NanoBSD and Packages, what works?
-
I have previously experimented with the NanoBSD version of pfSense and I had a positive experience except for trying to use Packages with it. I am considering completely redesigning my infrastructure to eliminate single points of failure and improve reliability, particularly when it comes to pfSense upgrades. For me, NanoBSD pfSense could be just what I need.
Previously, it was important for me to have IPsec, Snort, Squid, NUT, CA, DHCP and DNS running on my pfSense host. Now, I am thinking, perhaps I only really need IPsec and NUT! Maybe it is better for me to put CA, DHCP and DNS back with the directory service, and put Snort and Squid on their own separate hosts as appliances. This would leave pfSense to concentrate as a packet filtering firewall and IPsec endpoint in my network.
I am thinking about replacing the hardware mirrored SAS drives in my hosts with a pair of IDE CF cards. I'm not looking to actively mirror the CF cards, I just want a convenient method of cloning a running card image to another card once a week or just prior to an upgrade. I am hoping that an immediate rectification of a failed pfSense upgrade will be as simple as just swapping a CF card from one slot to another and rebooting.
Is it possible to install the NUT package on the NanoBSD version of pfSense?
If so, is there a list of other packages that are known to be successful with the NanoBSD version? -
I'm not looking to actively mirror the CF cards, I just want a convenient method of cloning a running card image to another card once a week or just prior to an upgrade. I am hoping that an immediate rectification of a failed pfSense upgrade will be as simple as just swapping a CF card from one slot to another and rebooting.
There is no need to clone and swap CF cards for this. There are two slices with separate pfSense installs on nano, when you upgrade the currently inactive one gets overwritten.
-
Yes, I remember that.
Is there a quick way to regress a failed upgrade by swapping slices at the command line? -
It's in the GUI (Diagnostics - NanoBSD)