OPNsense install

[antonvdh]

I want to install OPNsense on a Watchguard XTM505  CPU E8400 2gb memory.
Do I need an SSD or could OPNsense also installed on a 8gb CF card.

[fabian]

An 8GB CF card is enough for the operating system and the plugins but you cannot run a developer environment on it and you cannot use features like caching (for example the file system storage of the proxy).

[franco]

You still can, but the flash storage will wear down with time. If you are not concerned with this any storage type is fine. :)

[antonvdh]

The reason I asked is because reliability wonder if  it is smart to run an SSD 24/7 in a production environment where do we need caching for is that for the graphs?  The orginal Watchguard didn't have an harddrive.

[franco]

SD / CF cards work, but they are generally fire-and-forget budget versions where a hard disk doesn't really matter... they work until they don't. Be prepared for having a spare for swapping in cause it stops working / behaving normally. If you want to avoid that, get a hard drive.


Cheers,
Franco

[antonvdh]

Ok I was worried about the ssd lifespan.

[franco]

SSD lifespan is fine if you use /var and /tmp MFS mode. :)

The 2 GB is a limiting factor for these Memory-File Systems, so you can't have huge caches, but if it fits the use case it's perfectly viable.


Cheers,
Franco

[antonvdh]

I did not know there is a 2 GB limit on /var and /tmp MFS mode.
The sdd I want to use for storage , local quarantine data, logs and reporting.
The installation however could be done on the CF Card or how is for example Sophos doing this.

[franco]

No, you wrote "CPU E8400 2gb memory."

Memory file systems are limited by RAM, so I assumed 2 GB is the upper bound in your box. Minus 1 GB for general use of the system leaves 1 GB of RAM for cache files, etc. *if* you use memory file systems to dampen the write cycles on your SSD / SD / CF.


Cheers,
Franco

[antonvdh]

Ok I understand  imo a memory system can be RAM, onBoard flash or a Memory Card.

[antonvdh]

Back to my question should I use ssd or ponly CF card  because logging and configuration systems do a lot of disk writes, which can lead to early SSD failure.
I thought therefore its better only to use Enterprise SSD. Or is it an outdated story.

[fabian]

configuration should not happen too often but it should be possible to configure the system to avoid logging to disk. In this case you can send all your logs to an external logging server using syslog. If this is a logstash server, your log messages can be indexed for search, stored on a storage server and sent to a SIEM engine.

Enterprise SSDs are usually SLC instead of MLC which makes them last longer and be faster but it will increase the price a lot. If you want to to be prepared for disk failure it would be cheaper to mirror the data using RAID and do regular backups of important data.

[antonvdh]

Ok thanks for all answers time to install OPNsense on two watchguard XTM units with SSD on board.