I spent a couple of days trying different ways to recover from a failure...

Started by 7queue, December 09, 2025, 10:25:38 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 09, 2025, 10:25:38 PM Last Edit: Today at 12:56:27 AM by 7queue
What I tried as a backup recovery plan is to use a drive that's the same size as the one in the firewall in a usb adapter and have zfs mirror the install partion onto the usb drive.

The usb drive has a clean install of OPNsense with zfs and that's it.

Plug the usb drive into the firewall and do the following

# gpart show
=>        40  2000409184  ada0  GPT  (954G)
          40      532480     1  efi  (260M)
      532520        1024     2  freebsd-boot  (512K)
      533544         984        - free -  (492K)
      534528    16777216     3  freebsd-swap  (8.0G)
    17311744  1983096832     4  freebsd-zfs  (946G)
  2000408576         648        - free -  (324K)

=>        40  2000409184  da0  GPT  (954G)
          40      532480    1  efi  (260M)
      532520        1024    2  freebsd-boot  (512K)
      533544         984       - free -  (492K)
      534528    16777216    3  freebsd-swap  (8.0G)
    17311744  1983096832    4  freebsd-zfs  (946G)
  2000408576         648       - free -  (324K)

The usb drive is da0 and partition 4 is the clean install of OPNsense.

# gpart delete -i 4 da0
# gpart add -i 4 -a 1m -t freebsd-zfs da0

Then attach the new partition. (had to use -f since it complains that /dev/da0p4 is part of potentially active pool 'zroot' from the clean install,
if the usb drive is from a prior attach then issue # zpool labelclear -f /dev/da0p4)

# zpool attach -f zroot ada0p4 da0p4

Let it resilver then shutdown and unplug the usb drive and power the firewall back up and detach the now missing usb drive.

# zpool detach zroot da0p4

After this verify the usb drive works by booting off of the usb drive in a test system. If you don't have a test system you will need to temporaraly disconnect the drive in the firewall in order to boot off the usb drive.

To clean up the cloned drive in the usb adapter.

# zpool detach zroot ada0p4

Login through the web interface and verify everything looks good.

If the drive in the firewall goes I can boot off the usb drive untill I get around to replacing the failed drive.
If the hardware goes I have a drive in the usb adapter I can use in a new firewall to get back up and running.

...and this works for me, YMMV.
Print
Go Up Pages1
User actions