@johnpoz Oki

@kevdog If you're using ZFS then it might be the ZFS cache. 8G seems like a lot for pfSense btw unless you're running every service under the Sun.

@GPz1100 said in pfsense vtnet lack of queues:

@chrcoluk Any progress/movement on the vtnet queues issue?

It was declined, if I remember right they said it was too difficult to do, because it required a recompile instead of a loader flag change.

Just ran across this on one of my firewall appliances.

Approaching the limit on PV entries, consider increasing either the vm.pmap.shpgperproc or the vm.pmap.pv_entries tunable.

What exactly is a "PV" entry? No one said.

This firewall has been running for 840 days and just started dropping some phonecalls for the site this week, so i am just going to reboot it and see if this error goes away. But it would be interesting to know what exactly this error message indicates. What can cause this behaviour?

From this article here: https://supportportal.juniper.net/s/article/EX2300-C-printing-logs-Approaching-the-limit-on-PV-entries?language=en_US

Seems to have something to do with virtual memory.

On the kernel, each virtual address which is mapped to a given dynamically-allocated physical memory page uses up one pv_entry in the kernel, which contains information about that specific virtual translation. The kernel imposes a max limit on the number of pv entries that can be allocated on the system.

This message means the system is running low on pv entries in the kernel,

will post back if rebooting fixes it.

device is an SG-3100 running 21.05.2-RELEASE

@billsecond said in PfSense + Hyper-V + VLANs:

Get-VMNetworkAdapter -VMName "lab1-pfsense" | Set-VMNetworkAdapterVlan -Trunk -AllowedVlanIdList "1-2048" -NativeVlanId 90

Hi, please any one can help me to reverse this command?
I mess up my connection with these powershell:
Get-VMNetworkAdapter -VMName "PfSense-home" | Set-VMNetworkAdapterVlan -Trunk -AllowedVlanIdList "1-2048" -NativeVlanId 1030
PS C:\Windows\system32> Get-VMNetworkAdapter -VMName "PfSense-home" | Set-VMNetworkAdapterVlan -Trunk -AllowedVlanIdList "1-2048" -NativeVlanId 1031
PS C:\Windows\system32> Get-VMNetworkAdapter -VMName "PfSense-home" | Set-VMNetworkAdapterVlan -Trunk -AllowedVlanIdList "1-2048" -NativeVlanId 1032
PS C:\Windows\system32> Get-VMNetworkAdapter -VMName "PfSense-home" | Set-VMNetworkAdapterVlan -Trunk -AllowedVlanIdList "1-2048" -NativeVlanId 1033

After RTFM I was able to stop the Intel i40en driver from disabling trusted mode on the virtual functions on every reboot, but that didn't resolve the error message. The good news is now the firewall doesn't come up from a boot in a broken state every time, but this confirms the AQ returned error VIRTCHNL_ERR_PARAM to our request CONFIG_RSS_KEY! error is unrelated to the i40en driver's handling of trusted mode.

Anyone else have any brilliant ideas for what could be causing the error message?

Anyone have any guess as to whether it can safely be ignored? It doesn't stop pfSense from passing traffic on the NIC so it seems to "work," but God forbid it's creating some sort of security vulnerability!

I think the thread was posted in the wrong category. @mods could you please move the thread to the right category? I think installing pfsense or so would be the right?

@pfsense2023

In top it shows high interrupt
fcff96ff-3aae-46e4-bb8d-4a36c88e9f7a-image.png

@faraguti glad you sorted it. Such thing often take longer than they would with the aid of hind sight.

@eiger3970-0
Solved.

@skveen

Your the very first that shows me a system with more RAM as (hard/SSD°VM) disk space ...
I've never seen that before.
Why insisting with such very small disks ?

Does pfSense even fit on a 1 GBytes drive, leaving close to no free space available ?
Not even talking about swap space, which is 'normally' twice the RAM size ....

edit : Google told me you should read this : PfSense Hyper-V .vhdx growing like crazy

@Sergei_Shablovsky said in pfSense 23.09 Intel QAT 4xxx passthrough question:

Right now on USA eBay (where PP able to make chargeback, opposite to many DOA from Chinas sellers) QAT8950 cost USD$50-80

I bought mine over a year ago from a Chinese seller for $37, in fact I bought two because at that price each, why not, while at the time, the QAT 8970 by US sellers priced at $800+ So, priced had fallen...that's good. Both mine are installed in work stations, a Lenovo and a Dell...see sig.

@SolPain

A WAN address is usual DHCP. I guess you want to place pfSense behind Express VPN, so it would be one of 10.184.16.x and you need to select another subnet for pfSense LAN and AD.