Virtualization

• B

  Hyper-V VM constant 100% CPU Load in 2.4.5
  • BabaJega  

  4
  0
  Votes
  4
  Posts
  90
  Views

  H

  put all the nuclei exmplo 6 nucles and 6 threads, resolvable my problem was not giving 100 percent of processing and did not force the other virutias machines
• H

  provisional resolution
  • helmmer  

  1
  0
  Votes
  1
  Posts
  5
  Views

  No one has replied

• N

  pfSense SR-IOV support on Microsoft Hyper-V
  • nzkiwi68  

  14
  0
  Votes
  14
  Posts
  395
  Views

  T

  Just a small note of caution for anyone looking at this again now that we have PFSense 2.4.5 stable - be extremely cautious using SR IOV with PFSense under Hyper-V My experience this week is that if you make SR IOV available to it, it does appear to work - but causes big glitches that can pretty much bring down your hypervisor. Obviously the particular driver/hardware in question will have an effect but with my X520 nic and SR IOV pfsense would hang on shutdown and fail to turn off, and nothing I did (killing processes on the hypervisor etc) would kill it off, or bring it back up. I ended up in a real mess as when I rebooted the hypervisor it would automatically start the PFSense box again, with SR IOV enabled, and I'd be stuck - had to use powershell to turn off the automatic boot of the pfsense vm and reboot everything again.
• 

  2.4.5 New Install Slow to boot on Hyper-V 2019
  • IsaacFL  

  15
  0
  Votes
  15
  Posts
  258
  Views

  X

  HyperV scheduler change does seem to help much. It behaves inconsistently. I have 2 VMs on 2 hosts both changed to Classic scheduler. One is fine. Second one has the issue.
• M

  PfSense on esxi 6.7, can get it to work propperly.
  • marcel1988  

  56
  0
  Votes
  56
  Posts
  362
  Views

  M

  since 3 hours it is working perfect. the only thing that i changed was IPv6 Configuration Typefrom None to DHCP6.
• C

  Virtualized pfSense working with physical hardware
  • chrispazz  

  3
  0
  Votes
  3
  Posts
  62
  Views

  C

  Thank you Gertjan. I watched the video. In the meantime I have been able to set up my ASUS router with DD-WRT transforming it in a managed switch :) Now, if I am right, I have to connect my fritxbox with 1 port to my Asus (as switch) and tag this with a VLAN for WAN and I will switch off wifi from it and do not connect the other fritzbox ports. I will tag the other ASUS ports as a different VLAN (and also add wifi to the same vlan) to have separated LAN and WAN networks. I will connect my NAS with the virtualised pfSense on one LAN port of my ASUS router. In my virtual pfSense I can set up two different virtual NICs and I have to link them to two different VLAN on pfSense with the same tag I defined in ASUS router. Is this correct? thanks Chris
• A

  Extreme slow internet speed pfsense over proxmox
  • abhishekakt  

  7
  0
  Votes
  7
  Posts
  81
  Views

  A

  I already tried these.. no help. Something is not right. when I run iperf on vm connected to same vswitch with pfsense, it never exceeds 300 Mbps and goes does as 80 mbps. It is slower than my physical LAN
• 

  kvm and pfsense
  • doguibnu  

  4
  0
  Votes
  4
  Posts
  63
  Views

  S

  What do you mean by stop/brake connection? Just trying to get a better picture as to what is happening. What are your KVM NIC settings?
• S

  Installing pfSense on KVM with OpenVswitch - a somewhat complete guide
  • SoulChild  

  4
  0
  Votes
  4
  Posts
  15191
  Views

  S

  @SoulChild Thanks for the write-up, been looking for something like this. I do have a slightly different setup and would like to get your opinion on how to set it up correctly. I installed a 2-port PCIe NIC card on my server so pfSense would have its own NIC ports....1 for WAN which is connected directly to my modem (we'll call it NIC port A) and 1 for LAN which is connected to port 1 on my managed switch (we'll call this NIC port B). I have the VLANs set as follows for port 1 on my switch....VLAN 1 for default/mgmt [untagged], VLAN 100 for LAN [tagged], VLAN 200 for WLAN [tagged], and VLAN 201 for Guest WLAN [tagged]. I have also setup the VLANs accordingly on pfSense. The devices that are hardwired to the switch are able to get and IP from pfSense and can connect to the internet. I experimented with setting VLANs in OVS using other guides and my VMs were able to get an IP from pfSense as well, however they were not able to connect to the internet (I can ping the VMs from my hardware). I assume it has something to do the with the VLAN settings in OVS (trunking to the switch?). What would your suggestion be on how to properly setup this network? I've scoured all over and have found things that say one thing and another. Looking for something more straightforward. Would my connections be the best way? Or should I go about it your way in the sense of having the modem connected to the managed switch on a VLAN vs having the pfSense NIC WAN port connect to it directly?
• P

  pfSense HA in Azure (No Load balancing) - How To
  • p3tter  

  1
  0
  Votes
  1
  Posts
  18
  Views

  No one has replied

• V

  pFsense stops routing every day at random for 7-15 seconds the resumes.
  • voipuser  

  11
  0
  Votes
  11
  Posts
  133
  Views

  V

  @voipuser said in pFsense stops routing every day at random for 7-15 seconds the resumes.: upgraded to 2.4.5 so hopefully the problem dissapears... Well it seems 2.4.5 cleared the problems, not had any disruption yet since: 2 days and 2 hours. So far, much better!
• B

  Network Bridging in Hyper-V
  • Boranto  

  1
  0
  Votes
  1
  Posts
  39
  Views

  No one has replied

• R

  Installation looking for a network - Why??
  esxi • • rhys.hughes78  

  10
  0
  Votes
  10
  Posts
  51
  Views

  R

  Thank you How could I miss that
• M

  Maxed RAM and Hanging with Hyper-V 2019
  • MeCJay12  

  5
  0
  Votes
  5
  Posts
  262
  Views

  M

  I have been using a gen 1 VM so unfortunately that doesn't resolve the issue.
• R

  pfSense virtual box nic configuration
  • rnormore  

  2
  0
  Votes
  2
  Posts
  91
  Views

  N

  @rnormore I do know one adapter needs to be set to bridged mode and the other internal mode from what you just asked.
• N

  Using pfSense with VirtualBox
  • new2pf  

  1
  0
  Votes
  1
  Posts
  27
  Views

  No one has replied

• M

  esxi 6.7 pfsense - 4 x vmxnet 3 but not 5 ?
  • maba  

  3
  0
  Votes
  3
  Posts
  34
  Views

  M

  whaoo , ok thanks for this quick answers , so adding a nic with e1000 drivers don't alter order of the previous nics ... i know what to do if i want to use another vmxnet drivers ;) Thanks heper ;) have nice day ;)
• T

  Access proxmox management when pfsense is not running
  • thejaguar  

  7
  0
  Votes
  7
  Posts
  92
  Views

  T

  @viragomann vmbr0 is not connected to pfsense, just been bridged to proxmox. I have assigned a static IP to this interface (and from within pfsense too) - able to access promox UI with no issues.
• Z

  Hyper-V pfsense setup with no internet behind LAN interface
  internet hyper-v lan no • • Zung  

  24
  0
  Votes
  24
  Posts
  198
  Views

  

  @Zung said in Hyper-V pfsense setup with no internet behind LAN interface: I am not sure if this issue was recorded in certain log or not. WAN events are always logged. In the logs. Not a question of being sure : if you want to know, you have a look.
• 

  High CPU Usage - Recently
  • znamloot  

  2
  0
  Votes
  2
  Posts
  45
  Views

  

  Well, I tried a little more investigation on this and solved the problem. At first I checked IP's generating the messages. They were all android devices (Google homes, android phones etc.). Then I discovered these were from the Squid addon - caching. I removed Squid and its reporter from installed packages - restarted the VM and CPU Usage returned to normal. Obviously Squid went haywire on android devices. Don't know why - but will not install again - don't really want this problem to crop up again. Cheers
• S

  Proxmox 'Guest Agent not running' [workaround]
  • skogs  

  7
  0
  Votes
  7
  Posts
  119
  Views

  V

  @skogs So obviously Proxmox tries to use the guest agent if it's activated and does not send ACPI signals, even if it has recognized that the agent isn't running. Didn't know that. However, since pfSense has no Qemu guest agent there's no reason for activating it.
• 

  Extremely slow networking under Hyper-V on Intel NICs
  pfsense 2.4.4 slow throughput hyper-v • • ITFlyer  

  20
  0
  Votes
  20
  Posts
  3395
  Views

  

  Sorry but I am with @ITFlyer - and I edited your post to remove what amounts to keywords and a link.. Glad your wanting to help - but keep it on topic to the question at hand.. And why would you join a forum, minutes latter add such a post to a almost year old thread, because it mentions something related to what your wanting to promote is what it looked like.
• 

  PF Sense and Unraid Reverse Proxies - ***Solved***
  • znamloot  

  5
  0
  Votes
  5
  Posts
  38
  Views

  

  Nothing unique to your issue about being on a fiber connection... Anyone behind a nat would have to open up the router in front of pfsense.. Glad you got it sorted.
• J

  virtual pfsense inside LAN
  • jdsadler  

  1
  0
  Votes
  1
  Posts
  40
  Views

  No one has replied

• A

  AES-NI CPU Crypto Not Work
  • andmattia  

  3
  0
  Votes
  3
  Posts
  79
  Views

  

  @andmattia Does your processor include AES-NI and is it enabled in BIOS?
• E

  pfSense GUI login screen hangs after reboot
  • eiger3970  

  2
  0
  Votes
  2
  Posts
  44
  Views

  

  It's highly unlikely to be related. There is nothing that gets triggered by pressing 8. Maybe your system connecting to the firewall via SSH on its own might have nudged your client system's IP stack in some way (e.g. a new ARP request), but it's unlikely to be a firewall problem.
• E

  Pfsense on kvm failed to forward traffic from lan to wan wifi interface
  pfsense kvm wif pfsense kvm nat • • ebedtang  

  5
  0
  Votes
  5
  Posts
  46
  Views

  E

  @Gertjan Ok i will try that way.
• S

  Need help in taking pfSense for test drive in VirtualBox
  • securityconcerned  

  3
  0
  Votes
  3
  Posts
  95
  Views

  

  @securityconcerned said in Need help in taking pfSense for test drive in VirtualBox: my computer is infected with viruses, and these perpetrators also seem to be on my network at various times. So I was thinking of putting a pfSense firewall on my network. Look outside. We are in the year 2020. Most, if not all processes communicate with each other using something like TLS. This is even more valid if these processes have sensible information to hide, like, for example, viruses. So, never ever pfSense can find out what is coming in and out of your network **. There is only one way out. Stop downloading any executables, probably even pay-ware, free ware for sure. Remember : if there is no price (no $) then the product is YOU. There are two major solutions for this. Stop clicking. And your done. This will even save your mouse buttons. Far less better, but it might work : check out all the videos from, for example, https://www.youtube.com/user/ThePCSecurity - you'll see an relatively up to date tests among 'the best' which you will re qualify as the "most commercial known". And again, if you pay nothing, you will have the quality worth you paid for. Knowing that 0 / "something" is .... known as zero. It's not very hard to learn where to look for when it comes to viruses and family. And when done, no more need to use anti-virus scanners and stuff like that (I'm using none). Don't get me wrong, but I concerned about your concept of security ;) ** actually, I should say : pfSense could do some inspection work for you. The real issue is : a huge knowledge about SSL/TLS, certificates, proxies will be needed. People that can pull this one of .... never do so because they do not have the need for it : these guys saw a virus somewhere in the last decade, the day they were learning. An exception to the rule might be an email server, something like postfix, which doesn't belong at all on a device that is a firewall router like pfSense. This kind of server unpacks your mail, and stores them in clear text, which makes scanning possible before the user can see and/or download it into the mail client. There is no such solution as "install XYZ ito pfSense, set this and ckick there" and all my traffic is scanned, and blocked if needed.
• 

  Duplex mismatch with vmx0 and pfsense 2.5
  • kiokoman  

  4
  0
  Votes
  4
  Posts
  49
  Views

  

  If I recall I used e1000 vs vmx and no problem
• C

  Is there any plans to allow Microsoft CSPs to deploy PFsense images for Clients on Azure?
  • cmhsolutions  

  2
  0
  Votes
  2
  Posts
  60
  Views

  

  You should inquire via e-mail to sales@netgate.com
• E

  LTE 4G USB dongle into computer for Internet
  • eiger3970  

  8
  0
  Votes
  8
  Posts
  148
  Views

  E

  Thanks for your suggestions, have some fries Okay , so tried the MikroTik LTE modem, but too expensive and I will use an old iPhone hotspot via USB. I use an iPhone hotspot via USB for my computer browsing and it is fast enough for streaming. The pfSense VM router will route no streaming, only Home Assistant traffic, which I estimate to be minimal. If I grow, I'll move back to an LTE dedicated modem. So, the question remains: USB setup on the Hypervisor Proxmox server to connect to the VM pfSense router? Hypervisor has: WAN Eth0 Ethernet port. LAN Eth1 Ethernet port. VM pfSense router has: Net0=vmbr0 connected to Eth0. Net1=vmbr1 connected to Eth1. So, add a USB port connection somehow in Proxmox or configure something in pfSense? Here's my current network topology: Here's my planned topology:
• T

  Making pfSense vm work with vSphere Distributed Switch
  • TravelersWill  

  2
  0
  Votes
  2
  Posts
  66
  Views

  T

  @TravelersWill Well, that's rather embarrassing: REBOOT!
• 

  Hyper-v pfSense & virtual switches
  • TEAM666  

  10
  0
  Votes
  10
  Posts
  599
  Views

  M

  @djair thanks for the reply I decided that for the work i need to do, I need a more friendly hypervisor. So I used VMware Workstation 15.5 and did the same job in half the time
• A

  Pfsense Setup
  • anjanmj  

  6
  0
  Votes
  6
  Posts
  138
  Views

  

  Its a ESXI host, do you not have access to the vmkern.. throw up some VM on the lan side network... Console that VM.. Or sure console to pfsense and disable the firewall..
• 

  Log Entries with Date in the Future
  • IsaacFL  

  14
  0
  Votes
  14
  Posts
  128
  Views

  

  @provels I think that the setting to have the Time Synchronization enabled in Integration Services fixes this. Since I enabled this setting, I have only seen the clock unsynchronized error at reboot.
• P

  DNS resolves but there is a delay in ping response
  • pacmac  

  8
  0
  Votes
  8
  Posts
  84
  Views

  P

  @johnpoz I answered 'no' to that on my previous comment in the first line. I don't have too much idea about networking, sorry. I am just giving you as much information as I can.
• I

  PfSense not properly implementing igb vf driver. VLAN tags being stripped
  • ingenium  

  7
  0
  Votes
  7
  Posts
  1552
  Views

  D

  hi Ingenium, I know it might be a bit late for an answer, but I think one solution for your VLAN on VF problem might be to bind a VLAN on a VF on the host. You can use "ip link set PF vf X vlan Y" on the host to bind a VLAN on the VF. Replace PF with your PF-interface name, X is the VF interface and Y is the VLAN. You would end up in having a VF for each additional VLAN. The VLAN header is stripped/inserted by the VF and the interface can be used just like a standard interface in pfSense. No need to configure VLAN in pfSense. check out https://doc.dpdk.org/dts/test_plans/vf_vlan_test_plan.html for reference.
• L

  No VLAN Capable Interfaces
  • ldiciolla  

  6
  0
  Votes
  6
  Posts
  206
  Views

  M

  @ldiciolla as xcp-ng version 7.x you must add 4 extra in the mtu 1500 cause the nic in xen has no 802.1q vlan driver due that the max vlan 4094 is done like 1024 2048 4096 4096 is how memory is allocated but the mtu 1500 is the tcp mac window max trans (m)utex just add 4 in the mtu and there the vlan number will be stored (in v8)this is covered , pfsense runs in a vm so don't allocate vlan(s in vlan(s on the gen1 hypervisor , buy a switch vlan802.1q built there your nic vlan in and deliver pfsense simple lan interfaces reason is the nic must also be vlan capavle, by using a switch this is covered and on one realtek i ran wan lan1,2,3,4,5,6 always tag the port the 802.1q has nothing to do with the ARP MAC thats in 802.1ad vlan 4096 tag means all vlans and start by id 4 due 1-3 is are used for LAG not like LACP or LACP.802.a3d ,
• G

  PFSense dropping on LAN with KVM
  • GregUS  

  4
  0
  Votes
  4
  Posts
  103
  Views

  G

  It seems I might have made a mistake in my virtual network configuration. I tried ssh'ing to the gateway 10.0.0.1, and lo and behold, an ssh server running. Turns out it was my virtualization host listening on that address. A reboot of the router must have made it also on that address (is that possible?) temporarily. > virsh net-dumpxml lan_priv <network connections='2'> <name>lan_priv</name> <uuid>567ca017-512e-4211-87c7-ae0193806d20</uuid> <bridge name='virbr1' stp='on' delay='0'/> <mac address='52:54:00:2e:3d:0f'/> **<ip address='10.0.0.1' netmask='255.255.240.0'>** ^^^^^ (oops) </ip> </network> I believe it should be **"10.0.0.0"** for the network ip address. I'll clean everything up and report the results.
• S

  Allow access to pfSense itself only via VPN - but not from WAN - on a VPS!
  • Scampicfx  

  1
  0
  Votes
  1
  Posts
  51
  Views

  No one has replied