Re: [pfSense] APU and SSD: full install or NanoBSD
I’ve done the full install and with a 64GB SSD - I sliced off 50GB for the OS and the rest for a swap (I like to overkill that sometimes). It’s performing VERY well. We don’t have to reboot the firewall… ever. On Nov 25, 2014, at 8:47 PM, Volker Kuhlmann hid...@paradise.net.nz wrote: On Thu 30 Oct 2014 00:12:05 NZDT +1300, Odette Nsaka wrote: I'm going to switch from MMC/SD to SSD on APU. Good move. Does anyone have any suggestion or experience? Are SSD drives on PC engines shop reliable to make a full install or do you suggest to stay on NanoBSD install? Full of course, come on, you've got a pretty decent PC with heaps of RAM. Not exactly embedded-sized, save the VGA output you never need anyway, and the power consumption. Nano is for rock-bottom hardware specs, which the APU is not. Thinking SSDs are the way to go I put in a PC Engines SSD (good price, afterall) with updated firmware as soon as it became available in mid/late May, and added squid and squidguard for my own protection. Bad idea. Pfsense locked dead for the first time in early Sep, got pretty hot too (does the CPU clock/power control fail with disk IO errors?). Bottom line, squid and SSD are not a good combo. The new SSDs from PC Engines with physon controller are much better, good SMART support too, but my plan is to run pfsense of the SSD and locate the squid cache and log files on a 2.5 spinning platter. With PC Engines' special SATA cable it might still all fit into the case. pfsense 2.1.5 Volker -- Volker Kuhlmann is list0570 with the domain in header. http://volker.top.geek.nz/Please do not CC list postings to me. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] APU and SSD: full install or NanoBSD
Bottom line, squid and SSD are not a good combo. Ive used several SSDs over the years running pfSense and linux and windows OSes. Work just like hard drives, except might actually be more reliable. There is one exception: none of the SSDs I used were PC Engines. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] PCengine APU sleepness
Hi there finally (see the thread [pfSense] APU and SSD: full install or NanoBSD on this mailing list ) I opted for a full install with /var anf /tmp on ramdisk on one APU and an ebbedded one fon another APU. They are both working fine. But, on both, I have some issues with the web interface: if I'm working (refreshing frequently the web pages) everything works fine and fast. But if i leave the browser open on a web page for a while (minutes) and do nothing , when I try to access again the web interface, the pf web server seems to be very slow, so slow that often the browser gives up with time-out error, as if the APU, php engine or the web server were fallen aspept and needs some time to wake up. The next request, if asked in a few seconds, is answered very fast (alredy awaken ???). I did not experience similar lags or reactivity issues of the other components not web related. I don't remember a similar behaviour on Alix or PC Did someone experience a similar behaviour? Suggestions? Thanks in advance, Odette ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] PCengine APU sleepness
Have you tried another web browser? I suspect it has nothing to do with the hardware or software but your client. I have not had this type of issue before. — Ryan On Nov 26, 2014, at 1:11 PM, Odette Nsaka odette.ns...@libero.it wrote: Hi there finally (see the thread [pfSense] APU and SSD: full install or NanoBSD on this mailing list ) I opted for a full install with /var anf /tmp on ramdisk on one APU and an ebbedded one fon another APU. They are both working fine. But, on both, I have some issues with the web interface: if I'm working (refreshing frequently the web pages) everything works fine and fast. But if i leave the browser open on a web page for a while (minutes) and do nothing , when I try to access again the web interface, the pf web server seems to be very slow, so slow that often the browser gives up with time-out error, as if the APU, php engine or the web server were fallen aspept and needs some time to wake up. The next request, if asked in a few seconds, is answered very fast (alredy awaken ???). I did not experience similar lags or reactivity issues of the other components not web related. I don't remember a similar behaviour on Alix or PC Did someone experience a similar behaviour? Suggestions? Thanks in advance, Odette ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] PCengine APU sleepness
On Wed, Nov 26, 2014 at 1:40 PM, Ryan Coleman ryan.cole...@cwis.biz wrote: Have you tried another web browser? I suspect it has nothing to do with the hardware or software but your client. I have not had this type of issue before. Agree, sounds that way. What it sounds most like might be the browser hanging onto the TCP connection it was using, but that connection was actually closed or timed out (though at defaults, the fully established idle TCP connection would take 24 hours for the state to timeout at the firewall), or was deleted for some reason. Then the browser wants to sit there and try and try and try to use its old now-dead connection. That's generally only an issue when you reboot a system, or manually clear its state table, but could happen under other circumstances potentially. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] Returning gateways
Hi, I am running on 2.2-BETA (amd64) for quite a while now, everything is fine except for one mayor annoyance; How to trash a gateway? I have a couple of interfaces with their IPv4 and IPv6 config set to none, for example VPN tunnels. Or IPv4 only interfaces. If I try to delete the unnecessary IPv6 gateway or both they just re-appear, enabled and all. Of course never reaching up status for the various reasons. Is it a bug, a feature or my fault? :) -Marcus ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] APU and SSD: full install or NanoBSD
On Thu 27 Nov 2014 04:41:42 NZDT +1300, compdoc wrote: Bottom line, squid and SSD are not a good combo. Ive used several SSDs over the years running pfSense and linux and windows OSes. Work just like hard drives, except might actually be more reliable. From the discussion in this thread it's clear that only good-quality expensive SSDs can be counted on, and that they have to be several times over-sized, adding more to the cost. Best is not to write to them too then, if possible. ;-) It's a lot of expense compared to the cost of an APU board. Smaller spinning disks in good shape are frequently free from upgrade leftovers. Volker -- Volker Kuhlmann is list0570 with the domain in header. http://volker.top.geek.nz/ Please do not CC list postings to me. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Returning gateways
On Wed, Nov 26, 2014 at 2:11 PM, Marcus van Dam mar...@marcusvandam.nl wrote: Hi, I am running on 2.2-BETA (amd64) for quite a while now, everything is fine except for one mayor annoyance; How to trash a gateway? I have a couple of interfaces with their IPv4 and IPv6 config set to none, for example VPN tunnels. Or IPv4 only interfaces. If I try to delete the unnecessary IPv6 gateway or both they just re-appear, enabled and all. Of course never reaching up status for the various reasons. Sounds like what should happen, and what's always happened, by design. Dynamic gateways should be there in most VPN circumstances with an assigned OpenVPN interface, and can't be deleted. They act the same as a DHCP or other dynamic-type interface in that regard. You don't have to use them, and can disable monitoring on them if you want, but they have to be there. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Returning gateways
Hhmm, I see; just didn't remember it was like that before. I did notice that we can now delete the gateway from the OpenVPN tap device (bridged to em1). Any chance we can then at least hide disabled gateways from the status pages? The IPv4 gateway on a SixXS tunnel will never come up for example. On that same note, we also have the OpenVPN rules tab, but rules are handled in it's separate interface tab. Or in case of some bridge members, not at all. Slightly off-topic: If you bridge a tap with an lan interface, would you recommend filtering on the lan or the bridge it self (tap - lan should be transparently bridged.) On 11/26/2014 11:02 PM, Chris Buechler wrote: On Wed, Nov 26, 2014 at 2:11 PM, Marcus van Dam mar...@marcusvandam.nl wrote: Hi, I am running on 2.2-BETA (amd64) for quite a while now, everything is fine except for one mayor annoyance; How to trash a gateway? I have a couple of interfaces with their IPv4 and IPv6 config set to none, for example VPN tunnels. Or IPv4 only interfaces. If I try to delete the unnecessary IPv6 gateway or both they just re-appear, enabled and all. Of course never reaching up status for the various reasons. Sounds like what should happen, and what's always happened, by design. Dynamic gateways should be there in most VPN circumstances with an assigned OpenVPN interface, and can't be deleted. They act the same as a DHCP or other dynamic-type interface in that regard. You don't have to use them, and can disable monitoring on them if you want, but they have to be there. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
