Is a 30GB HDD good enough for a pfSense box?



  • Hello all,

    I have installed pfSense on a 30 GB HDD, and configured just a few of the basic settings i.e. assigning interfaces and IP addresses etc.

    Before I go too deep into other settings, packages etc. I would like to make sure that I will not exhaust the 30 GB in just a few short weeks/months, and will be required to re-do the entire installation, configuration etc. onto a HDD of a higher capacity.

    I do have a 250 (or is it 300?) GB HDD lying around somewhere and was wondering if it would make more sense to just install pfSense onto that drive, and then go the whole 9 yards.

    Is 250/300 GB overkill, or will that get filled up as well in about 2 or 3 years time?

    This is for my home installation.

    Thanks.


  • LAYER 8 Global Moderator

    Unless your running something like squid with caching,, 30GB is too large as well..  My deployment is on a 4GB virtual disk..  And that is too big..

    Pfsense just routing and firewall doesn't use up space – your caching of internet via a proxy.  Or possible logs in stuff like snort or ntop could use up space..



  • I have a system with a 60Gb drive serving anything up to 600 users a day. I don't have any disk-hungry applications such as Ntop or Squid writing tons of logs to the filesystem, so it works for me. Currently, I'm only using 4.7Gb so if you're just using this for home, you're not running any extra packages and I assume you don't have 600+ users who will be on it, then 30Gb sounds like it might be ok. (Just posted this and now see JP has already answered this one…)



  • Wow!!! Seriously guys? That's freakin' amazing!

    Thanks muswellhillbilly and johnpoz for your very helpful and informative answers.

    Which brings up another question: Let's say I do decide to implement squid and/or snort (not sure what NTOP is at this time….still a beginner, taking baby steps), then how big a drive would I need? And I do realize that I would have to do some house-keeping from time-to-time.

    And actually, the question above brings another question to mind: why would I (or do I really need to) implement things such as squid, snort, or ntop?

    Thanks again.

    Cheers



  • Google would certainly be your friend here, but in short Squid is a web proxy server which enables you to log and control your web traffic. Snort is a network Intrusion detection system, useful for checking your network security. Ntop is a graphical network usage monitor. Whether you need any of these is entirely down to you and your network environment. I can see how Squid might be useful for checking and/or managing web access for your kids if you want to check where they've been pointing their browsers. Otherwise it's up to you what you want to do, depending on your disk space.( Ntop in particular can amass some big logs if you have a lot of traffic operating across your firewall)


  • LAYER 8 Global Moderator

    Yeah unless you have kids, I really don't really see much point to proxy in the home.. Unless you had really really strapped inet connection and were hoping to cache some info…  But to be honest with most sites doing dynamic stuff these days cache isn't as useful as it once was.

    ntop can be very insightful info - but if this is on a older box it can be a hit on the resources, same goes for snort..  Snort is going to generate a HUGE amount of false positives so unless your really willing to adjust the rule sets its going to just flood you with noise that will make no sense to you if your not up to speed on the use of IDS/IPS

    You can get pfsense up and running, start playing with some of the packages and if you like them and need the space then can always up the disk at later time..  Backup of your config and then restore would allow you to up the disk size very easy..



  • Thank you once again (JP and muswellhillbilly) for an excellent short, succinct primer on pfSense and 3 of its packages.

    I do have kids, one teen, and another tween…and I certainly like the idea of using Squid to see where they've pointed their browsers...but perhaps I'll keep that one for another day. As JP suggested....I'll "get pfsense up and running, start playing with some of the packages and if you like them and need the space then can always up the disk at later time".

    I think I'll take a pass on ntop and snort as well, based on what I've learned (about those 2 packages) from the both of you.

    Totally grateful to you guys for having taken the time to help me out.

    Cheers


Log in to reply