I use voip in VmWare…..no issues at all.

If you have issues, you have set it up the wrong way.

@Pootle:

I have installed 1.2 under KVM on Ubuntu and am still running it quite happily.  Are your virtual NICs hooked up to bridges on the linux host OK?

Yes, I have a standard shell script to invoke the VMs.  Here is the script for my pfsense VM.

#!/bin/bash

export KVM_DIR=$HOME/KVM

generate an unique MAC address for each NIC

nic0=00:07:43:2c:b8:01
nic1=00:07:43:0d:c5:04

qemu-kvm
-vga cirrus
-m 512
-drive file=${KVM_DIR}/vdisks/pfsense.vdd,index=0,boot=on
-net nic,model=rtl8139,macaddr=${nic0}
-net tap,ifname=tap2,script=no,downscript=no
-net nic,model=e1000,macaddr=${nic1}
-net tap,ifname=tap5,script=no,downscript=no
-daemonize \

devices "tap2" and "tap5" are bound to bridges "br0" and "br1" respectively in the host OS (openSUSE 11.2).  I am using the above strategy to evaluate ClearOS, ebox, Untangle etc.  and they boot up fine with the 2 NICs.  Needless to say, I boot the VMs only one at any given time and not all at the same time.

Please see attached screenshot where the LAN/WAN configuration go into never land.

pfsense_screenshot0.png
pfsense_screenshot0.png_thumb

@scoop:

I have no experience with KVM whatsoever but AFAIK the virtio drivers haven't been ported to FreeBSD. I figure your only option is to run pfSense with full virtualization.

I am trying to do the same with rtl8139 and e1000 NICs - no issues with the Installer.  I am experiencing other problem which I plan to post separately.

Does it log the startup somewhere, the error code scrolls very quickly out of the screen?

Thank you that did the trick! Wow 2.0 is pretty!

I never had any issues, I have 3 MB / 512 KB and got max throught put without any issues.
RC

I have not seen a kernal for it yest.  I have seen a Citrix with a pvm kernal but nothing yet for the public.
RC

Hi jonnytabpni ,
    Another thing you could try is to run this following command on Dom0 :-

ethtool -K eth0 tx off

Test this if it shows any sign of improvement. If it does then add it to your network scripts e.g. :-

Debian or Ubuntu /etc/network/interfaces :-

iface eth0 inet static
              address 206.124.146.177
              netmask 255.255.255.0
              post-up ethtool -K eth0 tx off

Hi black0ut,
    You can assign other names to the bridge under debian. What is the config file in you made for the network-bridge? My example is like this but for xen 3.3.2 :-

#!/bin/sh
dir=$(dirname "$0")
"$dir/network-bridge" "$@" netdev=eth0
"$dir/network-bridge" "$@" netdev=eth1
"$dir/network-bridge" "$@" netdev=dummy0

hope this helps
Eric

I've done it before by connecting my DSL modem directly to my switch, so the router can communicate over the internet connection and the local network through the same physical connection (with two virtual interfaces on the virtual router).  If your internet connection is configured by DHCP, you may need to disable the DHCP server on LAN and manually configure the systems on the network (including the host, if you want internet access on it) to use addresses on the LAN subnet, use the router's LAN IP as the default gateway, and as the DNS server.

If your connection does not support configuring by DHCP (if it is PPPoE, PPTP, or requires manual configuration to even work), you might be able to configure the local network with DHCP.

@athompso:

Looks like EddieA is collecting some real data, here: http://forum.pfsense.org/index.php/topic,21510.0.html.

I gave up on that shortly after I posted, because I moved my pfSense off the ESXi box onto it's own, dedicated, thin client.

Cheers.

For something else to try; I've been using the VMXNet2(Enhanced) nic without any issues, you just need to manually call up the vmxnet_load="YES" under /boot/loader.conf after vmware tools are installed.

ESXi 4.0U1 will run on an Intel i3 chip, and supports the ICH10 SATA controller.  So the harware doesn't actually have to be all that expensive.  Just don't try to run Matrix RAID :-)  If you want reasonably-priced hardware RAID that VMWare ESXi supports, I think you're limited to 3Ware cards (formerly AMCC, recently bought by LSI, IIRC).  Or go external iSCSI, the Iomega StorCenter ix line is VMWare-certified, and QNAP is a VMWare Partner member that self-certified I think.  At the very least you could hang those NASes out the window from a sturdy Cat6 cable if you had to :-).
I just priced out a low-end VMWare box and I think it came to about $600 sourcing parts from NewEgg, et al.

I know this isn't as helpful as it could be, but I remember running into that problem the first time I installed pfSense under ESXi 4.0.  I've actually had better success running the LiveCD installer from ISO than using the VMWare appliance… and at the moment, I'm not getting that complaint out of ESXi like I used to.

FWIW, if you install from ISO and then don't install the VM-tools package, it runs fine without complaint.  ESX should only complain if it seems the VM tools, then it doesn't, then it does, then it doesn't...

You'll want:

as fast a disk as you can afford (consider linux software RAID1 [md device, NOT dm device] if you are sure you don't want to run VMWare ESXi), and as much RAM as you can reasonably afford to put on the board (I'd say 8Gb would be a starting point, not a maximum, based on my experience).

CPU usage is not likely to be an issue.

If you try to use "fakeraid" RAID-1 (e.g. Intel Matrix Raid, Marvell/SiliconImage/Highpoint PATA/SATA RAID) you will be unsatisfied with performance.

I'm running multiple VMs (including pfSense) on a dual-cpu quad-core 2.6GHz Xeon, 24Gb RAM, hardware PERC/6i RAID controller running a pair of 146Gb 15kRPM SAS disks.  My biggest bottleneck is disk performance.  I haven't yet filled all 24Gb of RAM.  I'm not even close to hitting the wall on CPU.

With today's systems it's basically impossible to buy a "fast enough" disk subsystem.  (Well, excluding the more-money-than-god people who buy the old-fashioned solid-state disks that use SRAM or DRAM, not Flash… They're probably fairly happy with their disk performance :-)

It sounds like you want to use the host OS as a workstation; that's OK, although you'll probably want to spend less money on the motherboard, RAM, and chip and get an SSD to use as your root filesystem; offload the VMs onto a secondary (mechanical) disk.

On the other hand, if you're OK with the VMs eating into performance of the host OS, then your setup should be fine.

Note that "playing Bluray disks and H264 1080p/720p files" is still considered pretty heavy-duty use.  Just playing back a 1080p file will probably use ten times as much CPU time as all your VMs combined.  Take a close look at the I/O bandwidth rates you need to support for HTPC usage; Bluray playback involves an astonishing amount of data being transferred from disk (whether HDD or Optical)... another reason to look more carefully at your I/O setup.

One last point is that I believe (haven't done it myself, so not 100% positive) if you put a supported WLAN card into a pfSense box, it can act as an Access Point for you... but not if it's virtualized.  The exception to the exception is if you can do I/O (PCI) Virtualization, which I'm fairly sure neither VMWare Server nor VirtualBox can do right now.

Um... I guess I should offer some options for the I/O problem that are compatible with an HTPC setup: have a look at Iomega's NAS line: "StorCenter ix", available in everything from single-drive 500Gb units to 12-drive monsters.  QNAP also makes some good, reasonably cheap iSCSI products.  Using iSCSI lets you attach the storage at whatever level you like; you said you're using GigE, iSCSI performance will be not great but if it relieves pressure on the internal SATA controller, it might be worthwhile.

@AkumaKuruma:

final word is you WANT to use e1000 as the network driver. if you are noticing a performance improvement by changing it to flexible, that is a sure sign of something really wrong with the setup of your system.

Yeah, there is a huge performance difference between flexible and e1000, the latter is 5-10 times faster on normally functioning ESX boxes.

@AkumaKuruma:

with a clean install on good specs, there is no reason that a pfSense VMware shouldn't run at full speed as if it was installed bare metal.

You'll never get full speed with any VM, there is overhead in virtualization, but it should be close.

the below directions are for VMware Server. if you use player then these directions will be pretty much useless and takes a bit more work to figure it out.

for the 3 NIC's for VMs (2 for pfsense and 1 for others), go into the properties for those interfaces and disable all protocols except for "vmware bridging protocol". this will make sure that the windows host wont actually be able to use that NIC for its own use. only vmware will be able to utilize it at that point. Windows wont do anything with raw traffic unless it is running a protocol to handle it, therefore you can Internet face one of those NICs and nothing bad can happen directly since it wont know what to do with it.

make sure to static bond the NICs to virtual nics that are easy to remember, ie VMNET3 for virtual machines, VMNET4 for pfsense LAN, VMNET6 for pfsense WAN.

this set up will have your "other" VMs go out their dedicated NIC and back in the pfsense LAN NIC to get to the internet. your workstation would technically go out and back in its own LAN connection to get to internet. you could use internal VMware network adapter if you want to run internally from workstation straight to pfsense and not hit the physical network, but that would take adding an OPT interface to pfsense and removing default gateway from Windows LAN connection.

Currently doing exactly the same, getting rid of some older P3/P4 boxes with loud case fans and hard drives, and bringing them together in a low power server.
I have 3 nics in my server running vmware server + pfSense. One is used for the direct connection to Server 2008 (the host OS), and the other two are bridged through to the pfSense VM.
It's remarkably simple to setup