Hyper-V integration installed with pfSense 2.0.1
-
It would make sense to say which of the 2 versions you are using? There is after all 2 different versions posted.
I'd expect 2.0 branch to have issues because the drivers don't officially support the FreeBSD that's based on. I'd have thought if they did they'd have advertised that fact.
The 2.1 branch however should in theory be OK because of the upgraded FreeBSD.
Anyway please say which of the 2 is working for you or if you have problems again please say which version.
-
This issue was happening on both versions but I have solved the issue. Well I think I did. The VM has been running for 52 hours so far no issues. It was related to the processor C states allowing the NIC cards that are integrated to be powered off to conserve energy. I have been analyzing the logs off the host machine for the past few days and tried a few tweeks in the bios to not allow power saving anywhere and disabled C states also in windows I have turned off the settings in the device manager for the NICs for power saving.
Seems with the updated Hyper-V integrated services for 2012 has power management settings that can be passed to the host for correct CPU low power states but the drivers currently for FreeBSD in beta only fully support 2008 R2 which do not have the new power management capabilities.
The host box is a Supermicro 5017P-TLN4F
http://www.supermicro.com/products/system/1u/5017/sys-5017p-tln4f.cfm16gb ram
RAID 1 Intel 520 480GB SSDI use it for a low power house router and secondary domain controller and remote management for Microsoft system center 2012.
Thanks for all your help everyone hope to see an update version soon and maybe full support in the next official release.
-
Cool, glad you got it sorted :)
Mine has been fine although I did have an incident where I lost all configuration inside the VM, however I did cluster the hosts and mess with snapshots so I think I probably caused that.
That Supermicro box is to die for, do you know how much power that is drawing from the wall because it looks exactly like what I want! :D
-
@zootie! terrific work! thanks for taking the effort to build the iso.
@all - I have been trying for a long time to get pfsense working on hyper-v. The LAN side is all sorted out (completely virtualized), I'm having a problem with the WAN side.
my setup is as follows
Internet <-> router (DHCP for WAN) <-> pfsense WAN (connected to an external virtual switch) <-> pfsense (DHCP for the LAN) <-> LAN VM's (All connected to a private switch).
No matter what I do, the pfsense WAN interface does not pick up an IP address from the router. Ideally, this should pick up a 192.168.1.x address
Only things I can think of are 1) uncheck the setting on the WAN interface so that it can accept an RFC 1918 address and 2) enabling mac spoofing on the WAN interface.
Any suggestions / pointers? Thanks in advance!
-
I'd just like to add my thanks as well. I'd tried it before on Hyper-V without the Integration Components and the performance was so poor that it was unusable. I had to switch to ESXi which was a shame because I liked some of the new features in Hyper-V 2012.
However I've been running this in Hyper-V for around a week now with no issues. I don't use VLAN's and haven't played with QOS on it but I've got 2 WAN's, IPsec and OpenVPN all running off it with no issues.
I'm using the 2.1 ISO. Obviously it tells me there's updates but I've not applied any incase it overrides the custom kernel with a default one and the Hyper-V integration is lost. Has anyone tried updating? I guess I could just snapshot it, try it and roll it back if it gets nuked. The advantages of it being a VM :)
Hopefully 2.1 will be final in the not too distant future and can run off a none beta version of pfSense.
Looking at the git repo for the Hyper-V drivers the development doesn't really seem to be moving much. It looks a bit slow to say the least which is a shame. I'm hoping they'd update the drivers to 2012 Hyper-V levels (Does that break backwards compatibility though with 2008 versions of Hyper-V? If so that's not such a good idea).
-
@zootie! terrific work! thanks for taking the effort to build the iso.
@all - I have been trying for a long time to get pfsense working on hyper-v. The LAN side is all sorted out (completely virtualized), I'm having a problem with the WAN side.
my setup is as follows
Internet <-> router (DHCP for WAN) <-> pfsense WAN (connected to an external virtual switch) <-> pfsense (DHCP for the LAN) <-> LAN VM's (All connected to a private switch).
No matter what I do, the pfsense WAN interface does not pick up an IP address from the router. Ideally, this should pick up a 192.168.1.x address
Only things I can think of are 1) uncheck the setting on the WAN interface so that it can accept an RFC 1918 address and 2) enabling mac spoofing on the WAN interface.
Any suggestions / pointers? Thanks in advance!
Well it could be the nicdriver for the Physical card you are using for Wan. Some dumb manufacturers (Realtec! for example) doesn't include everything you need for hyper-V in their base driver.
Saw this Issue with Hyper-V and a virtual ISA server. Exactly the same problem. Completly impossible to get an IP on Wan. Replaced the card with a Intel card and problem solved.
There are articles on how you can fix it with additanl doenloads too but I didn't try them -
@mats - thanks a lot for your response.
I tried that too, but still no luck. The NIC is an intel 6200 wifi, with the latest drivers (released by intel towards the end of October). Can you post the links to the additional articles - I'll see if it helps!
Only thing left now to try is to see if it works with a wired connection - but then, it would be a pain to be chained to a desk.
Any other suggestions appreciated :).
-
@mats - thanks a lot for your response.
I tried that too, but still no luck. The NIC is an intel 6200 wifi, with the latest drivers (released by intel towards the end of October). Can you post the links to the additional articles - I'll see if it helps!
Only thing left now to try is to see if it works with a wired connection - but then, it would be a pain to be chained to a desk.
Any other suggestions appreciated :).
WAN and WLAN is 2 different things. Don't mix them up :)
-
WAN and WLAN is 2 different things. Don't mix them up :)
yes, I'm totally aware of the difference between the two. The WLAN interface is assigned to the external virtual switch in hyper-v, with the OS managing the interface - this means that the hyper-v layer will route traffic from the external switch and the physical machine over the same physical interface.
The WAN interface of pfsense connects to the external switch - hence it should either pick up an ip address from the router on the 192.168.1.x network thru DHCP, or should be able to connect to the internet using a 192.168.1.0/32 static address.
-
WAN and WLAN is 2 different things. Don't mix them up :)
yes, I'm totally aware of the difference between the two. The WLAN interface is assigned to the external virtual switch in hyper-v, with the OS managing the interface - this means that the hyper-v layer will route traffic from the external switch and the physical machine over the same physical interface.
The WAN interface of pfsense connects to the external switch - hence it should either pick up an ip address from the router on the 192.168.1.x network thru DHCP, or should be able to connect to the internet using a 192.168.1.0/32 static address.
So it doesn't work even if you give it a static address?
-
WAN and WLAN is 2 different things. Don't mix them up :)
yes, I'm totally aware of the difference between the two. The WLAN interface is assigned to the external virtual switch in hyper-v, with the OS managing the interface - this means that the hyper-v layer will route traffic from the external switch and the physical machine over the same physical interface.
The WAN interface of pfsense connects to the external switch - hence it should either pick up an ip address from the router on the 192.168.1.x network thru DHCP, or should be able to connect to the internet using a 192.168.1.0/32 static address.
So it doesn't work even if you give it a static address?
nope. It doesn't! that's what's very wierd!
there are only two things I have to try out - 1) hook up the laptop to the internet connection directly (that way, the interface address will be in the routable public internet) and 2) try using the wired nic to see if the WAN interface can pick up a 192.168.1.x address via DHCP.
-
I haven't seen anything on Intel cards (they are usually the good guys that always works).
Realtec and Marvell is more of bad boys :)
-
Cool, glad you got it sorted :)
Mine has been fine although I did have an incident where I lost all configuration inside the VM, however I did cluster the hosts and mess with snapshots so I think I probably caused that.
That Supermicro box is to die for, do you know how much power that is drawing from the wall because it looks exactly like what I want! :D
I dont cluster this box but I have others that are fine with pfSense in a cluster and I have failed over a few times.
With about 10-20% cpu useage with all the power saving turned off it is currently using about 30-35 watts .3 amps with setup. I have 3 other VMs running on it with the pfSense one for a total of 4. -
After some amount of testing, have finally got a repetitive pattern. Here are the steps and conditions
-
Setup an external switch in hyper-v. The switch is mapped to a nic which is shared with the management OS (The setting "Allow Management OS to share this network adapter" setting is checked"
-
The external network has a router providing DHCP services
-
Connect any linux vm - with a legacy network adapter or a hyper-v enabled adapter to this external switch
-
Power on the linux VM - it does not get an IP address from the router. Any addition steps (like shutting down and bringing up the vm nic using ifconfig up/down does not help)
-
Connect a windows VM instead of the linux VM - it picks up an IP address without any issues.
-
On a Internal switch (A private network), everything works perfectly well.
I'm thinking there might be a bug on the external side - where the OS has to share the NIC with the OS and the VM.
Can someone test this / provide additional comments? Have some more scenarios I will be testing, will post once I'm done.
OS's / distros used for testing:
Windows - Windows 7
Linux - Backtrack 5 r3 (hyper-v network drivers), pfsense (downloaded from this thread), untangle (no hyper-v drivers, using legacy nic), zentyal (hyper-v drivers installed), ubuntu 12.04 LTS (with hyper-v drivers.) -
-
What does Linux have to do with pfsense?
-
What does Linux have to do with pfsense?
okay - any *nx / bsd variant using the ms provided synthetic drivers. Should have phrased it better :D.
-
I used "sysctl kern.timecounter.hardware=TSC" to fix the calc runtime error.
This resolves the error outputs but makes the pfSense clock run. I get +8 hours a day.
I don't know, I sync to external NTP time source so my clock is good.
I have the same issue. My clock runs with "TSC" +8 hours a day.
The service NTPd runs with 3 external ntp-servers, but it did not change the clock.
Even if I run ntpdate to bring the clock in sync and then starts NTPd, the clock runs out of sync.
@Magsy: Do you make a special config change?
Have somebody else a hint in the right direction for me? -
Just don't use this command. The error message indicates that the VM synced the time with the Hyper-V Host. It does not influence anything else on my System (except that you should not use the pfSense box as a time Server for your Hyper-V).
-
I've been running this for a few months on various machines and haven't ran into any issues of yet. Curious to see others reporting issues.
I've exported the VM as a complete package, zipped it up and am sharing it on skydrive. Ready for you to import into Hyper-V 2012. http://sdrv.ms/15jeBZ6. Unzipped this package extracts to 5GB in size.
When you import the VM you will find that Hyper-V console will ask you to match your adapters with your virtual switch configuration. The first adapter is hn0 in pfsense, which is the “WAN” interface. It is also set to pick up IP address via DHCP. The second adapter is hn1 in pfsense, which is the “LAN” interface. It is set to default static IP address of 192.168.1.1. You can change this via the command line menu driven option, or via the webgui. The default username and password is set on this VM, which is admin/pfsense.
Be interested to hear any feedback, fire me an email - alex <at>northernjeep<dot>com. I don't consider myself to be a pfsense expert, but I've set this VM months ago on a few different test beds, and basically forgot about it; it just runs away without concern. So far my experiences with pfsense in Hyper-V have been nothing but positive. </dot></at>
-
nice work, alex. thanks for sharing the vm.