Re: [pfSense] HP DL160 for pfSense in a datacenter
On 04/23/2014 06:34 PM, Vick Khera wrote: > On Wed, Apr 23, 2014 at 12:12 PM, mayak wrote: >> I agree that the b110 is just worthless -- I tried setting it up for raid a >> mirror with two drives -- horrible. a second try with the BSD based raid >> worked great. So question is -- should I just throw 4 sata drives in the box >> and run a with a big mirror, or is there the added safety by running SSD. > I don't understand where you get the number for 4 drives in a mirror? > > If you're worried about disk failure, just put two disks in a software > mirror and be done with it. If you use different manufacturer batches, > they likely won't fail at the same time. > > My personal preference is to use a pair of pfSense boxes with CARP and > pfSync and a single SSD drive each. If the one fails, the other keeps > working while you fix it. hi vick, i have mirrored disks like this before -- 4 copies of the same thing -- a bit dumb, but ... i think that your carp pair wins the prize -- i've a second dl160, so maybe that's the way to go ... lots of fans and power ... lol thanks to all m ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] HP DL160 for pfSense in a datacenter
On Wed, Apr 23, 2014 at 12:12 PM, mayak wrote: > I agree that the b110 is just worthless -- I tried setting it up for raid a > mirror with two drives -- horrible. a second try with the BSD based raid > worked great. So question is -- should I just throw 4 sata drives in the box > and run a with a big mirror, or is there the added safety by running SSD. I don't understand where you get the number for 4 drives in a mirror? If you're worried about disk failure, just put two disks in a software mirror and be done with it. If you use different manufacturer batches, they likely won't fail at the same time. My personal preference is to use a pair of pfSense boxes with CARP and pfSync and a single SSD drive each. If the one fails, the other keeps working while you fix it. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] HP DL160 for pfSense in a datacenter
THIS > Also has the advantage that in the event of hardware failure, you can move the drives to any other system and still access the data - something that's not always an option if you're relying on a proprietary RAID layout. Applies to a great many system builds... if you have the option of having spare parts and idle servers waiting to be swapped in at a moment's notice, go nuts with higher level RAID... but mirror is simply easiest to recover should the controller or hardware die, with your data sitting on the drives. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] HP DL160 for pfSense in a datacenter
On 23/4/14 4:46 pm, Vick Khera wrote: I reconfigured them to use geom mirror instead, and everything has been much better since. The FreeBSD kernel does a fine job managing the mirror all by itself. We have some DL160s with the same B110i controller running as Linux KVM host machines, and like you, told the controller to treat the disks as basic drives and use the OS to manage the mirror (in our case using mdraid, but the principle is the same). Agree that these pseudo-raid cards are not worth the time of day. Incidentally, we also did some testing with some Dell PE2950s a while back (with 'proper' battery-backed hardware RAID controllers), and still ended up with considerably better performance by telling the controllers to treat the disks as just disks, then using mdraid in the OS. Also has the advantage that in the event of hardware failure, you can move the drives to any other system and still access the data - something that's not always an option if you're relying on a proprietary RAID layout. Kind regards, Chris -- This email is made from 100% recycled electrons ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] HP DL160 for pfSense in a datacenter
On 04/23/2014 05:46 PM, Vick Khera wrote: > On Wed, Apr 23, 2014 at 9:14 AM, mayak wrote: >> I have inherited a used an HP DL160 for use at a data center to act as a >> principal firewall -- > I have some HP DL120G5's in service. Initially they were set up with > the built-in SATA hardware RAID. This is *useless* to protect your > system on a disk failure. The whole machine comes tumbling down (at > least that was the case with FreeBSD 8.x they were running). > > I reconfigured them to use geom mirror instead, and everything has > been much better since. The FreeBSD kernel does a fine job managing > the mirror all by itself. There is very little disk I/O that goes on > with pfSense anyhow, so you won't notice the CPU load. > > All that said, I'd go with SSDs and configure pfsense to use memory > file systems for /tmp and /var to limit wear. I do this on my main > data center firewalls. I don't even bother mirroring the SSDs since > the whole system is "mirrored" by pfsense to a twin box. hej erik, hi vick, so the DL160 is delivered with the B110i caca sata raid and one slot for a full sized pci card (currently used by a quad port Ethernet). I agree that the b110 is just worthless -- I tried setting it up for raid a mirror with two drives -- horrible. a second try with the BSD based raid worked great. So question is -- should I just throw 4 sata drives in the box and run a with a big mirror, or is there the added safety by running SSD. thanks for all the help! m ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] HP DL160 for pfSense in a datacenter
On Wed, Apr 23, 2014 at 9:14 AM, mayak wrote: > I have inherited a used an HP DL160 for use at a data center to act as a > principal firewall -- I have some HP DL120G5's in service. Initially they were set up with the built-in SATA hardware RAID. This is *useless* to protect your system on a disk failure. The whole machine comes tumbling down (at least that was the case with FreeBSD 8.x they were running). I reconfigured them to use geom mirror instead, and everything has been much better since. The FreeBSD kernel does a fine job managing the mirror all by itself. There is very little disk I/O that goes on with pfSense anyhow, so you won't notice the CPU load. All that said, I'd go with SSDs and configure pfsense to use memory file systems for /tmp and /var to limit wear. I do this on my main data center firewalls. I don't even bother mirroring the SSDs since the whole system is "mirrored" by pfsense to a twin box. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] HP DL160 for pfSense in a datacenter
Am 23.04.2014 15:24, schrieb Erik Anderson: > On Wed, Apr 23, 2014 at 8:14 AM, mayak wrote: >> The machine has one of those stupid raid chips that works for software >> raid -- pfSense knows about these kinds of cards, but nonetheless, I >> would like to make this machine as bullet proof as possible (in terms of >> disk failure). > > You're not going to want to hear this, but... > > ...purchase a real hardware RAID card. FakeRAID cards are horrible, > and I'd never trust them for something as critical as a > firewall/router device. You don't need anything fancy - you should be > able to source a used RAID controller for a very reasonable price. Unfortunately you don't tell us what controller (dmesg ?) it is nor the DL160's generation (G6, G7...). Some of those lower-end rackserver are able to run in plain AHCI (if SATA) or SAS HBA-mode (i.e. LSI's in IT-mode). If that is possible you may just go with that and install pfSense on a geom mirror. The installer should (if I remember right) have such an option. -- Mathieu --- Diese E-Mail ist frei von Viren und Malware, denn der avast! Antivirus Schutz ist aktiv. http://www.avast.com ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] HP DL160 for pfSense in a datacenter
On Wed, Apr 23, 2014 at 8:14 AM, mayak wrote: > The machine has one of those stupid raid chips that works for software > raid -- pfSense knows about these kinds of cards, but nonetheless, I > would like to make this machine as bullet proof as possible (in terms of > disk failure). You're not going to want to hear this, but... ...purchase a real hardware RAID card. FakeRAID cards are horrible, and I'd never trust them for something as critical as a firewall/router device. You don't need anything fancy - you should be able to source a used RAID controller for a very reasonable price. -Erik ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] HP DL160 for pfSense in a datacenter
Hi All, I have inherited a used an HP DL160 for use at a data center to act as a principal firewall -- The machine has one of those stupid raid chips that works for software raid -- pfSense knows about these kinds of cards, but nonetheless, I would like to make this machine as bullet proof as possible (in terms of disk failure). So -- I could throw 4 sata disks in, and run one big mirror, or I was thinking about 1 or 2 SDD drives. Whats the best practice to mitigate against a disk failure? Thanks M ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
