Hi, I'm trying to build a redundant duo of firewalls/routers/gateways and I'm thinking about not putting any disks in them and instead using a usb-stick raid-1 as storage. Has anyone any experience with this? Since the machines will be running pretty much only iptables, conntrackd and keepalived there is not going to be a lot of disk activity going on and the plan is to do all the logging on a remote machine which should reduce the write activity on the sticks to almost zero during normal operation.
I've already created a fairly minimal kickstart for such an installation but I'm wondering if there are any opinions out there on whether this is a feasible approach or if there are any gotchas I'm not aware of.
Regards, Dennis
On Jul 21, 2011 8:27 AM, "Dennis Jacobfeuerborn" dennisml@conversis.de wrote:
Hi, I'm trying to build a redundant duo of firewalls/routers/gateways and I'm thinking about not putting any disks in them and instead using a usb-stick raid-1 as storage. Has anyone any experience with this?
I simply wouldn't build a system that is dependent on USB for the rootfs full-time, unless it's very unimportant. I've seen USB ports get disabled while in-use plenty of times. Instead, an ATA to CF or SD adapter can be had quite inexpensively.
cooleyr@gmail.com wrote:
On Jul 21, 2011 8:27 AM, "Dennis Jacobfeuerborn" <dennisml@conversis.de mailto:dennisml@conversis.de> wrote:
Hi, I'm trying to build a redundant duo of firewalls/routers/gateways and I'm thinking about not putting any disks in them and instead using a
usb-stick
raid-1 as storage. Has anyone any experience with this?
I simply wouldn't build a system that is dependent on USB for the rootfs full-time, unless it's very unimportant. I've seen USB ports get disabled while in-use plenty of times. Instead, an ATA to CF or SD adapter can be had quite inexpensively.
There are DOM's, IDE Disk-On-Module.
On Thursday, July 21, 2011 05:26:47 PM Dennis Jacobfeuerborn wrote:
Hi, I'm trying to build a redundant duo of firewalls/routers/gateways and I'm thinking about not putting any disks in them and instead using a usb-stick raid-1 as storage. Has anyone any experience with this? Since the machines will be running pretty much only iptables, conntrackd and keepalived there is not going to be a lot of disk activity going on and the plan is to do all the logging on a remote machine which should reduce the write activity on the sticks to almost zero during normal operation.
I've already created a fairly minimal kickstart for such an installation but I'm wondering if there are any opinions out there on whether this is a feasible approach or if there are any gotchas I'm not aware of.
I/we have done this on a few systems with vanilla CentOS and no problems. Do note however that not all usb-sticks are the same (performance can vary _a lot_).
/Peter
-
cooleyr@gmail.com -
Dennis Jacobfeuerborn -
Ljubomir Ljubojevic -
Peter Kjellström