The answer for me was – my schema worked, but I went crazy thinking I had weird issues with my setup.. ended up just being my NIC card. You NEED 2 nic cards without the 2nd one being ghetto in any form. Mine was ghetto :P

I ended up doing this:

https://docs.google.com/presentation/d/18daTkuC344aqCuJ_qOgGhEMz9_DGi_Ek0R9I_uYMc3Q/edit?usp=sharing

This is about as detailed/friendly as it gets. Please note the 2nd slide for details. Good luck ;)

Wow, believe it or not, it looks like my issue was caused by my DNS server settings. I was using Google DNS in the pfsense config (8.8.8.8) and for some reason it appears that it was breaking things. I've switched to my FiOS router as the DNS (192.168.1.1) and it appears to be working both externally (web requests) and internally now. How bizarre. Thanks for everyones help, here's hoping this thread helps someone else in need lol.

Edit: I also upgraded to 2.2 during this process…I don't THINK that has anything to do with it, but I suppose it's possible.

This is just what I needed.  ;D  I was having issues setting up this as well, and while I had set the SR-IOV in the network manager setup, I missed it under the VM/Network/HW Acceleration.

what is the status of the open vm tools package being compatible without doing CLI hacking ?

you can try to go to setup wizard and tick on allow DHCP dns also put in the primary DNS your DNS or put 8.8.8.8

Thanks
Ali Chouman

quick update

I did an install of an virtual smoothwall and all works fine… :o

So its has something to do with pfsense for sure....

Are you in the wrong thread then???

This thread is about vmware tools
"VMware 2.2 RC and VMware Tools - can only ping  (Read 877 times) "

Well this is what I ended up doing.

Did a fresh new VM, set with bsd 8.x preconfig.
Copied host cpu configurations and disabled xsave feature
Did virtIO on the disk/5G image
Got rid of all the nics.
Did pci-passthrough of eth1 on the host to VM.
Then did vlan setup from pfsense side.

Result LAN to LAN2 50MB/s which is what I expected. Both interfaces pushing about 400Mbit/s according to the pfsense traffic graphs, which would stature a single gigabit link.

Eh, it's much better than what it was before; and now I'm running 2.2.

Hi,

And the answer is no. The provider doesn't currently permit to pass VLAN taggs between two hosts. It will be added in a future release though.

But for now, I can't use VLANs.

So what is the best option to isolate the subnets? Am I right in assuming that if I create a new vswitch with no attached interface to it, the CARP won't work at all for the subnet in this vswitch?

Thanks,
Nicolas

@duntuk:

Is this patch necessary for the pfsense 2.2 release ?

No, it's included.

I like your drawng!!

But not sure why you need or want sg300 in l3 mode?  I have 4 segments running 3 physical and 1 vlan, with esxi hosting pfsense and multiple other vms.

sg300 is just L2.

I can put together a drawing sim to yours..  But in a nutshell pfsense has leg in each vswitch which is tied to physical network for wan, lan, wlan and vmkern.  vmkern is in the lan - but I break out a 2nd nic for it when it shares a nic peformance to and from the database is hindered.

dmz is jut vswitch with no physical connection and wlanguest is vlan that runs over the physical wlan segment.  I also have another smart L2 switch netgear gs108t that there is trunk between it and the sg300 for the different vlans.  I have my dvrs in the wlan segment and printer example for ease of airprint.

I think using L3 on your sg300 is just making for a more complex setup.

@johnkeates:

You can circumvent this using VLAN interfaces and hanging those in a VLAN bridge, or disable VirtIO and use HVM network devices which do support NIC VLAN'ing.

That's exactly my question: how to disable virtio xn* interfaces.

I first noticed it after the 2.2 upgrade : WOL wasn't working anymore with any of the usual targets  :-\

I use a WOL standalone client just to check that it wasn't anything in the network backbone that was messing up with the magic packets, but it worked fine.

I hope the WOL feature will be fixed for the next release  :)

The simpliest fix for this is to disable checksum offload (System > Advanced > Networking tab and reboot)

Ok i figured it out… I played a bit with the virtualisation settings..

In the end it worked, when I used a hard disk with the "raw disk image (raw)" format. Before I had "QEMU image format (qcow2)" and it worked with pfSense 2.1.5.

For anyone interested. I've now been running in Hyper-V with PowerD disabled for a while now. The overall power consumption of the server doesn't seem to be impacted at all and my pings are a little faster now (eg 10 vs 13 on average). Not sure if the lower ping times are due to the final build of 2.2 or due to the powerd settings.

Make sure what switch port, to which pfsense LAN interface is connected, is in a trunk mode and have all needed VLANs set on it.
Other ports (to which other computers are connected) should be in "access" mode and in one specific VLAN (port can't be in access mode and be in multiple VLANs).

Refer to HP documentation on how to do that.