[Dirty How to] Cloning pfSense hard disk

  • Hello,

    I had to duplicate a pfSense Netgate ADI box this week.
    Since the system is heavily modified, a PFI reinstall wasn't a viable option.

    Most linux systems don't understand the partition structure of pfSense and can only clone using dd producing a file as large as the hard disk. Some users have said that Acronis works great, but then you have to open the box and extract the disk since acronis won't run on serial console.
    I intented to clone to a FAT32 memstick so I needed the target files not to be bigger than 4G per chunk.

    I have written a quick and dirty script that uses dd, compresses the output and splits it into multiple files, which I could use with a live distribution.

    First, I've zero filled all empty space on the pfSense so compressed files shall be small. On the pfSense box:

    dd if=/dev/zero of=/zerofile BS=512K
    rm -f /zerofile

    I've then booted my SG-4860 box with CloneZilla live failsafe, replacing "vga=normal nosplash" by "live-getty console=ttyS1,115200n8".
    I've actually modified the clonzilla live usb stick in /syslinux/syslinux.cfg and rendered those changes permanent.
    Backup and restore is then easy, as long as you've mounted the usb stick itself as /mnt and copied ddsplit.sh to the stick first.

    ddsplit --backup /dev/sda /mnt/pfSense_backup 1G

    This produces compressed 1GB chunks of the disk (my total pfSense backup from a 120GB disk weights 1.6GB). The filename includes the chunk size and number.

    Restoration on a new pfSense box:

    ddsplit --restore /mnt/ddsplit.1G.main.pfSense_backup.gz

    The backup / restore is quite long (it really writes the whole 120GB) but well, it can fit on a standard memstick.
    The clone works without any other mods as long as source and target hardware is identical.

    The script can be found here: https://github.com/deajan/linuxscripts


  • I'm sure that will work fine, it's just a sector copy of the disk using Linux tools.

    You might find it easier to work with in the future if you start with toolset from the same OS as pfsense.
    Try starting with a FreeBSD LiveCD rather than Linux.
    There's some differences in the way they natively handle the ufs partitions that will make your life easier under FreeBSD.

  • Thanks for the advice, I know linux can't deal with GEOM and slices as in FreeBSD.
    The funny part is that CloneZilla is supposed to deal with FreeBSD partition scheme, but can't handle pfSense's one.

    Anyway, this was my quick and (really) dirty solution to handle my problem in a couple of hours.

Log in to reply