Installing with an SSD



  • I just built a box with an Atom 2800, 4GB of memory, and a 32GB SSD. Would it be a better idea to install the nanoBSD version of pfsense instead of the regular version?
    Is there anything else different that I have to do becuase I have an SSD?

    Thanks



  • If you want to limit disk writes, go with the nano version. If you don't care about your SSD too much, or need the extra space, go for the full install.



  • Nano it is! Anything else I should consider doing because of the SSD?



  • That really depends on your SSD. Enterprise grade ones you don't have to treat any differently from a regular hard disk. Cheap low end ones you need to be a bit kinder to.

    Regardless, if you're not running the likes of Squid it doesn't matter. You're not going to be generating enough writes to matter - people have run full installs on CF cards for years without issue.



  • While Cry Havok touched on it, the misinformation about SSDs is starting to bug me.  There is no issue installing pfSense, or any other OS, on a modern SSD and then treating it exactly as you would a regular hard drive (unless you're talking about a box serving hundreds of people).

    Here's some quick math for you.

    25nm MLC NAND (current generation) is rated at 3000-5000 P/E cycles.  34nm MLC NAND (last generation) is typically rated at 5000-7000 P/E cycles.  50nm MLC NAND is usually pegged at 10000 P/E cycles.  Since you've mentioned your drive is 32GB, it's not likely to be 25nm NAND, but since that's the worst case, let's use those numbers.

    3000 P/E cycles for a 32GB drive works out to a total of 96,000 GB written.  Assuming you bought a drive using something other than a SandForce controller, write amplification is likely to be high, let's assume 20x (though 10x is more likely), so that drops the amount you can actually write to 4,800 GB.  If you write 10GB per day to that drive (which is REALLY high for a firewall unless you're running squid with a horrible hit-rate and are downloading a half-terabyte of http data per month through the box) it's going to last 480 days before the math fails you.  Realistically though, only a few cells are going to have failed at that point, so your drive will last longer.

    If we say you're at the low-end of 34nm NAND, which is a lot more likely, then that bumps you to 800 days.  Good 34nm NAND takes you to 1120 days.

    Now, if you went with a small SLC drive like the Intel 311 (I've got a bunch of these, they work great for pfSense) you'll only get 20GB, but these will last ~100000 P/E cycles, sticking you at around 27 years before they tap out at 10GB/day.



  • @Jason:

    {Good info}

    But… those numbers only work for a drive that's empty and that same 10GB is being over-written every day; a case where there is no static data on the drive occupying cells that never get overwritten.  Otherwise the dynamic data is limited to wear leveling across only the empty cells.  If that drive has, say, 10GB of static data that number decreases to about a year over the 22GB of usable free cells (unless I'm missing some wear leveling that moves static data around to combat this issue.)

    In a standard pfSense install, that's probably not a huge issue since the actual install isn't that big and there's not -that- much data being written, but in some uses, the static data is larger and the free space on a drive (being much smaller) is heavily used with dynamic data.  These are the situations where people seem to experience SSD failure from constant over-writes.  Remember, 10GB of movement doesn't have to be inside a 10GB file, you can easily have 10GB of data movement in a 1GB file, or smaller, even (the same reason an SSD is bad in a TiVo, there's a single file that's recycled completely every 1/2 hour, even if the drive is otherwise full of recorded shows, which it always should be if you're not militantly deleting the suggestions, but I digress,) so people may not notice that their 1GB file (log or whatever) is actually 10GB of daily rotating data (just using your numbers for simplicity.)

    Plus, even in your worst case scenario, 480 days isn't that long, that's less than a year and a half; probably ok for a gaming machine or something that isn't depended upon, but not long enough for a router for a company.  In my opinion, at least.  Isn't that why we're using an SSD, for maintenance free operation?  Most hard drives should last at least 3+ years in a stable environment.  Which leads me to:

    I 100% agree with your SLC comment.



  • Thanks, guys for the great responses. i'm using the m4 32GB mSata SSD. Which, IMO is a good drive. I have the 128GB drive in my main computer.

    But, i guess I'm still using the nanoBSD version as long as it has the same performance. Does it?



  • @jtvd78:

    Thanks, guys for the great responses. i'm using the m4 32GB mSata SSD. Which, IMO is a good drive. I have the 128GB drive in my main computer.

    But, i guess I'm still using the nanoBSD version as long as it has the same performance. Does it?

    The NanoBSD install doesn't support some packages (specifically, Squid).  If you're not going to use Squid though there's little point in having this discussion because you won't write anywhere near enough to wear out that SSD without it.

    The 256GB m4 is rated at 72TB of data written.  That would translate to 9TB for a 32GB drive.  That doesn't sound like much, but that's almost twice what was specified in my example for 3000 P/E 25nm NAND.  If you want a 5 year lifespan that sticks you at 5GB/day.

    EDIT:  Actually, I looked it up.  The 32GB drive has a lifespan of 36TB written (20GB/day for 5 years).  That means they're either using better NAND in that one, or the 256GB drive is REALLY underrated.



  • Well, in that case, ill just install the regular version. I don't plan on using squid, as I don't really know what it is  :P.

    Out of curiousity, what exactly is squid? I've heard about it alot from several places. But im not 100% sure.
    From what I read, squid is a proxy server that has many uses. In many cases, it's used as a caching server for websites, which caches dynamic pages to allow faster page loads.
    But for home users, I'm still a little confused. Does it cache local requests? How much of a difference would be for a home user?

    Thanks.



  • Yes, it's a proxy server amongst other things. The purpose of a proxy server is to save bandwidth by caching things that are accessed frequently. How much of a difference it makes depends on what bandwidth you have and what your usage profile is.



  • @Cry:

    Yes, it's a proxy server amongst other things. The purpose of a proxy server is to save bandwidth by caching things that are accessed frequently. How much of a difference it makes depends on what bandwidth you have and what your usage profile is.

    Yup.  I used Squid on my system at home (Fiber @ 42/35) for a couple weeks and it actually slowed things down.  With only a few computers and a scattering of mobile devices the hit rate was abysmally low (like 3%) and the time it took to check for a cache hit and miss 97% of the time made it noticeably slower than just going out and fetching fresh content on each request.  For Squid to make a difference you need a bunch of users loading the same content over a relatively slow connection.



  • cache server is just one of the things..

    you could also use SquidGuard+Squid for adblocking/network censorship..

    Dump couple lists of worth regular expressions from Adblock Plus filters (suitably edited) plus some public domain blacklist (spyware,malware & advertising domains) compilation into your pfSense..  less ads and tad better security for any browser/user in your network as a result. Depending on amount of data it does'nt need to be real powerful system either..I am using old PIII 450 for identical task (half a dozen users). Set it up as transparent proxy and users wont even notice, except for some banners/sites displaying black-white error messages instead of a content (no need for defining transparent proxy in web browser)



  • I'm just curious, have we settled the debate about mainstream SSD usage in pfSense? I'm about to stick an Intel 330 Series 60 GB Solid-State Drive into an old Dell Optiplex 755 SFF and call it a day. I'll be running squid transparent with a massive adblock list (cache Windows Updates for my home network as well as FreeBSD packages, and the ad/site block feature for the school-aged kids running amok), as well as PPTP VPN (please, I know all about it already) and some homerolled hacks, but obviously I don't want this thing burning out after a few years. Also, I know FreeBSD supports TRIM, does anyone know if it is enabled OOB in pfSense?



  • I know it's not pfSense related, but as long as SSD endurance is concerned you should look at this thread:

    http://www.xtremesystems.org/forums/showthread.php?271063-SSD-Write-Endurance-25nm-Vs-34nm/page216



  • Sounds like the crux of that thread is: if you want long lasting SSD's, buy Intel.  (But I think some of us were already of that opinion.)

    I wonder what their little SLC SSD's do with that kind of testing.


Locked