Does anyone know what the underlying issue of this was? Or if it is going to be resolved? I had 2.3.1 in Hyper-V on 2012R2 experiencing HEAVY packet loss when approaching 5mbps on our MPLS. Once I downgraded to 2.2.6 everything was fine again. I couldn't find any bug referencing this issue. I'm glad to find this problem is more widespread then just me.

Tenacity prevails!

If you assign the bridge to the LAN interface and add both your previous lan interface and the tap0 interface to it, then you can attain access to the internets for your vms.

1. Create a bridge in Interfaces:(assign):Bridges
2. Go to Interfaces:(assign) and determine which device is assigned to LAN
3. Go to Disgnostics:Command Prompt
4. Enter ifconfig bridge0 addm <device assigned="" to="" lan="">5. Go back to Interfaces:(assign) and set BRIDGE0 as the LAN
6. Add the previous LAN device
7. Enable that device
8. Go to Bridges:BRIDGE0 and assign your new device (OPT1?) to BRIDGE0

When you add the device to the bridge with the command prompt, you make certain that the bridge has access to the wire. 
When you add the device to the bridge in the GUI, you make that persist between reboots.

It works!  If anybody want to use Netflix with a Hurricane Electric IPv6 Tunnel you can use a VM to provide a barebones BIND install to filter out Netflix's IPv6 addresses.

If someone besides me shows interest in this thread, I could make the instructions more cohesive  ;D, but for now I'll leave this as is and hope it's useful to anyone else who wants to do this.</device>

Modern OSes like Windows Server boot in 5 seconds

VMware Workstation 12.5.2, running on an Intel i7-2600, takes about 15 seconds to boot a fully-patched Windows Server 2012R2 VM stored on an SSD.

its solved..

i just change another physical NIC and plug the trunk interface into new NIC.
set encapsulation dot1q on cisco switch, i've tried (it works on 2900 & 3550) it doesnt work on 2950,2960(may be im wrong config).

old one NIC doesnt support for trunking.

Thanks.

As long as you set up the vswitch so that only the pfsense box has a LAN port on it, and its running to a dedicated esxi NIC your fine.

That's not as uncommon as you think. I run into that all the time when I work on networking chassis or firewalls, anytime I change out a line card or module it regenerates the ssh keys when it restarts.

The problem is with the ESXi. I can put an ESXi management interface on the LAN and add a NAT, however I can't change the default gateway, it's a global configuration to all VMKernels. And so the packages are unable to get out!

Well I didn't bother to wait for an answer here… not sure why it failed after the update, maybe because it's been updated so many times from previous versions something was messed up.

I downloaded 2.3.2 ISO, did a fresh installation, then updated to patch 1 and loaded my backup everything is working great. So I guess case closed.

Cheers

OP, does 2.3.2 (not p1) work for you?

I've been running pfsense under ESXi for about 8 years now at least… never had an issue until 2.3.2_p1 update... when I update to it, it doesn't even want to boot.

Also under ESXi 5.5 BTW

see my thread here: https://forum.pfsense.org/index.php?topic=123971.0

Although from what I've read that error seems to point to a hardware issue it just doesn't make any sense.  I don't have USB or floppy drives, etc on that VM.  It's just a video card, HDD and that's it which has always worked for me even w/ 2.3.2 (non-p1).

EDIT: I reinstalled 2.3.2 in a fresh VM from the ISO then upgraded to patch 1 w/o an issue.. restored my CFG and I'm off to the races.  Hopefully you find out what's going on with yours.

Cheers!

Well for starters your nic is not connected and why do you have it set on your wan for vlan 1?

So just as an FYI, i updated to 2.4 and I must say wow, it feels way faster then 2.3.x. It also fixed all my percieved latency problems, and it was super simple to set up ipv6 in it. Great job guys, keep it up.

@andipandi:

Thank you, Mats.

I just checked and tcp/ip is indeed disabled on all adapters that have a vSwitch on them. I tried disabling the adapters in the host before, but that did not work at all (loss of connectivity on the vSwitch as well). With tcp/ip missing I am a little more relieved.

Good.
One way to se it is that that binding for the Vswitch is the virtual cable between the nic and the vswitch. If you unbind it - you unplugg the switch.

As long as the only binding fot the external card is the vswitch and the only thing using that vswitch is the external interface on the PFsense box - then your safe. I haven't heard of any security issues with the vswitch in al years with hyper-v

@heper:

you created rules on those interfaces to allow packets to flow ?

Yes..

Funny thing is now it started to work.. Not sure what made it work.. the difference between 30 min back and now is that I had enabled port 4(eth4 - LAN3) connected my laptop and added rules and nothing worked..
And then i connected WIFI router to eth2 (LAN1) and laptop to LAN2 and disabled LAN3.. Now laptop is reachable to outside world and the wifi router is also working which is test by checking the mobile and laptop..

trial and error… using proxmox on supermicro boards they bind the IPMI port to lan 1 (eth0), thus creating my confusion.

vmbr0 = eth0,eth2,eth3,eth4 - 192.168.1.3 / 255.255.255.0 / 192.168.1.1
vmbr1 = eth 1

pfsense add two nic's e1000's, assign one vmbr(x) to each nic
Then go through the assign function at the command prompt.
get into the gui and dhcp release / renew on your WAN.

Fixed it for me.  Now to assign a fail over secondary wan using a cradlepoint AER1600

Changed to lsi SAS. Still the same issue. Get errors even during install but the files get copied, though slow as hell.