issues. Industrial flash is designed to be used this way, I doubt you'll have any problems with proper industrial flash modules, be it CF, IDE/SATA DOM or SSD.