If you followed the guide (Tx checksuming of for the NICs, guest tools installed, etc), the VM is hardware virtualised (HVM), same CPU and RAM parameter as the one of ESXi and the XCP-NG host is reasonably fast then I can't see a reason why you have that limit. I ran pfsense (plus 3 other VMs) with XCP-NG on a J3455 CPU with 16GB RAM on a 400/90 MBits PPPoE connection. That was pretty much the limit but your can be done with even quite slow hardware What hardware to you use as a host. And what is the output of top -HaSP while you do the speedtest. I assume you run the speedtest from a client (client -> pfsense -> ISP -> speedtest server), not from pfsense itself. And again, a network diagram would help. How are you connecting to the ISP?

@eiger3970-0 It appears I may have to move the virtual pfSense router to a hardware device. However, I'm unsure if I could also build some 24 hour systems on the hardware device as well? For example, a separate hardware device rather than this Desktop with 2 NICs, running a type 1 hypervisor with various 24 hour VMs. Can a new and separate hardware device be run for a 24 hour router and 24 hour VMs? Then this desktop can be powered on and off when needed.

@viragomann Thanks!

@viragomann The machine's Ethernet is set to a static IP 192.168.1.110/24 gateway 192.168.1.170. The Wi-Fi is DHCP I guess? I set up a new Network location on the machine and the Ethernet DHCP would not connect, so I switched back to the original network with the Ethernet static IP and it connected. Guess I'll see how long it stays online until the problem returns.

@JonathanLee This is solved, somehow, I don't remember...just noting the thread can be closed.

Just in case anyone find this thread, i did a better article: pfSense on TrueNAS Scale KVM, What is the best Virtual Custom CPU to choose? | QuantumWarp

https://forum.proxmox.com/threads/dhcp-on-pfsense-vm-not-handing-out-addresses-past-the-host.102763/ Seems like I'm not the only one.. To bad it's Intel driver "igc" that is the problem.. i226-LM and i226-V is having the same problem and i even think i saw i225..

@saluteferux said in Help with High CPU Usage in OPNSense/Pfsense VM inside Proxmox: and using additional bridges to assign an IP on the proxmox host If any of those bridges are connected in Promox to any of the I226-V NICs then you are not using pass through of the I226-V. Pass through is done via Proxmox GUI -> pve -> VM -> Hardware -> Add -> PCI device Virtual switches / bridges via Proxmox GUI -> pve ->Network-> create (to create a virtual switch), then Proxmox GUI -> pve -> VM -> Network device -> Add (to plug the VM into the virtual switch). But I assume you already knew this & I'm just not understanding what you are saying. As for why there is a difference between VM load inside a VM compared to the Load measure outside the VM by the hypervisor, I believe the difference is overhead (including task switching, virtual device emulation, interrupt pre processing etc)

@johnpoz Oki

@kevdog If you're using ZFS then it might be the ZFS cache. 8G seems like a lot for pfSense btw unless you're running every service under the Sun.

@GPz1100 said in pfsense vtnet lack of queues: @chrcoluk Any progress/movement on the vtnet queues issue? It was declined, if I remember right they said it was too difficult to do, because it required a recompile instead of a loader flag change.

Just ran across this on one of my firewall appliances. Approaching the limit on PV entries, consider increasing either the vm.pmap.shpgperproc or the vm.pmap.pv_entries tunable. What exactly is a "PV" entry? No one said. This firewall has been running for 840 days and just started dropping some phonecalls for the site this week, so i am just going to reboot it and see if this error goes away. But it would be interesting to know what exactly this error message indicates. What can cause this behaviour? From this article here: https://supportportal.juniper.net/s/article/EX2300-C-printing-logs-Approaching-the-limit-on-PV-entries?language=en_US Seems to have something to do with virtual memory. On the kernel, each virtual address which is mapped to a given dynamically-allocated physical memory page uses up one pv_entry in the kernel, which contains information about that specific virtual translation. The kernel imposes a max limit on the number of pv entries that can be allocated on the system. This message means the system is running low on pv entries in the kernel, will post back if rebooting fixes it. device is an SG-3100 running 21.05.2-RELEASE