SSD (Solid State Drive) and pfSense (Important)
-
Indeed you can set /var and /tmp to run from ram drives to move the vast majority of file writes off the flash media if you're running from CF for example. Just like Nano does currently.
Steve
I would like to see a feature to backup /var and /tmp at an interval and at an controlled shutdown/reboot.
-
Sorry to bump the old old post, but its happened before :P.
This post had me scared, as I had decided to try out a small M.2 drive, for my build.
I guess no one caught this before, which is quite surprising. The failed drives in the thread, had nothing to due with being SSDs nor, an SSDs endurance, the OP and other failures, were all Using Kingstons SSD nows, which are known to be the most unreliable SSD on the planet lol (at least those first ones) they just died, had nothing to do with how much writes, they just flat out died, after a month or 2 or 3, sometimes more, but ya they were terrible.
Just wanted to throw that out there, as I keep coming across this while trying to decide which SSD to use. With the fact aside that newer SSDs have much better endurance, that has nothing to do with the few failures of the OP and the others, they were using the worst SSD ever made.
-
Why even use a SSD in such an application? Seems like it's just not suited for it. You might get a great speed bump for certain packages that use the storage quite a bit, but if you are not using those packages, it's pointless to have an SSD. A HDD would be a better fit and what's more, it might likely be the cheaper option.
That could be moot with pfSense supporting ZFS in the future though. You could always create a boot mirror with a couple of USB flash drives. That way you would have a bit of redundancy and USB drives are cheap compared to SSDs or HDDs
In terms of performance (all other things being equal): SSD > USB > HDD –- sure. But when you add in the cost and other parameters, I would think for home users at least, the USB route might be the most viable.
Disclaimer: Offer cannot be combined with any other specific requirements that you may or may not have. YMMV. Some use cases may require a particular solution. Void where prohibited.
;)
-
Why even use a SSD in such an application? Seems like it's just not suited for it. You might get a great speed bump for certain packages that use the storage quite a bit, but if you are not using those packages, it's pointless to have an SSD. A HDD would be a better fit and what's more, it might likely be the cheaper option.
That could be moot with pfSense supporting ZFS in the future though. You could always create a boot mirror with a couple of USB flash drives. That way you would have a bit of redundancy and USB drives are cheap compared to SSDs or HDDs
In terms of performance (all other things being equal): SSD > USB > HDD –- sure. But when you add in the cost and other parameters, I would think for home users at least, the USB route might be the most viable.
Disclaimer: Offer cannot be combined with any other specific requirements that you may or may not have. YMMV. Some use cases may require a particular solution. Void where prohibited.
;)
It's not about speed but the lack of mechanical components. Everything that moves decays relatively fast. Less moving parts means less things to go wrong. It's also why CF cars are used to much, and they aren't exactly fast. Same goes for DOM's, IDE Flash modules and USB drives. All of them work great since they don't have moving parts (unless you count IBM Microdrives as CF cards).
-
@johnkeates:
It's not about speed but the lack of mechanical components. Everything that moves decays relatively fast. Less moving parts means less things to go wrong.
Only if that were true !!
The number of SSD drive failures is what started this thread which is now 8 pages long. Also SSD's have limited number of writes (although, I believe that number is now quite high and that the drive would probably last for years before hitting that number).
I truly believe in using the right tool for the job. SSDs are great, but that doesn't mean it's great in every scenario. Again, it's a moving target too since future technology might improve upon things.
-
@johnkeates:
It's not about speed but the lack of mechanical components. Everything that moves decays relatively fast. Less moving parts means less things to go wrong.
Only if that were true !!
The number of SSD drive failures is what started this thread which is now 8 pages long. Also SSD's have limited number of writes (although, I believe that number is now quite high and that the drive would probably last for years before hitting that number).
Well yeah, cheap consumer SSD's aren't suitable for this kind of work. That always was the case, same for CF cards - it's why there are 'industrial' CF cards and the normal ones you buy at the random electronics stores.
-
@johnkeates:
It's not about speed but the lack of mechanical components. Everything that moves decays relatively fast. Less moving parts means less things to go wrong.
Only if that were true !!
The number of SSD drive failures is what started this thread which is now 8 pages long. Also SSD's have limited number of writes (although, I believe that number is now quite high and that the drive would probably last for years before hitting that number).
I truly believe in using the right tool for the job. SSDs are great, but that doesn't mean it's great in every scenario. Again, it's a moving target too since future technology might improve upon things.
Well the number of SSD drive failures, were again from pretty bad SSDs that didn't fail due to endurance, but rather due to bad design. It even happened again with a newer version of SSD Nows, they are just bad SSDs.
Your right, they have limited rights, the drive I just got on Ebay, has 10tbs worth of writes before its dead. Now think about that, 10tbs. It would take an awful long time to use up 10tb in logs lol.
On to the other reason, Power loss protection, No mechanical parts (IE less heat, less noise), Size (for some), Power Consumption,
ect, ect.So for me in my case, my build is in a very small 1u case, a hard drive doesn't work, at best I could fit a 2.5inch hard drive, that will likely be less reliable then an SSD and cost the same. At the same time, in my case that HDD will generate more heat and use more power than an SSD. My server board has a m.2 slot, that means I do not have to stuff a 2.5in hard drive in there. Even if I did stuff a 2.5 drive in there, and I do mean stuff, the drive location mount barely fits a drive behind my I350 T4, now I have to cable mange it as well, causing further issues and work.
I know that not ever case is like mine, I am just answering the why an SSD from my needs.
ALSO just FYI, this 8 pages is mostly of people saying that OP is wrong and SSDs do not die in 2 months. I fully believe his did, however that was not due to SSD tech or Write Endurance, it was due to the fact that he was using a failure prone SSD. Even low Endurance SSDs that are 16gb have like 10tbw, that is a lot, I cant speak for anyone's setups, but I think it would be awfully hard to write 10tbs of log files and such. (Swap I would still turn off)
Google that SSD, you will see they failed after 2 months in read only workloads, the SSD was bad, not the load he placed on it.
-
@johnkeates:
It's not about speed but the lack of mechanical components. Everything that moves decays relatively fast. Less moving parts means less things to go wrong.
Only if that were true !!
The number of SSD drive failures is what started this thread which is now 8 pages long. Also SSD's have limited number of writes (although, I believe that number is now quite high and that the drive would probably last for years before hitting that number).
I truly believe in using the right tool for the job. SSDs are great, but that doesn't mean it's great in every scenario. Again, it's a moving target too since future technology might improve upon things.
Well the number of SSD drive failures, were again from pretty bad SSDs that didn't fail due to endurance, but rather due to bad design. It even happened again with a newer version of SSD Nows, they are just bad SSDs.
Your right, they have limited rights, the drive I just got on Ebay, has 10tbs worth of writes before its dead. Now think about that, 10tbs. It would take an awful long time to use up 10tb in logs lol.
That's the same thing I said.
On to the other reason, Power loss protection, No mechanical parts (IE less heat, less noise), Size (for some), Power Consumption,
ect, ect.
So for me in my case, my build is in a very small 1u case, a hard drive doesn't work,That's just not true. You just have to buy the right board in that case. For pfSense – if your board already has 2 Intel NICs, you don't need an add-on card... which would leave enough space even for a 3.5" drive. Even if you put in an add-on NIC or any other card, you can put in a 2.5" drive in many 1U cases (as you mentioned). As for power consumption, I would be looking at the CPU TDP and other things before I would look at how much power the drive is going to take. Remember now, that for this application (pfSense -- where you aren't using a storage heavy package) your drive is not going to be constantly spinning as to affect the power consumption that drastically.
at best I could fit a 2.5inch hard drive, that will likely be less reliable then an SSD and cost the same. At the same time, in my case that HDD will generate more heat and use more power than an SSD. My server board has a m.2 slot, that means I do not have to stuff a 2.5in hard drive in there. Even if I did stuff a 2.5 drive in there, and I do mean stuff, the drive location mount barely fits a drive behind my I350 T4, now I have to cable mange it as well, causing further issues and work.
I know that not ever case is like mine, I am just answering the why an SSD from my needs.No, you don't have to "stuff" a 2.5" drive, it would fit quite comfortably. Agreed that in case you want to change the drive later, you might have to remove the card and a load of cables just to access the drive OR you need to choose a better case.
You chose a server board with a M.2 slot (probably for a reason) but what's the TDP of your processor?
I don't know what your requirements are but in order to save power – consider
-
a J3355 – its a SoC, fanless (so no worries about noise) with a TDP of 10W
-
a N3700 – another SoC, fanless -- this I have seen on a server board with quad intel nics, so no need for a NIC card --- with a TDP of 6W
You would save a lot more power consumption on the CPU than on the mechanical vs SSD storage. Again, like I mentioned in my earlier post as well, it does depend on what you plan to do with the machine. So don't go taking that as gospel, is all I am saying.
-
-
Yeah most of the bad rep that SSDs had at one time was due to a number of failures in early models some of which had bad firmware. One particular 8GB drive looked perfect for pfSense but failed with whatever OS it as running.
You should not have any issues running any recent SSD without any special measures. All the hardware we ship is a 'full' install running from flash/SSD.
However you can choose to move /var and /tmp to RAM which will decrease writes a lot. That also allows a normal drive to stop spinning if you've set that as allowed.
Steve
-
When I switched from a HDD (3.5", 5400rpm) to an SSD I saved 7W at the wall, fwiw. Obviously that's not a static number but should be a good game if reference.
Overall SSD > HDD for pfSense in 99% of applications.
-
When I switched from a HDD (3.5", 5400rpm) to an SSD I saved 7W at the wall, fwiw. Obviously that's not a static number but should be a good game if reference.
I didn't expect that much. Good to know.
@TS_b:Overall SSD > HDD for pfSense in 99% of applications.
Agreed. But when you factor in cost, I'd say the USB route might be more viable for home use especially with mirrored drives which can be cheaply replaced if and when one fails.
-
When I switched from a HDD (3.5", 5400rpm) to an SSD I saved 7W at the wall, fwiw. Obviously that's not a static number but should be a good game if reference.
I didn't expect that much. Good to know.
@TS_b:Overall SSD > HDD for pfSense in 99% of applications.
Agreed. But when you factor in cost, I'd say the USB route might be more viable for home use especially with mirrored drives which can be cheaply replaced if and when one fails.
The cost of a decent small SSD isn't very high, <$100 easily, <$50 for a good deal or an off brand. I'd be at least as confident in those as a <$50 hard disk–I've had far more HDD failures than SSD failures, even in the span of time since SSDs became a thing. (Which is part of why I keep WTF'ing over this thread, which seems to exist in some alternate reality where spinning rust is reliable.) Yeah, HDD is cheaper for a given volume of storage, but why on earth are you putting a lot of storage on a firewall? A 16G SSD is more than enough space, so what does it matter if a junky 1TB spinner costs less than 1TB of enterprise SSD?
-
When I switched from a HDD (3.5", 5400rpm) to an SSD I saved 7W at the wall, fwiw. Obviously that's not a static number but should be a good game if reference.
I didn't expect that much. Good to know.
@TS_b:Overall SSD > HDD for pfSense in 99% of applications.
Agreed. But when you factor in cost, I'd say the USB route might be more viable for home use especially with mirrored drives which can be cheaply replaced if and when one fails.
The cost of a decent small SSD isn't very high, <$100 easily, <$50 for a good deal or an off brand. I'd be at least as confident in those as a <$50 hard disk–I've had far more HDD failures than SSD failures, even in the span of time since SSDs became a thing. (Which is part of why I keep WTF'ing over this thread, which seems to exist in some alternate reality where spinning rust is reliable.) Yeah, HDD is cheaper for a given volume of storage, but why on earth are you putting a lot of storage on a firewall? A 16G SSD is more than enough space, so what does it matter if a junky 1TB spinner costs less than 1TB of enterprise SSD?
True, which is why I am advocating a USB drive - 16GB or 32GB – even in mirrored would be cheaper than any HDD or SSD. A pair of Sandisk Cruzer 16GB (low profile) cost about $16 - $17. Other usbs could be even cheaper
Agreed that SSD > USB > HDD as far as pfSense is concerned, since you don't have much to store. But USB option is a lot cheaper than SSD with the same benefit of "no spinning rust" and added advantage of lower cost. This is for home use --- NOT enterprise. Enterprise solutions wouldn't bat an eyelid over a few hundred bucks for SSDs, I know.
USB 2 -- https://www.amazon.com/SanDisk-Cruzer-Low-Profile-Drive-SDCZ33-016G-B35/dp/B005FYNSZA/ -- $8.69 each
USB 3 -- https://www.amazon.com/SanDisk-Ultra-Flash-Drive-SDCZ43-016G-GAM46/dp/B01GK9921C/ -- $ 8.49 each
-
pfSense on ZFS in some sort of redundant raid configuration is a great option for using flash drives as your install media.
Just be sure to have enough RAM to utilize a RAM disk so you don't burn through your writes with logging.
Doing this you will have an install disk array that should last for years of use for <$20.
If you don't already have enough RAM to use a RAM disk it doesn't make sense to buy more RAM to be able to use flash drives as install media.
In that case get a small off-brand SSD, you can get them in the $25 range. They should be fine for pfSense uses. -
Mirrored usb thumb drives? Good grief, just get a small ssd and call it a day, unless your time is literally worth nothing. That mess will almost certainly require manual intervention at the worst possible time
-
Mirrored usb thumb drives? Good grief, just get a small ssd and call it a day, unless your time is literally worth nothing. That mess will almost certainly require manual intervention at the worst possible time
And a SSD wouldn't ? ::)
If the USB is just sticking out the box, its very easy to simply degrade your zpool by de-activating the bad drive, remove and replace the usb in literally 2 seconds and then add the new one back in the mirror. Re-silvering would be done in a jiffy since the USB would only be 16GB
-
Mirrored usb thumb drives? Good grief, just get a small ssd and call it a day, unless your time is literally worth nothing. That mess will almost certainly require manual intervention at the worst possible time
And a SSD wouldn't ? ::)
If the USB is just sticking out the box, its very easy to simply degrade your zpool by de-activating the bad drive, remove and replace the usb in literally 2 seconds and then add the new one back in the mirror. Re-silvering would be done in a jiffy since the USB would only be 16GB
Yeah, if you're at all familiar with ZFS, as Inxsible noted resilvering a pool isn't exactly a time intensive process, it's a few commands and swap the thumb drives without opening up any cases at all. Also, you can use any old thumb drive to resilver your drive so long as it's at least as large as the original drive. It's likely you'll have a >8GB thumb drive laying around the house, not as likely you'll have a spare SSD. Also, if you have a single SSD go bad, you have to totally reinstall and hope your config.xml is up to date.
If you have a flash drive go bad, you just resilver (take you 1 or 2 minutes, don't have to wait for the process to finish) and go about your life, service is never interrupted.People have run FreeBSD based software on ZFS installed to mirrored flash drives successfully for many years on end without issue. It's not exactly new territory, it's tried and true.
When you use a RAM disk there are very few writes to the disk with an application like pfSense.Not to mention you can have a hot spare with boot code pre-installed standing by in a third USB slot. This would allow you to resilver your pool remotely using a fresh USB drive with a couple of commands.
ZFS installs really are powerful if you know what it's capable of.At the end of the day, yes an SSD is better. But they cost more money. While you can get small off-brand drives in the $25 range (still double the price of 2x flash drives) the cheap off-brand stuff isn't exactly renowned for being reliable. For name brand you're probably looking at prices starting in the $50 range, now you're paying ~330% the cost of a pair of sandisks.
Putting $35 more into their pfSense box won't matter for many, those people should get an SSD. Getting a low end SSD and paying ~$10 more won't bother others - those people should get an SSD. For the remainder, ZFS on flash drives is still a solid option. -
If I would be need to install or buy a new hard drive or storage I would even more lokking on a SSD or mSATA or perhaps
a M.2 SSD that will matching well to the rest of the entire hardware, also and even IDE drives are available as a SSD
version and will be more fast then the spinning ones in my eyes. I don´t know what the future brings us to, but at the
moment it will be the best bet for myself.- fast
- cheap
- power saving
- wide variety of version and models
-
@johnkeates:
It's not about speed but the lack of mechanical components. Everything that moves decays relatively fast. Less moving parts means less things to go wrong.
Only if that were true !!
The number of SSD drive failures is what started this thread which is now 8 pages long. Also SSD's have limited number of writes (although, I believe that number is now quite high and that the drive would probably last for years before hitting that number).
I truly believe in using the right tool for the job. SSDs are great, but that doesn't mean it's great in every scenario. Again, it's a moving target too since future technology might improve upon things.
Well the number of SSD drive failures, were again from pretty bad SSDs that didn't fail due to endurance, but rather due to bad design. It even happened again with a newer version of SSD Nows, they are just bad SSDs.
Your right, they have limited rights, the drive I just got on Ebay, has 10tbs worth of writes before its dead. Now think about that, 10tbs. It would take an awful long time to use up 10tb in logs lol.
That's the same thing I said.
Oh sorry I must have misread that sorry.
That's just not true. You just have to buy the right board in that case. For pfSense – if your board already has 2 Intel NICs, you don't need an add-on card... which would leave enough space even for a 3.5" drive. Even if you put in an add-on NIC or any other card, you can put in a 2.5" drive in many 1U cases (as you mentioned). As for power consumption, I would be looking at the CPU TDP and other things before I would look at how much power the drive is going to take. Remember now, that for this application (pfSense -- where you aren't using a storage heavy package) your drive is not going to be constantly spinning as to affect the power consumption that drastically.
First off, cant really say thats not true? Well I mean rereading what I wrote, I guess you could, when I said "In my Case" I meant for me, not for the case itself.
"You just have to buy the right board in that case. For pfSense – if your board already has 2 Intel NICs, you don't need an add-on card... " Funny you mention that, because its not actually true in my case, I have needs that require more than 2 Nics, my board actually has 2 Nics, and I still use all 4 ports of a i350 as well.
In my case, my build is not for home use, well it kinda is, but my situation is odd, my house is on site of my business, so they are 1 and the same network. In that network, I host hotel wifi, on a separate lan, on a separate physical switch altogether (they need POE, my network is on a 10gb switch, cant have both, I should say I cant afford both in one :P.) I also have the Surveillance system on that switch, via Vlans.
Then I have, my NAS and 2 Web Servers on separate nic ports as well, as each of those 5 things (my nas, the web servers, the guest lan, and my lan) all have there own Public IP Addresses, I guess I could vlan some of the stuff, but even then I would need 3 ports at minimum, and couldn't find a mini itx board that fit my needs with that (well 3 usable my board has 3, but 1 is ipmi only).
As to the drive fitting, ya its pretty tight, and its a server board, so the cpu is right at front, and thge front fans help that cooling, its just not laid out well to route the cables and such for a harddrive, on top of the fact that its a tight fit for the 2.5 inch drive as well. The case I am using is 9 inches deep, and the plate has a strict location for a 2.5 inch drive, its tight against the card.
The power, I dont care so much about, the heat I do the added heat. As that added heat plus the heat I already have, is not worth adding. Also, the drive will be spinning constantly lol, I have web servers, people are constantly trying to break into those, and Suricata will be writing some serious logs for that. In a home situation, I agree not so bad, but again this a business network, that I am trying to setup better, vs the multi setups of iptables i been using and a not very secure guest lan. So PFsense will be doing what I had 6 instances of iptables doing before lol. So unless I move all logging to a log server, which i may, yes the drive is going to be going insane.
No, you don't have to "stuff" a 2.5" drive, it would fit quite comfortably. Agreed that in case you want to change the drive later, you might have to remove the card and a load of cables just to access the drive OR you need to choose a better case.
You chose a server board with a M.2 slot (probably for a reason) but what's the TDP of your processor?
I don't know what your requirements are but in order to save power – consider
-
a J3355 – its a SoC, fanless (so no worries about noise) with a TDP of 10W
-
a N3700 – another SoC, fanless -- this I have seen on a server board with quad intel nics, so no need for a NIC card --- with a TDP of 6W
You would save a lot more power consumption on the CPU than on the mechanical vs SSD storage. Again, like I mentioned in my earlier post as well, it does depend on what you plan to do with the machine. So don't go taking that as gospel, is all I am saying.
Ahh see it does have to be pretty stuffed, and "Choosing a better case" isnt an option, as the case I choose, I choose for a reason lol. Using a m.2 to work in the means of the case is the preferred layout for me.
The TDP of my processor is 72ws.
Again not worried about power, worried about extra uneeded heat, the CPU is already hard to cool lol.As to the SOCs, ya for a home use, with a few packages they are great, for my 1gbit wan, and Suricata protecting web servers that are constantly under attack, as well as a nas and 2 lans, ya lol, they would choke my net to 5mbs per sec. To be perfectly honest, I am curious to see what happens, I dont have suricata live yet, when I do, I dont even think the Xeon I have might not even be enough from what I been reading on here, I may have to go to an E5 Xeon.
Again I get what your saying, and to most that are home users ect, everything you said would apply, however I am not in that user category.
-
-
Ok. You didn't mention your network was for business use initially. Also, in my previous post, I clearly mentioned that unless you use packages which are heavy on disk usage, you don't need SSDs. Seems like in your case ( ;) ) you would benefit from a faster SSD compared to a HDD. In fact my post also agreed to the fact that SSD > USB > HDD in terms of performance. So I am not denying the usefulness of SSDs. And also because SSDs would be better for a business application compared to USB as costs can be claimed as business expenses and business networks need better stability than a cheap USB would provide etc. etc.
Comes back to my original point of using the right tool for the job.
