@viragomann I will try after work. Thank you!

Seems similar to: https://forums.freebsd.org/threads/zfs-unmap-and-vmware-esxi-troubles.77648/

Something in VMFS6?

Steve

@keyser said in vmxnet 3 only autoselect available - limited to 1.4GiB/s (10G not working):

If you choose the Intel 1000 adapter i ESXi, it will also show 1000Base-T as a connect option - because the adapter emulates physical hardware.

That's what I would expect. That's what hardware emulation should do.

VMXnet3 is a paravirtual adapter that does not emulate specific physical hardware, but is software only - and software speed limited only.

virtIO is paravirtualized as well. That is all, what I was saying. Above you mentioned paravirtualization as the only reason for not showing any connection speed. But this seems not to be the whole story.
Obviously virtIO signals the operating system that it is a 10Gb hardware, but vmxnet3 does not.

@viragomann

Ok. Thanks.

I have restarted the server. Problem not solved.

The other address i want to ping is a public ip. It is linked to DMZ interface.

@tibere86 if you are still interested, had a similar issue with virtio in Proxmox and after several changes, reboots and iperfs later I found this combination of hardware offloading config offered the best performance System>Advanced>Networking

fda6d09d-e154-44c7-8f7f-1c597f87de72-image.png

It completely depends how you have the VM configured in VBox. If the host NIC is passed to the VM then it would not have a connection using that and would need some other connection via the VM.

Steve

@jamiegb Okay so I loosely followed this article here https://www.christofvg.be/2019/01/12/pfSense-on-Azure-Part-1-Create-pfSense-Virtual-Machine/

But when getting to the point of installing the agent i used the following commands, note python 3.8 for latest pfsense version 2.5.2.

pkg upgrade
pkg install -y sudo bash git
ln -s /usr/local/bin/python3.8 /usr/local/bin/python

Clone the Git repository

git clone https://github.com/Azure/WALinuxAgent.git

Enter the WALinuxAgent directory

cd WALinuxAgent

List all available versions

git tag

Checkout the latest (stable) version of the agent

git checkout v2.4.0.2

Install the agent

python setup.py install
ln -sf /usr/local/sbin/waagent /usr/sbin/waagent
ln -sf /usr/local/sbin/waagent2.0 /usr/sbin/waagent2.0
echo '#! /bin/sh' >> /usr/local/etc/rc.d/waagent.sh
echo '/usr/local/sbin/waagent --daemon' >> /usr/local/etc/rc.d/waagent.sh
chmod +x /usr/local/etc/rc.d/waagent.sh
echo "y" | /usr/local/sbin/waagent -deprovision+user
echo 'waagent_enable="YES"' >> /etc/rc.conf.local

You can check whether it's running before deprovision by running service waagent status.

I deployed the image with both NICs DHCP and also left them DHCP in Azure. You may have to wait a few minutes after booting the VM to access the LAN NIC on either http or https whichever you have configured.

Below are the commands i used for creating the VM

Initialize variables

$storageType = "Standard_LRS"
$location = "UK South"

$storageAccountId = "xxxxxxxxxxxxxxxxxxxxx"
$sourceVhdUri = "https://xxxxxxxxxxxxxx.blob.core.windows.net/temp/AZ-PFSENSE01.vhd"

Create the disk configuration

$diskConfig = New-AzureRmDiskConfig -AccountType $storageType -Location $location -CreateOption Import -StorageAccountId $storageAccountId -SourceUri $sourceVhdUri

Create the Managed Disk

New-AzureRmDisk -Disk $diskConfig -ResourceGroupName <resource group> -DiskName az-pfsense_disk1

Get the object of the existing Managed Disk

$disk = Get-AzureRmDisk -DiskName az-pfsense_disk1 -ResourceGroupName <resource group>

Get the object for the existing Virtual Network

$VirtualNetwork = Get-AzureRmVirtualNetwork -Name <vnet> -ResourceGroupName <resource group>

Create a new Virtual Machine object

$virtualMachine = New-AzureRmVMConfig -VMName az-pfsense01 -VMSize Standard_B2s

Attach the existing Managed Disk to the Virtual Machine

$virtualMachine = Set-AzureRmVMOSDisk -VM $virtualMachine -ManagedDiskId $disk.Id -CreateOption Attach -Linux

#Create pub IP
$pubip = New-AzureRmPublicIpAddress -Name "az-pfsense01-pip1" -ResourceGroupName $pfresourcegroup -Location $location -AllocationMethod Dynamic

Create the NIC's for the frontend and the backend, note 7 is the subnet ID yours maybe different

$frontEndNic = New-AzureRmNetworkInterface -Name az-pfsense01-frontend-nic -ResourceGroupName <resource group> -Location 'UK South' -SubnetId $VirtualNetwork.Subnets[7].Id

$backEndNic = New-AzureRmNetworkInterface -Name az-pfsense01-backend-nic -ResourceGroupName <resource group> -Location 'UK South' -SubnetId $VirtualNetwork.Subnets[7].Id -PublicIpAddressId $az-pfsense01-pip1.Id

Add the NIC's to the Virtual Machine

$virtualMachine = Add-AzureRmVMNetworkInterface -VM $virtualMachine -Id $frontEndNic.Id -Primary
$virtualMachine = Add-AzureRmVMNetworkInterface -VM $virtualMachine -Id $backEndNic.Id

Create the Virtual Machine

New-AzureRmVM -VM $virtualMachine -ResourceGroupName <resource group> -Location 'UK South'

@thatsysadmin

we tested passthrough of the 10G NIC with almost the same results.

Bare metal on the same machine works fine.

I think this is an issue with esxi and pfsense. We see very high interrupts on pfsense during bandwidth testing on ESXI even if we passthrough the NIC.

@lostnil Have any update on your Proxmox throughput issue? Were you ever able to determine if you could route gigabit traffic through your pfSense VM?

I was able to disable it from the shell. Using

pfSsh.php playback disabledhcpd

My main issue is using my own DHCP server within VirtualBox to now assign an IP to the LAN interface

Hmm, higher throughput with higher MTU like that implies something in that local link it hitting a PPS limit. Mismatched MTU will cause horrible throughput issues generally.

But, yeah as mentioned, the first thing I would be doing here connecting something basic and baremetal to the connection to prove it can do 1Gbps. That really shouldn't be very demanding though.

Steve

@canaparo67 said in Hyper-v processor compatibility fatal trap 1:

amd epyc 7452 32-core

Don't know for sure, but could be an unanticipated condition running a 2013 OS on a 2020 processor. I, on the other hand, run that 2013 OS on a 2008 processor(Intel). LOL

Might need to bust out the credit card. Again.
No help, I know.
734f226f-9f1b-4de8-9db3-84e0a46dae3c-image.png
3cc19c57-739c-4fd7-98a5-13a8cc58ffac-image.png

Although the Redmine Ticket seems to show this fixed back in 2.5.1, your problem seems eerily similar to this one: https://redmine.pfsense.org/issues/11483. Might be something weird going on with the way Hyper-V is presenting the virtual disks ???

I hit this when I tried using ZFS as the file system with expanding disks. It went runaway and eventually caused an outage.

I've been meaning to go back and try again with a fixed size disk instead of an expanding one, but haven't got around to it yet, and EXT seems to be fine...

Hi,

all on the sameb subnet?
If so this should be problem of proxmox.
Even if u r not able to 'ping' from unifi controller to pfsense.
Are you?

Can the unifi controller reach out to the internet?

regards,

CAT

Hi Livio,

have you solved the issue in your case?
We are planing to go bare metal in our case.

Also having issues on ESXI 7.2

Checked ifconfig:

vmx0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=e100bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWFILTER,RXCSUM_IPV6,TXCSUM_IPV6> ether 00: inet6 fe80:%vmx0 prefixlen 64 scopeid 0x1 media: Ethernet autoselect status: active nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>

but like biggsy noted simplex does not mean half-duplex:

SIMPLEX
The interface cannot hear its own transmissions. This is a read-only flag that is set by the driver.

I think I got it working! I couldn't access the Proxmox web interface anymore either no matter what I tried so I reinstalled Promox entirely. After reinstalling it still didn't work, so I tried again using another subnet in the network configuration during setup, and manually connecting my laptop to that subnet. After that I was able to access the Proxmox web interface again, so I continued following the steps like I did before. I was now able to connect to the pfSense interface too. I think the issue was with DHCP not working yet because the setup of pfSense in the web interface wasn't completed yet; the new subnet I used is the same subnet I used for pfSense (192.168.1.x), so that's probably why I was able to connect now.

For now I can't test any further until tomorrow because our switch is in my parents bedroom, and they're asleep now. I did test another laptop and that did immediately get an IP within the subnet, it also was able to connect to the internet.

@alessandro-parreiras

check here

@dan-cormack

If anyone's still interesting in this topic, here is the brief instruction:

Download pfsense ISO Create a FreeBSD x64 VM in VirtualBox with PAE/NX, VMDK hard drive on IDE controller, disable audio and usb; attach the ISO to the VM Boot the VM and install pfsense on the virtual hard drive After installation completed, let the VM start rebooting and power it off Create an OS bucket in OCI and upload the VMDK into the bucket Switch to Compute/Instances/Custom Images and import the VMDK image from the bucket From now you can create an instance from the custom image

@awebster yes, you are right. i have an etherchannel on the switch and nic teaming with IP hash on the esx. the configuration is not a problem; i followed guides for it.
Problem might be with the network card's driver in esxi, which although it is supported, it might have some problems.

@kom ok great yeah ive set a dns forwarder for my windows dns server.

@tlex looks like the second shellcmd is not needed (and if needed, is wrong?!) - cp qemu-guest-agent to etc/rc.d...

Proxmox with a FreeBSD guest
Proxmox recommends using ntpd daemon in a FreeBSD client to maintain client real time synchronization. See pve.proxmox. com/wiki/FreeBSD_Guest_Notes and forum.proxmox. com/threads/time-drift-in-windows-7-guest.41268/#post-198848

Real time is set in the guest when it first starts. After which the guest clock drifts with the hosts processor crystal.

ntpd is the ntp daemon. See www.freebsd. org/cgi/man.cgi?query=ntpd&apropos=0&sektion=8&manpath=FreeBSD+12.2-stable&arch=default&format=html

Configured via /etc/ntp.conf

Command line interface ntpq See www.freebsd. org/cgi/man.cgi?query=ntpq&sektion=8&apropos=0&manpath=FreeBSD+12.2-RELEASE+and+Ports

11 minute hardware real time clock update can be enable by adding the line "SYNC_HWCLOCK=yes" to /etc/sysconfig/ntpdate

date gives time of day to 1 second resolution

Qemu guest agent
I think qemu can also sync time between the guest and Porxmox host.

Doing so is suggested github. com/aborche/qemu-guest-agent/blob/master/supported_command_reference.md

Other virtualization systems such as vmware have time synchronization between host and guest via the agent

Time synchronization should be done via only one system otherwise interaction between them decreases time system accuracy. Which mean if an agent and ntpd is used then there would need to be a way of disabling time synchronization via the agent. I'm not sure how to do this.

pfsense guest on Proxmox host
Given it is probably best to run ntp (chrony) on Proxmox then synch time in pfsense to the Proxmox host via ntpd over the LAN interface. Ideally I would like to do the following but not sure how to acheive that in pfsense

Enable ntpd on pfsense but not listening to clients on any interface. Selecting no interfaces in the GUI does the reverse.

Disable hardware real time clock update by pfsense. This is done every 11 minutes by chronyd on the Proxmox host. In pfsense the directory structure is different, so I can't goto to /etc/sysconfig/ntpdate and set SYNC_HWCLOCK=no

@julio12345 I will file a request for this to be changed to ALTQ kernel module instead of compiled in the kernel, then when ALTQ shaping is enabled the module could be simply loaded by pfsense and everything is good.

@nicesub said in Hyper-V server and pfSense setup issues:

to specify the wlan .... adapters again

Your dmesg logs doesn't mention a wlan NIC.

@patch said in Proxmox zfs install error:

I wasn’t sure if both the host and client using zfs was compatible.

I suppose you are not using ZFS on the VM data store at all.