@ironmonkey If the Redmine catalog indicates something is included in 22.05 then it would be in the next release.

Wait..what? Doesn't the ONT untag it?

I have a similar setup, PPPoE servers are in the VLAN891 or something like that in the ISP's network all the way to the ONT.

I route mode, it works with it directly, J/K these devices suck in route mode but they do handle the VLAN directly, for what it's worth. In bridge mode it untags the VLAN and the ports all are access ports basically on the native VLAN (untagged 1 or 0); pfSense and other firewalls are virtualized, and since my ISP allows several connections, the ONT connects to an access port on a switch where PPPoE traffic is available to any PPPoE-cabable device with access to that VLAN.

The ONTs' and modems' bridge mode is exactly the same thing as if you'd bridge interfaces in pfSense, it bridges the VLAN ISP-side to the native one so the device that dials up the connection doesn't need to also be VLAN-aware, most client devices aren't supposed to be. I don't think the problem is on pfSense but rather in Hyper-V. If you didn't use System Center VMM to set it up, tagged VLANs in Hyper-V are only doable via PowerShell. So, when you set up pfSense to expect a tagged VLAN I think it might be expecting something like a Q-in-Q at that point. I'll assume that by Mikrotik, you meant CHR which treats these things very differently in addition of PPPoE is kind of their thing. I'm familiar with CHR and I know it's easy to get a misconfigured working router by accident — I'm not saying you did, I just mean that it's very forgiving in regards to this specific setup — if your ONT is in bridge mode, double check its settings. Mine, Huawei-branded, can even bridge the ISP-side PPPoE VLAN to specific ports on it which other modems can piggyback to access the ISP (they're handed out like hotcakes bc they double as VoIP terminals).

Just in case you didn't know, when you add enable Hyper-V, Windows is turned into a VM, so is its own networking; when you add a external switch on Hyper-V, you take away a NIC from Windows, create this virtual raw thing where all VLANs exist. Allow management operative system to share this network adapter is kind of misleading bc the switch comes first, checking that option what actually does is to create a virtual NIC for the VM Windows has become. It's the virtual switch that shares the network with Windows, not the other way around. The VLAN ID boxes are also confusing because they suggest the traffic is tagged to the guest OS to untag it on its own—not the case. I don't know how to invert Microsoft's words to explain the reasoning behind such a horribly mislabeled UI.

I think that if you select your NIC without isolating the VLAN first, it should work.

Check out how one of my boxes is set, hopefully it helps your figure things out.
hyper-vtrunkpppoe.png

If you want to set a trunk port to your VM you'll need to do it in PowerShell, remote in Enter-PSSession {machineName} from another newer Windows machine if you can so you get color syntax, it wasn't available on Windows Server 2012 R2.

Get the vNICs of your VM and convert one or more to trunk ports so you do all in pfSense and don't need to reconfigure Windows each time. Remember every Microsoft product has a tendency of failing for no reason.

hyper-v-vlan-config.png

If your VM only has one NIC, you can pipe the commands, e.g; Get-VMNetworkAdapter -VMName IdentiCA | Set-VMNetworkAdapterVlan -VMName IdentiCA -VMNetworkAdapterName "Network Adapter" -Trunk -AllowedVlanIdList 1-4094 -NativeVlanId 1. :)

You may already know there's an issue with Windows since WS2012R2 to present WS2022 that even when you configure a network adapter correctly it's saved without a gateway, thus locking you out unless you have console access or are in the same L2 to fix it — don't forget about it.

If that doesn't fix your issue, there's one other thing… Some time back I becamed obsessed with telecom tech and found out that PPPoE, which is somewhere between layers 2 and 3, cannot just be put reliably into VLANs, I can vouch for that myself; back when had 4 PPPoE ADSL2+/VDSL2 lines I had to maintain them separated because 1. being all mine, credentials would be accepted anywhere, but being 2. DSL they all had different physical max speeds, which the username logically limited further, so I tried a million times to send them over VLANs but only 3 would connect. I learned that there's a special kind of switch that's compatible with this thing now called PPPoEoE — not kidding — it appears only to be made by Cisco, so you might be in luck, I even posted it here somewhere, in the end it was too little information though so never was able to make it work without discrete NICs.

Good luck with your setup!

I'm still having this same issue, we're unable to boot 2.6 installer and even boot a pre-installed 2.6 from a VHDX that we've used Windows11 to install and copy across.

Just checking in to see if anyone else has had this issue with Hyper-V 2016 and the new ZFS based versions of pfSense?

Are you still seeing those warnings on the console? Or in the system logs?

It sounds like they might be an unexpected connection to the LAN. Like somehow it's linked to WAN maybe. If we can see what the actual warning was we might know more.

Steve

@nicesub said in Upgrade to 2.6 slashes throughput:

@bmeeks said in Upgrade to 2.6 slashes throughput:

Most likely you are being impacted by a known bug in FreeBSD 12.3 with Hyper-V. You will need to disable RSC (Receive Side Coalescing). Check the Virtualization sub-forum here on the Netgate forums. There is a huge thread about this and how to fix it on most installs.

Edit: here is a link to that thread: https://forum.netgate.com/topic/169884/after-upgrade-inter-v-lan-communication-is-very-slow-on-hyper-v.

Thank you fort that, I upgraded a copy of pfSense to 2.7 DEV and no issues were observed and I did not need to make any tweaks to Hyper-V. It appears that 2.6 has some issues with Hyper-V so I think that I will just skip it and stay with 2.5.2 until 2.7 is official.

Yep, 2.7 DEV fixed the problem in the FreeBSD virtual NIC driver for Hyper-V. The problem came in with FreeBSD used in pfSense 2.6.

@viragomann ohh good, im so stupid!

check >> service qemu-guest-agent status
qemu_guest_agent is running as pid 517.

thats was the solution now runs qemu guest agent finaly, thx for help :*

cYa BUSTER

@planetinse
Is it a thin provision virtual disk? As far as I know, FreeBSD doesn't like this.

@wolfram There is a problem with Hyper-V, see here. It will be fixed in the next release.

I figured out how to connect my computer to the pfsense vm. On windows server 2016 i went to network connections where i can see all my ethernet adapters. Then i selected in my case ethernet 3 where my computer is connected and the internal lan adapted and bridged the two adapters. In the bridged adapter i changed the ipv4 adress and i was connected to the router.

However now i am connected but still dont have internet and i am able to ping 8.8.8.8 but not google.com i get the error dns could not be resolved when trying to access internet in chrome.

@darcey Thank you for that info, I may look into proxmox and try it out, need to expand my toolbox a bit.

@basense
Can you check out if it's an DNS issue? Try to ping a public IP, e.g. 8.8.8.8.

If that fails as well, is pfSense able to access the internet?
If not, it might rather be an issue or wrong settings in VirtualBox.

@topogigio
I have no idea about the hw upgrade or VMware.

But always backup the config file to a secure place ...
Then it's easy to reinstall pfSense , to the current state - If s... hits the fan.

/Bingo

Well, since the test is with the host, and pfsense is not involved, why it is a pfsense issue.

The host connects to the internet through the pfSense VM.

@gertjan Ah, brilliant, that did the trick. Many thanks! :)