The host in question has some 256GB, I asked one of the VM admins to to set me up a test machine to use and this is what I got  ;D  once I have spent some time working out the configuration I will be looking to reduce the memory and storage.  I might be looking to see at least 8/10GB as we have a requirement for keeping web access logs

Hi,

I haven't much time to simulate the lesson on the wiki but I have printed for my keep. I have attached the expanded storage, then erased the previous saved cached files.

This are my observation:

In just the whole day it filled my storage up to 85%. This is the status 4 hrs ago. Now I checked and it became 83%, I don't know what it means. But it seems to me it auto grows as it fills the storage. I have allocated 100G as you advice and put a cache cap of 40G. So I'm still observing.

Anyway, I have 2 another question as attached.

Image 1 refers to the WAN traffic but I'm not really sure how to interpret it. Also with image 2, the LAN traffic. How to interpret those data?

WAN.jpg
WAN.jpg_thumb
LAN.jpg
LAN.jpg_thumb

I read the chapter 6 of the VirtualBox Manual and played with the different network configuation. I found that in Internal Networking, my Linux VM would report "The Network Connection has been disconnected". In Host-Only, the connexion does establish itself in the VM but the web is not accessible and the Host (Windows) lose the connexion too. Maybe there is a conflict between the Bridge and the Host-Only network adapter.

From the documentation of VirtualBox :
"Internal Networking is similar to bridged networking in that the VM can directly communicate with the outside world. However, the "outside world" is limited to other VMs on the same host which connect to the same internal network."

Since my pfSense VM does access the internet, does the rule still apply?
smcclos - You say you did a setup like this, how did you proceed exactly?

Thank in advance.

I think I have the same problem as your only that my is the latest version of pfsense. http://forum.pfsense.org/index.php/topic,66646.0.html

I am not sure where the problem is and how to debug this, but it is impossible to use this in a production setup.

@gi-minni:

… change easily tmpsize, varsize, etcsize (there is a GUI way for this but is only defined for embedded platform)

Actually not true with 2.1

I'm not using VirtualBox, so I won't be able to help much.

First step, I'd say is to use a newer version of pfSense. Looks like you're trying with 2.0.3, while 2.1 was just released. If it's not a requirement to use 2.0.x, there is no use to try with an older version when such a shiny new one is available ;)

You might want to post more info about your HW (mostly what CPU and network cards), which might be relevant. For example, under Hyper-V, pfSense 2.0.x would panic when running on an amd64 CPU (you had to edit boot.conf) and you had to reset the network interfaces after the boot was completed. There might be something like that for VirtualBox that might have been fixed in 2.1.

Just for the benefit of anybody watching this thread. I did a new build with the Hyper-V aware kernel and pfSense 2.1 Release. See http://forum.pfsense.org/index.php/topic,56565.msg362435.html#msg362435 and following posts (check out the complete thread for troubleshooting tips and issues others have found).

(guessing your meaning using Google Translate)

Actually, this is a newer version (currently 2.1 Release or 2.0.3p1-Release) http://forum.pfsense.org/index.php/topic,56565.msg362435.html#msg362435

Hi emcel,

I'm just starting to scratch the surface and learning about this stuff and I maybe wrong on this but I believe there is a difference in this particular setup when you use the loopback adapter.

In our scenario, the wireless NIC in my laptop is a layer 3 device, and the Loopback Adapter is layer 2, the two virtual NICs from virtualbox, one is bridged to a layer 3 device and the other to a layer 2. Your setup is different but I don't fully understand the implications in terms of paranoid security.

I suspect that in your case it didn't  work because you had the loopback adapter facing the outside world. (to your switch)

When I installed the looppback adapter I set it up as follow:
IP 192.168.100.2
SM 255.255.255.0
GW 192.168.100.1 (Later used this ip to configure pfsense (LAN em0)
In Virtualbox this is bridged to Adapter 2

Edit: http://tinypic.com/view.php?pic=8x7gw4&s=5

Yes, the WAN NIC has been set as external.

Yeah - Thats all kind of complicated.  It has to be done, but I think first getting pfsense working, then bridge fios.
Anyway  - the order isn't important if it doesn't confuse OP.

So I got it solved through hours and hours of research… basically I got rid of MSLB and reconfigured everything. I now have a working server and network that connects to the net via pure software pfsense. Now it's time to connect diskless nodes to this server...

pfsense runs on FreeBSD… XenServer does not support FreeBSD at this time, therefore XenTools will not work.

I highly recommend against virtualizing pfsense in a XenServer environment as you will encounter performance degradation from the kernel running in an emulated state.

I currently run two virtual pfsense instances on XenServer but only for backend VPN access, and basic internet access. Most of my tests I was unable to exceed 30Mb/s from the virtual pfsense instances.

Hopefully this will be addressed soon, or maybe it already has... but I haven't seen anything as of yet.

Phil,

OpenVPN would be my choice.  You'll just need to be sure you have set up the firewall rules to allow the client to access all the networks.

Just an FYI here.
it is confirmed that a PCI pass-through is possible on
AMD based chassis from TAMs based on supermicro H8DME - 2 MB
using Ubuntu Server 12.04 and Xen 4.2

also keep in mind that Ubuntu server 13.04 with Xen 4.3 is a no-go
it might be something in the kernel I am not sure but I was able to get things working on 12.04 but not on 13.04
since I am still playing with the setup I might try getting things work on 13.04+Xen 4.3  , but not sure about this yet…

ESXi is a no-go
XenServer 6.2 is a  no-go

there are some suggestions that an ArchLinux can work but as a noob I can not /will not go there :-)

Looks like I solved my own problem.

Previously, the pfSense VM had a MAC address that was different from the physical NIC connected to the cable modem.  This same MAC was configured as the MAC on the WAN interface in the pfSense configuration and in the VirtualBox configuration.  This worked, but only after physically connecting/disconnecting the cable between the host machine and the cable modem or rebooting the cable modem.

The "fix" was to clone the MAC of the physical NIC in both the VirtualBox configuration for the VM and in the WAN configuration in pfSense.  Once I did that all was good!

In summary:
CentOS:
Go to: System->Preferences->Network Connections->(your WAN interface NIC)
Under IPv4 Settings tab: set Method to "Disabled"
Under IPv6 Settings tab: set Method to "Ignore"

VirtualBox:
Get the MAC address of your physical NIC connected to the WAN (ifconfig output, whatever you prefer…)
Use this MAC value in the WAN network adapter in your VM config
pfSense:
Use the same MAC value as the above in the pfSense WAN configuration

Now reboot and see if your VM grabs a DHCP address properly.

I'm not sure why more than 1 MAC on the WAN was causing the conflict, especially since only the VM MAC was ever really in use.  But this approach certainly seems to have resolved the issue for me.  Hopefully it will help others.

Personally, I think at best you save yourself about .1 ms latency and not much more advantage.
Many disadvantages though - Like N not working being the primary one.  But G is ok.