PfSense on CF 1GB



  • Hi,

    possible that there is not the new version of  pfSense 2.3 for 1gb compact flash ? but minimum 2gb?

    Fabio



  • yes. 1GB has been scrapped.
    @cmb:

    Yes, that's no longer big enough (1 GB image has less than 500 MB available for the OS with two slices).
    https://doc.pfsense.org/index.php?title=2.3_New_Features_and_Changes#Security.2FErrata



  • Uff :(

    Thanks

    do you think it is wise to install pf 2.3 on alix board or is it too heavy?



  • You can install full pfSense from ISO or memstick pfSense as usual an 1GB disk, but please select advanced install during setup, and partition disk manually. At partition size enter * (asterisk) so that the partition fills up the whole 1GB disk space. Also when it asks for swap space, delete the swap entry from the list.
    After installation finishes, you'll have a full install ocupying only 61% of 946MiB (that's in my case using 1GB built-in DOM disks in thin clients).
    (there's some weirdness in the simple setup logic, that only creates a 700MB partition and leaves 300MB unpartitioned - that's why you should go advanced)

    You can restore your config file from previous NanoBSD versions.

    To verify NanoBSD-like operation, go to System > Advanced > Miscellaneous and check "Use RAM Disks (x) Use memory file system for /tmp and /var". This will keep installed system away from flash writes.

    Of course no more double slices anymore, but still usable with 2.3 as before. I actually never had to change the active slice on a production system, I played around with it in my lab, but in production, if you really can't upgrade system media above 1GB (as me), the above solution will be perfectly usable.



  • Hi robi, thanks for your help. ive downlaoded 2gb version,  how do i put it on 1gb CF ?

    PS I stop before installing pfsense :D



  • Well, if you really use a CF card in your system I think the best way would be to just buy a bigger one - it's the least risky.
    My description is intended for those who have non user replaceable storage media (like DOM modules in thin clients), or on-board flash media of 1GB in theur hardware. It can be applied for 1GB CF cards though - if you're ready for challenge  8)
    You could, for example, put your 1GB CF card in a standard PC using a CF-to-IDE (CF-to-PATA) adapter and install full pfSense on it as I described above. And move the CF card back to Alix afterwards.



  • I prefer buy a new card  ;D ;D

    Thanks for your help  :)



  • do you think it is wise to install pf 2.3 on alix board or is it too heavy?

    I am running 2.3 fine on Alix with a 2GB CF card.
    If you are buying a new CF card then you might as well get a 4GB, but if you have a 2GB sitting around then that will work fine.



  • In my area we can barely find 4GB CF cards, the minimum size available in most shops is 8GB.
    It's worth considering to make 8GB images too (already submitted redmine on this).



  • @Fabioo:

    Hi robi, thanks for your help. ive downlaoded 2gb version,  how do i put it on 1gb CF ?

    PS I stop before installing pfsense :D

    I would you use the ISO/memstick version because the nanobsd version is discontinued for further releases (2.4 perhaps).



  • @iam:

    @Fabioo:

    Hi robi, thanks for your help. ive downlaoded 2gb version,  how do i put it on 1gb CF ?

    PS I stop before installing pfsense :D

    I would you use the ISO/memstick version because the nanobsd version is discontinued for further releases (2.4 perhaps).

    Is there an official statement on this?  :o



  • @robi:

    Is there an official statement on this?  :o

    Not yet. It will be discontinued at some point because the flash media it's relevant to doesn't exist in current new hardware, but that's some way out at this point.



  • I ve bought two kingston 4gb!

    if you get a bigger and more faster card you can perform a "normal" installation without the embedded limitation ?

    EDIT: OK Stupid question :P



  • Yes you can, but don't forget to go to System > Advanced > Miscellaneous and check "Use RAM Disk".

    What I did for my thin clients, is that I've installed my full pfSense on 1GB as I described above, entered the web interface, selected "reset to factory defaults", restarted the system but didn't allow it to boot up, instead, I took a DD image of the contents of the disk.

    This way, I've created my own 1GB "nanobsd-ish" image.

    PS: as an extra, I've modded the default config file with interface names matching my hardware, and pre-selected RAM Disk usage to be enabled by default. This way, each time I flash this image to any number of thin clients, I get a fresh system already prepared with these options, also skipping interface assignment at the console.  8)



  • Perfect ! this weekend I'll do the tests :)

    Thanks !



  • When installing "Full" on CF card or SD card (coming from NanoBSD), my advice would be to avoid creating a Swap partition.
    If there's a swap partition present pfSense will mount it - and using flash media as swap space can be really hard on flash wear. Of course, if swap space is really used - but to be on the safe side, I'd suggest not to use swap at all - on NanoBSD it didn't exist anyway.



  • confirm :P



  • @robi:

    Is there an official statement on this?  :o

    Here's the official-ish statement:
    https://doc.pfsense.org/index.php/Upgrade_Guide#NanoBSD

    This is disappointing but understandable.  I still have a handful of Intel Z-U130 SLC flash drives that are 1GiB.  Most are 2 GiB, though.

    I think I'll try following your advice and using the full version with no swap and check the Ram Disk option.

    Thanks for the tips!

    -Wes



  • What RAM disk size is recommended for /tmp and /var?



  • I use 90MB and 60MB on my embedded system (which has 1GB of RAM installed). But I don't use any special packages writing to these directories. It routes at around 500Mbit/sec, maxig out that single NIC it has for both WAN and multiple LANs (all through a VLAN-capable switch)



  • I have Dell FX160 with 1G RAM and 1GB SSD DOM, running 2.2.6 version.
    When I tried install 2.3.3 (or 2.3.2) , during install after creating full partition (*), following robi advice, I got following error:

    Execution of the command
    /sbin/bsdlabel -B -r -w ada0s1 auto
    Failed with a return code of 4.

    Tried on two FX160, but result is the same.
    Any advice?

    BR/bbfrankopan



  • I don't have a FX160 to try but I have built various BSDRP based systems on FX130 and seen some odd things in the past depending on what was on them before.

    You could try wiping out all of the partitions on the DOM and creating a single FAT32 partition with DOS MBR. I use a bootable USB stick with Ultimate Boot CD on for wiping out partitions. Then try installing the pfSense® software.

    bsdlabel on my 2.3.3 appears to have -R as an option but not -r.



  • Using bootable linux on USB, did wiping all the partitions on DOM, crate one new FAT32  partition, but result is the same error.
    Accessing logs, there is line at the end of logs:
    Executing '/sbin/bsdlabel -B -r -w ada0s1 auto'
    bsdlabel: /dev/ada0s1 read: Invalid argument

    Did not try with Ultimate Boot CD, but effect should be the same.