New User, new server
Peter Ludikovsky
peter at ludikovsky.name
Wed Jun 21 07:23:36 UTC 2017
Hello,
Thanks for the pointers so far!
On 06/20/2017 05:22 PM, Jim Ohlstein wrote:
>> 1) The new machine comes with a 128G SSD, in addition to the 2 4T
>> HDDs from the older server. I'd like to set up ZFS root, with a slice
>> of the SSD as ZIL and L2ARC, and the root mirrored across the SSD and
>> the 2 HDDs. Does this make sense, and if so what would be the ideal
>> slice layout? Or should I just use the whole SSD as ZIL/L2ARC?
>
> I wouldn't mirror anything across an SSD and a magnetic drive (or two).
> Pick either the SSD or the drives.
>
> ZIL/L2ARC may be overkill on a home system unless it's frequently
> accessed by multiple users, but if you insist on having both on one SSD,
> make them the only things on the drive, and keep everything else on the
> 4TB drives. It's best to have ZIL and L2ARC on different, dedicated
> devices, but your hardware eliminates that possibility.
>
The idea here was that since the machine came with an SSD pre-installed,
I might as well try and use it. But the installation probably won't use
the whole disk, even if I want the system to be on redundant disks too,
not just the data. But oh well, I'm sure I can find other use for it.
>> 2) Moving data from the old machine. Can I run zfs send/receive to
>> get the ZFS on Linux datasets onto FreeBSD, or do I need to (r)sync?
>
> It _should_ work, but rsync will work.
I'll spin up 2 VMs and just try it. Since it's only 3 datasets that
would have been moved that way (/home, Webserver data, Fileserver data)
there's not much of a problem either way.
>> 3) Firewalling: PF, IPFW, or IPFilter? The machine will be behind an
>> ISP provided router, but I'm paranoid enough to want an additional
>> firewall on that machine, and one that plays nice with fail2ban at
>> that.
>
> Unless you're running services that expect outside connections (say if
> this is a file server), it won't matter. In fact, it really doesn't
> matter anyway. Pick one, learn it, use it. I use PF. I've used the other
> two also. PF includes functionality for port redirection and NAT. I have
> no idea about fail2ban. I use PF tables and the expiretable utility.
Fileserver for internal use only, an Nextcloud instance for the family
photos/videos/calendars/contacts, a Bitcoin node, and a Torrent client
for various OSS images.
Regards,
/peter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20170621/7095f37a/attachment.sig>
More information about the freebsd-questions
mailing list