Now, I got it right without the need to disable any firewall...my mistake was to move default gateway to pfSense. The default gateway is just for Proxmox management port to update itself and need to remain on the port originally assigned. Then, I made pfSense LAN that IP. Both accessible by my Mac Pro on the same browser tabs next to each other.

Screenshot 2023-05-06 at 3.14.07 PM.png

Thank you, I will try.
Sam

@bmeeks Ahh, yeah, I'm using N5105 so this is almost certainly it. I'll keep an eye over there, but I guess there's no solution yet...

@dobby_ I think I might have narrowed it down to an issue with the Intel I226-V ethernet controllers my mini PC has. Ended up disabling the offloading options within the driver settings-

IPv4 Checksum Offload Large Send Offload V2 (IPv4) Large Send Offload V2 (IPv6) TCP Checksum Offload (IPv4) TCP Checksum Offload (IPv6) UDP Checksum Offload (IPv4) UDP Checksum Offload (IPv6)

The issue hasn't came back yet, so hopefully that might be it fixed.

found the potential fix here

Thanks,
Gary

@jk-1 I found the problem, for whatever reason (probably self-inflicted) the subnet mask on the VLANs that did not work was set to 32... 🤦

Well, persistence paid off...the key is to start hitting the ESC key before clicking start .

Screen Shot 2023-04-10 at 10.31.23 PM.png
Screen Shot 2023-04-10 at 10.35.20 PM.png

@thebear 2 vCPUs and 8G memory.

The issue is fixed with 0x24000024 microcode:
https://forum.proxmox.com/threads/vm-freezes-irregularly.111494/post-538922

The issue is fixed with 0x24000024 microcode:
https://forum.proxmox.com/threads/vm-freezes-irregularly.111494/post-538922

The issue is fixed with 0x24000024 microcode:
https://forum.proxmox.com/threads/vm-freezes-irregularly.111494/post-538922

@nollipfsense Hey thanks, I did all of that and i am still getting the same problems. i would have to reload a snapshot or do a clean install and use a restore of a backup done from the backup and restore of the pfsense gui.

what am i missing?

Thanks.

@perrfect I just ran thru this not on proxmox but on VM on synology which uses qemu

[2.6.0-RELEASE][admin@pfSense.home.arpa]/usr/local/etc/rc.d: service qemu-guest-agent start Starting qemu_guest_agent. [2.6.0-RELEASE][admin@pfSense.home.arpa]/usr/local/etc/rc.d: service qemu-guest-agent status qemu_guest_agent is running as pid 15340. [2.6.0-RELEASE][admin@pfSense.home.arpa]/usr/local/etc/rc.d:

I just rebooted the pfsense vm to make sure everything came up on its own

qemu.jpg

Looks like everything is working here.. I don't currently have a proxmox to play with - but I did have one a while back, and was running both 2.6 and snapshot of 2.7 on it, and don't recall any issues installing the qemu agent.. Was working fine.

edit: I think I read somewhere that you might have to actually stop the VM and then start it vs just a "reboot" for proxmox - been awhile since did it on proxmox, and don't currently have one to test with..

Whatever virtio devices are being created by ovirt they are not supported by the operating system.

VirtIO devices on Proxmox VE/KVM and so on in general work fine, though, so it's most likely something in your hypervisor or hypervisor settings.

Going to need a lot more detail than just the crash report there.

That panic/backtrace looks like it would be hardware related, but it appears to be a vmware VM. So your version of VMware may not be compatible with FreeBSD 14/13, or you may need to upgrade the hardware version of the VM.

@viragomann the 1st post with the /etc/network/interfaces file is no longer used, as the VMM's GUI setup the bridges nicely.
Here are the current /etc/network/interfaces files I have tried to ping 192.168.1.1 on the VM router from 192.168.1.120 on the VMM host machine are:

# interfaces(5) file used by ifup(8) and ifdown(8) # Include files from /etc/network/interfaces.d: auto lo iface lo inet loopback auto enp3s0 iface enp3s0 inet static address 192.168.1.120/24 gateway 192.168.1.1 # interfaces(5) file used by ifup(8) and ifdown(8) # Include files from /etc/network/interfaces.d: auto lo iface lo inet loopback auto enp2s0 iface enp2s0 inet static address 192.168.1.120/24 gateway 192.168.1.1 # interfaces(5) file used by ifup(8) and ifdown(8) # Include files from /etc/network/interfaces.d: auto lo iface lo inet loopback auto macvtap1@enp2s0 iface macvtap1@enp2s0 inet static address 192.168.1.120/24 gateway 192.168.1.1 # interfaces(5) file used by ifup(8) and ifdown(8) # Include files from /etc/network/interfaces.d: auto lo iface lo inet loopback auto macvtap1 iface macvtap1 inet static address 192.168.1.120/24 gateway 192.168.1.1 # interfaces(5) file used by ifup(8) and ifdown(8) # Include files from /etc/network/interfaces.d: auto lo iface lo inet loopback auto vtnet1 iface vtnet1 inet static address 192.168.1.120/24 gateway 192.168.1.1

I updated the network topology a little to make it clearer?
alt text

@jonko Not enough info presented so others can help. How about providing a network diagram and explanation of what you want to achieve...

@cneep said in I can't get VLANs to work / No DHCP:

Virtual Switch/port groups:
If I had a (non-pfSense) virtual machine that needed access to any given LAN, I had a port group defined for that particular VLAN (1-4094).
For a pfSense virtual machine, I had a port group defined for VLAN 4095 so that all VLANs would be passed through to pfSense in the VM. I also needed to enable Promiscuous Mode for ONLY this VLAN 4095 port group.

Thanks. Been trying to get this to work for past 2 days, and finally started looking here and found this!

@f4-0 I'm not hosting a dhcpd guest with libvirt so can't comment on that issue, but I tried various bridging techniques including libvirt's virtual networks and openvswitch. All worked. But in the end I found the simplest (for me to implement and understand) was to bring up the bridges on the host using Ubuntu's netplan and networkd. I only have one NIC on this machine (desktop) and it receives tagged and untagged traffic.

#/etc/netplan/01.vmbr.yaml network: version: 2 renderer: networkd ethernets: enp0s31f6: {} vlans: vlan100: accept-ra: no id: 100 link: enp0s31f6 vlan200: accept-ra: no id: 200 link: enp0s31f6 bridges: br0: interfaces: [enp0s31f6] macaddress: 00:01:02:03:04:05 addresses: [192.168.30.11/24] routes: - to: default via: 192.168.30.1 nameservers: search: [local.lan] addresses: [192.168.30.10] br100: interfaces: [vlan100] link-local: [] br200: interfaces: [vlan200] link-local: [] $ networkctl list IDX LINK TYPE OPERATIONAL SETUP 1 lo loopback carrier unmanaged 2 enp0s31f6 ether enslaved configured 3 br0 bridge routable configured 4 br100 bridge carrier configured 5 br200 bridge carrier configured 6 vlan200 vlan enslaved configured 7 vlan100 vlan enslaved configured

Then with libvirt, dispense with virtual network definitions and assign guest interfaces to the bridges:

<interface type='bridge'> <mac address='00:00:00:00:00:00'/> <source bridge='br200'/> <model type='virtio'/> <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/> </interface>

Also, check iptables configuration.

@anita-0 by default pfSense LAN has rules to allow all IPv4 and 6 traffic.

How/from where are you connecting to the web GUI?

Can pfSense ping out from its Diagnostic menu?

There are providers in the web which allow the usage of virtualized NICs. In this case, it is easy because you can clearly assign one NIC as WAN interface to your VM and one NIC as LAN interface to your VM.
This means everything is very similar to a setup which you would do when doing it at a machine locally.

The only task for you is to find a provider which allows the usage of virtualized NICs. But there are many of them in the web!