Virtualization

• G

  Very slow upload on pfSense in KVM
  • gusto  

  10
  0
  Votes
  10
  Posts
  37
  Views

  

  @gusto said in Very slow upload on pfSense in KVM: Now I need to see if it will be stable. On a router, LRO, TSO and hardware checksum offload must always be disabled. These features are good for endpoint devices but not for a router. There are millions of posts on this forum about this theme: https://docs.netgate.com/pfsense/en/latest/hardware/tuning-and-troubleshooting-network-cards.html but even better if you disable it in loader.conf.local, where the other unnecessary functions include EEE, flow control, etc. (so stay protected from FW upgrades) And these about Realtek: https://forum.netgate.com/topic/135850/official-realtek-driver-binary-1-95-for-2-4-4-release/76 (A lot of people use this driver and if I know well it's really just that good and / or better solution.) https://forum.netgate.com/topic/133536/official-realtek-driver-v1-95-binary?_=1600417473785 It's not easy to get it to work well. You can almost forget about using Suricata and Snort with Realtek. For me, ESXi and Xen (for web server / VPS) remain eternal love
• M

  Watchdog timeout on queue 0
  • megapearl  

  15
  0
  Votes
  15
  Posts
  4668
  Views

  R

  @Erutan409 I've been running with it for a couple of days and discovered that my pfSense box has significantly increased CPU load, and services behind that particular interface feel throttled. Again, I'm running on KVM and I don't think it has any such paravirtual time synchronization—I run NTP on the host and have pfSense update from the host ntpd once an hour. In the meantime, I've managed to break my pfSense install by powering it off at the wrong point, so I'm going to reinstall the latest version from ISO and switch back to PV NICs. I'll update here again if I learn anything.
• B

  pfsence VM on host
  • B3gin3r  

  2
  0
  Votes
  2
  Posts
  10
  Views

  

  https://docs.netgate.com/pfsense/en/latest/virtualization/index.html -Rico
• R

  pfSense VM with LACP teams and SMB MultiChannel issue
  • rgijsen  

  1
  0
  Votes
  1
  Posts
  8
  Views

  No one has replied

• T

  Weird issue when virtualizing pfSense on Proxmox VE
  • techtester-m  

  3
  0
  Votes
  3
  Posts
  11
  Views

  T

  Edit 2: I think it's either a bug in 2.45-p1 version of pfsense or something really weird is going on. I just switched back to a bare metal installation and it's still happening. Same exact problem....never noticed such a behavior before. Any idea fellas?
• J

  How to Console into PFSense in Azure
  • jcresap  

  1
  0
  Votes
  1
  Posts
  12
  Views

  No one has replied

• F

  PFSense crash <7>arpresolve: can't allocate llinfo for 192.168.1.254 on em0
  • fresnoboy  

  1
  0
  Votes
  1
  Posts
  8
  Views

  No one has replied

• P

  pfSense in AWS does not start after being stop
  • paul.bargiel  

  1
  0
  Votes
  1
  Posts
  6
  Views

  No one has replied

• J

  pfSense(s) on Proxmox losing connection when traffic is high
  proxmox • • JohnMolt43  

  7
  0
  Votes
  7
  Posts
  19
  Views

  J

  @jimp said in pfSense(s) on Proxmox losing connection when traffic is high: If you already have checksums disabled I don't think there is any compelling reason to stay with e1000 these days. If it's an older setup that has been around a while, it may have been installed before virtio was well supported. Since it's a VM it would be easy enough to take a backup, snapshot it, and try it out. Either way, though, you should upgrade to 2.4.5-p1 Noted I will plan an update and the driver change
• 

  Networking Problem with pfSense, Ubuntu and VirtualBox
  • Falklan  

  2
  0
  Votes
  2
  Posts
  12
  Views

  

  This problem was resolved by changing adapter 2 to bridged and selecting 2nd port on the NIC.
• S

  pfSense on libvirt/KVM on Ubuntu 20.04.1 - WAN interface locking up
  • sparkyjf  

  1
  0
  Votes
  1
  Posts
  10
  Views

  No one has replied

• R

  Unable to create proxmox VMs internal/external network
  • reddychaitu2002  

  4
  0
  Votes
  4
  Posts
  33
  Views

  V

  @reddychaitu2002 said in Unable to create proxmox VMs internal/external network: The dedicated server (It has Proxmox OS) has several VMs (Ubuntu server) and each VM should be connected to one subdomain and all subdomains (ex1.example.com, ex2.example.com, etc) must be accessible via the external IP address (17*...**2). You cannot use 17*...**2 for that, since it is natted to Proxmox. With NAT 1:1 that public can be used by Proxmox only. Why 1:1?? I know, it was done by the provider, but why? I think you only need the Proxmox management port, this is only one unique port. 1:1 directs any port to the internal IP. You also have a second public IP as you wrote. What about that? I assume, you want to use these subdomain for webservers. To redirect one public IP to multiple internal webservers you can use the haproxy package.
• S

  pfSense vm is crashing and taking down the host as well.
  • simfony  

  5
  0
  Votes
  5
  Posts
  15
  Views

  S

  OK I'll try that, thanks. Just because I'm curious, how will using a virtual nic allow for more control+ flexibility?
• I

  Connection failures
  • Ilya.V  

  2
  0
  Votes
  2
  Posts
  10
  Views

  I

  The problem has been resolved. I tested a machine on a local network with an OVPN server to which the client was connected. Somewhere the network is looped, apparently.
• N

  Slower than expected iperf3 results under proxmox and virtio
  • netnewb2  

  2
  0
  Votes
  2
  Posts
  15
  Views

  N

  I've setup a new pfsense vm with nothing on it. Results were more or less the same, so the packages weren't interfering. So, I've setup a new bridge and set MTU to 9000 and now I'm getting about 9 Gbits/s (sometimes 10 with pf disabled). I don't understand networking enough as to why linux VMs work at 20 Gbits/s with MTU 1500. Other settings such as CPU type, machine type, rx off on the bridge, didn't affect results that much. Now I'm curious what it would take to get to 20 Gbits/s
• M

  Migrating from Bare Metal to ESXi VM
  • Meuser  

  2
  0
  Votes
  2
  Posts
  26
  Views

  R

  I virtualized mine maybe 3 months ago partly as an "I'm stuck at home and need a project" and partly for energy savings. My server has the ram and plenty of CPU so what the hey lets try. I didn't passthrough. Decided instead to setup separate vswitches/portgroups and just dedicate nics that way; one for WAN and another for LAN and put PFSense VM in both portgroups. I'm using the free ESXI 6.7. These days, mixing servers/IOT and desktops in the same LAN is probably a bigger security issue than virtualizing PFSense.
• T

  Pfsense on proxmox - slow openvpn
  • tomahhunt  

  4
  0
  Votes
  4
  Posts
  168
  Views

  X

  I am having the same issue. A iperf to the WAN side of the pfSense VM over the internet shows 900Mbps. When I try and punch it through OpenVPN site-to-site using the same config as you, 80Mbps. Both sides are 3.5GHz+ Xeon/Ryzen CPUs, but CPU usage on pfSense on both sides is 5%. An iperf from the WAN -> LAN interface (on a different KVM bridge) also shows 800Mbps+.
• 

  Issue XCP-ng routed config / pfSense - slow speed & packetloss
  pfsense virtualization xenserver xcp-ng • • maverickws  

  2
  0
  Votes
  2
  Posts
  27
  Views

  

  Hi all, After a lot of digging I came across this known issue which I believe is the same situation I am encountering. After coming across this known open bug: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=188261 I was looking to apply the patch but I can't find ip_fastfwd.c Thank you.
• F

  unwanted(NATed) traffic captured from span port on ESXi vSwitch
  • ferrets  

  1
  0
  Votes
  1
  Posts
  10
  Views

  No one has replied

• E

  pfsense virtual machine on esxi not detecting more than NIC
  • elyp  

  3
  0
  Votes
  3
  Posts
  553
  Views

  R

  Similar issue here under ESXi 7.0 and pfSense 2.4.5-RELEASE-p1. Created a VM with one virtual NIC, booted installed OK. Powered off, added 2 other NICs, booted and they are OK. Added a 4th NIC while powered on, the VGA console shows that at operating system level it was detected hotplugged with correct MAC address, but in pfSense web interface did not appear. Rebooted, still not there. Powered off and back on, still not there. Deleted the whole VM, re-created from scratch with 4 NICs, re-installed pfSense from ISO, all NICs present.
• T

  Creating virtual networks based on proxmox with pfsense
  • timoonskii  

  9
  0
  Votes
  9
  Posts
  70
  Views

  T

  192.168.195.60 is my WAN address (sorry had to change it in the meanwhile) yes when i use vmbr0 browsing is working. i can reach the pfsense from my local browser (not in the 192.168.x.x Network) thanks for your help regards
• Z

  bug with inputs on ESXi?
  • zippydan  

  8
  0
  Votes
  8
  Posts
  91
  Views

  Z

  @jimp said in bug with inputs on ESXi?: You hit Scroll Lock on your keyboard This is definitely a plausible explanation, however: I was doing other linux-based VM installs on the same ESXi machine at the same time and only had a problem with the pfSense instances, multiple times. I am working from a MacBook which does not have a Scroll Lock key (that I'm aware of). Is there a way to unwittingly send a Scroll Lock equivalent key stroke - perhaps with the right key combo? I researched this a bit, and found some indication that Fn + Shift + F12 is the equivalent Macbook key combo for activating Scroll Lock. I wouldn't have ver had any reason to use those keys while doing my ESXi or pfSense tasks. I also found an old thread here where someone seems to have the same problem with Macbook randomly activating Scroll Lock and people discuss other possible key combos. Still, it's hard for me to buy the explanation that this bug would only manifest itself in an ESXi console window and only for pfSense. Unfortunately, I've finished those projects for now and don't know when I'll next have the opportunity to explore the possibilities of what might have been behind this bug.
• M

  [HOW-TO] Add WI-FI to pfsense
  • moussa854  

  1
  0
  Votes
  1
  Posts
  38
  Views

  No one has replied

• L

  PfSense network interface sometimes hangs on Hyper-V
  • lexl  

  14
  0
  Votes
  14
  Posts
  1394
  Views

  

  Next two, top best solution : Use a vanilla Windows Pro : I was using pre-2.4.5 using FreeBSD 1.1 and FreeBSD 11.3 using pfSense 2.4.5-p1, and have not seens any issues. But notre that this is a @home setup - more or like a test bed install - as VM are ment to be. The real setup shouldn't be discarded : You could even hide it into the Win 2012 device if you have space constraints. No VM code here so many things that can't go wrong.
• M

  Should I build a hardware based pfsense router or should I virtualize it?
  • mhweb  

  5
  0
  Votes
  5
  Posts
  192
  Views

  M

  I was having some issues but seems most of them were fixed with ESXi 7. I’d say if you have the horsepower and RAM, use ESXi.
• F

  Integrating pfsense with kibana
  • Fareed Jamali  

  7
  0
  Votes
  7
  Posts
  79
  Views

  S

  Status >> System Logs >> Settings Set the logging of things you want... Remote Logserver = Kibana On Kibana open up port 514 for accepting logs.
• K

  Problem vcenter pfsense
  • KmZ_78  

  1
  0
  Votes
  1
  Posts
  37
  Views

  No one has replied

• J

  High interrupts | KVM | Pass-thru NICs | 366FLR
  • JasonSw  

  3
  0
  Votes
  3
  Posts
  53
  Views

  C

  I hand also an idea to migrate from physical hardware to virtualization the pfsense box . Tried esxi an unraid , KVM with pass-trough , the results where horrible . Even on vmxnet3/virtio the results are poor . The machine is capable of delivering 20Gb/s between 2 VM Linux hosts with vmxnet3 , but with pfsense in between max 700-800Mb :( With pfsense with passtrough I maxed out an i5-4570 with an i350-t4 adapter and did not reach gigabit speed(only pfsense was running on the hardware).On bare metal it works perfect Now I'm running pfsense on E3-1220L v3 (13W)CPU bare metal and it still beats the crap of i5-4570 in virtualization . Pfsense is simple not designed to run properly in virtualized env.
• A

  Monitor VMware ESXi Host Using LibreNMS
  vpn • • Aiden Liam  

  1
  0
  Votes
  1
  Posts
  43
  Views

  No one has replied

• D

  Gen2 - pfSense 2.4.5-p1 - elf64_loadimage: read failed - Windows 2012R2 Hyper-V
  • DD  

  8
  0
  Votes
  8
  Posts
  233
  Views

  D

  @asdkjw I think that this error will be never fixed because it is old error with UEFI - http://freebsd.1045724.x6.nabble.com/failing-to-install-11-1R-on-VMWare-td6249644.html or http://freebsd.1045724.x6.nabble.com/Boot-failure-svn-up-from-this-morning-td6170968.html Solution is to reinstall pfSense on Hyper-V 2012R2 as Gen1 VM and then everything will be working ok. It is same in pfSense 2.5 version.
• 

  Hyper-V, virtual switches, intel vs. realtek
  • Bob.Dig  

  2
  0
  Votes
  2
  Posts
  81
  Views

  

  Can't tell you for sure, but I've used both without issue. Currently using an IBM branded i340-T4. Any severe packet loss that I've experienced were ISP related. But the cards a certainly cheap enough to try. OEM versions from Dell, HP, IBM and others for about $25. Here's a good link to find the OEM equivalents of that chipset and several others. Many on EBay include both height brackets. https://forums.servethehome.com/index.php?threads/list-of-nics-and-their-equivalent-oem-parts.20974/
• 

  Boottime on Hyper-V still slow on 2.4.5-RELEASE-p1
  • Bob.Dig  

  15
  0
  Votes
  15
  Posts
  151
  Views

  

  @Bob-Dig said in Boottime on Hyper-V still slow on 2.4.5-RELEASE-p1: that I route all traffic from the OVPNServer to a OVPNClient The OpenVPN client tunnel isn't up at that moment, but the OpenVPN server daemon is already starting, using 'route's to the OpenVPN client. This might explain the 'route' messages. What happens if you de activate the OpenVPN client - and activate it manually, after the system booted ? Does it boot faster this way ? Maybe you could start the OpenVPN client with a cron command that start a serveice (OpenVPN Client) 30 seconds after booting ? And have it killed before you shut down, so it gets marked as "non running" and won't start during the next boot. We have the "earlyshellcmd" commands. Let's invent the "lateshellcmd" ;)
• I

  Deploying pfSense as a VM in transparent bridge mode
  • ianmaxs  

  1
  0
  Votes
  1
  Posts
  51
  Views

  No one has replied

• P

  pfSense on QNAP NAS
  • pmk3  

  14
  0
  Votes
  14
  Posts
  4159
  Views

  M

  @fabrizior Hi fab, read your post, was your problem that you could no longer access your qnap qts gateway? i posted a possible fix for you https://forum.qnap.com/viewtopic.php?f=45&t=155315&p=755280#p755280 pfsense lan gateway is in pfsense admin web ui Interfaces > LAN (vtnet1) then the qnap nas OS gateway is located at lan virtual switch (configure this as a static lan ip. you then connect to this ip to access your qnap NAS OS gateway) make sure neither of these are within your DHCP lan range in pfsense. You can check this in pfsense DHCP server.
• E

  Download speeds issue with Proxmox/Virtio
  • elewsmer  

  1
  0
  Votes
  1
  Posts
  52
  Views

  No one has replied

• S

  pfSense on Hyper-V running on a single NIC Windows 10 machine
  • stewpot  

  1
  0
  Votes
  1
  Posts
  50
  Views

  No one has replied

• V

  Connecting VM behind pfSense.
  • victor_aracil  

  7
  0
  Votes
  7
  Posts
  99
  Views

  

  I found you an instructive example (pls, focus on the static route) not entirely your question, but it deals with multi-router systems by marmar_75: https://forum.netgate.com/topic/154139/routing-for-dual-pfsense-routers
• I

  pfsense and Virtual box
  • ishtiaqaj  

  4
  0
  Votes
  4
  Posts
  77
  Views

  N

  @ishtiaqaj pfsense doesn't have a gui. It uses a web interface which runs on your favorite desktop os. Install it standalone on a barebone pc. Or install it on a proper virtualisation server.
• V

  Pfsense HA with vm and physical box setup help
  • vacquah  

  13
  0
  Votes
  13
  Posts
  93
  Views

  V

  @teamits Hello @teamits - does this assume the isp router is in front of both pfsense boxes ? So , Ont —> isp router —> wan interface of both pfsense machines ? I was looking to put the isp router behind the pfsense box. I am actually thinking of doing away with it entirely and replace it with a moca adapter. I have a separate ethernet line from the ont going straight to my pfsense box in my current setup.
• D

  Multiple Virtual pfSense devices for multi tenant infrastructure
  • dannydorito  

  1
  0
  Votes
  1
  Posts
  45
  Views

  No one has replied