Running pfSense from CF with noatime mount option on root filesystem ?



  • Hi,

    I've a pfSense (standard-install aka non-embedded) installation running on a CF.
    I'm aware of all the potential problems of running live filesystems from CF's

    Does anyone know of any problems running pfSense from CF with noatime mount option on the root filesystem ?

    Thx



  • I ran a FreeBSD 4.7 box like that for quite some time (just over 5 years) without any problems.  I've not done it with anything later (not needed to), but I can't imagine it'll cause any problems.



  • Seems like it'd be a good idea to make mounting filesystems noatime by default in general for pfSense.



  • @drees:

    Seems like it'd be a good idea to make mounting filesystems noatime by default in general for pfSense.

    I agree

    I've now been running pfSense for two days with noatime mount option on / filesystem - no problems so far.

    Unfortunately pfSense does not respect the /etc/fstab "settings" as I would expect for a *NIX system.

    I think that the reason is the (reduced) customized boot scripts (PHP?) - haven't yet had the time to investigate.

    For some reason pfSense does now re-evaluate and remount the filesystems listed in /etc/fstab after passing the critical boot stages.

    For now I have to manually remount / after successful bootup - using this command:

    "mount -u -o fstab /"

    /etc/fstab: (contents):

    Device                Mountpoint      FStype  Options        Dump    Pass#

    /dev/ad0s1a            /              ufs    rw,noatime      1      1



  • @wuffe:

    Unfortunately pfSense does not respect the /etc/fstab "settings" as I would expect for a *NIX system.

    I think that the reason is the (reduced) customized boot scripts (PHP?) - haven't yet had the time to investigate.

    For some reason pfSense does now re-evaluate and remount the filesystems listed in /etc/fstab after passing the critical boot stages.

    For now I have to manually remount / after successful bootup - using this command:

    "mount -u -o fstab /"

    /etc/fstab: (contents):

    Device                Mountpoint      FStype  Options         Dump    Pass#

    /dev/ad0s1a             /               ufs     rw,noatime      1       1

    This forum contains no bug section - how do I get this topic considered at a bug and/or feature request ?

    I may have missed something here - if that is the case - I apologise for the noise



  • It's not a bug nor a feature its customization. You're onyour own noatime does not bring anything to pfSense in general so why use it?



  • I disagree, ermal - enabling noatime can improvement performance and reduce disk/flash wear. Seems like a feature to me!



  • @drees:

    I disagree, ermal - enabling noatime can improvement performance and reduce disk/flash wear. Seems like a feature to me!

    Recent vintage CF cards are a LOT more hardy than they were in the early days.  In an appliance environment, I'd be pretty surprised if you could kill a CF disk in a timeframe that was short enough for the original appliance to still be relevant.  CF cards are also dirt cheap these days.  If you're THAT paranoid about them failing, just replace them once a year or every other year.  Hell, 4gb CF cards can be easily had for between US$20-30.  Personally, unless I'm building a firewall for use while I'm jumping out of airplanes, I think I'll stick with a tried and true 2.5" hard disk with a CF or USB thumb drive to hold my config data.

    Best,



  • @ermal:

    It's not a bug nor a feature its customization. You're onyour own noatime does not bring anything to pfSense in general so why use it?

    It is not the "noatime" that bothers me - it is in a more general consideration - i think it is a problem that the /etc/fstab contents are not respected.

    This means that it is quite difficult to add extra disks and have them automatically mounted at boot time.

    I know that pfsense it an "appliance" - but it is still *nix beneath the surface - IMHO there should be some kind of (similar) mechanism that sould allow such.


Log in to reply