• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Pfsense i386 , 2.1 virtio , 3 NIC so far .

2.1 Snapshot Feedback and Problems - RETIRED
5
9
4.2k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • M
    michaelvv
    last edited by Nov 19, 2012, 8:15 AM

    Hi Pfsense…

    I'm now up running on PfSense with the Virtio Net Drivers as my
      main firewall.
      The Virtio Drivers is the best thing happen for us using virtualization
      on linux KVM.
      The Speed is way better. Have made some very sick test yesterday with
      a lot of torrent stuff , just to see how it perform and i'm impressed.

    I have these packages installed.

    darkstat ,squid ,squidGuard ,snort and they works fine.

    But , I have a very strange problem.

    I have the exact same firewall rules from the 2.01 ,
      but the HOST "bare metal" can only ping , wget The Internet nothing
      else.. All my KVM and Openvz no problem.

    When i try to connect from the outside WAN in , I can access
      all my KVM , OPENVZ but not the HOST.

    So i altered on of my working firewall-rules to redirect from a
      KVM to the HOSTS (hangs). When i altered it back it works.

    Setup :

    Host : Proxmox 2.2 - newest.

    HOST ip : 192.168.2.90

    3 bridges interface

    LAN  : 192.168.2.41
      WAN : 192.168.1.41
      DMZ : 192.168.3.41

    SSH from LAN 192.168.2.x to HOST (Fine).
      SSH from DMZ to HOST (Fails).
      SSH from DMZ to not HOST (works).
      SSH from WAN to HOST (Fails).
      SSH from WAN to not HOST (works).
      SSH from HOST to WAN (fails).

    And of course the newest 2.1Beta version.

    I'm confused... And Again when i switch back to 2.01 , no
      problems at all...

    /Best Michael

    1 Reply Last reply Reply Quote 0
    • M
      michaelvv
      last edited by Nov 21, 2012, 7:32 AM

      Hi Again.

      Am I the only one here using KVM + virtio ???

      When changing virtio to e1000 , everything works as expected…

      /Best Michael

      1 Reply Last reply Reply Quote 0
      • M
        msi
        last edited by Nov 22, 2012, 10:31 AM

        cmb merged a virtio update - pfSense will likely then contain more recent virtio drivers from 8-STABLE.

        I hope I didn't mess up anything - care to tests snapshots?
        (I'd say starting november 22/23rd I guess)

        1 Reply Last reply Reply Quote 0
        • M
          msi
          last edited by Nov 23, 2012, 2:44 PM

          I took a snapshot from 22th, the virtio modules all are loadable inside a KVM box (only basic Ubuntu precise with virt-manager)

          For installing on virtio-only environment, including virtio block device you'll want to check this out, it's still applying:
          http://doc.pfsense.org/index.php/VirtIO_Driver_Support

          Would be interesting to know if it makes a difference for you now with these modules.

          1 Reply Last reply Reply Quote 0
          • S
            soleblaze
            last edited by Nov 25, 2012, 12:55 AM

            I've been trying to get this to work for awhile before figuring out that this was my issue.  I'm using November 23rd's snapshot.  e1000 drivers work fine.  When I switch it to virtio NAT fails to work.  It will work again when I switch it back to e1000.  the virtio_blk and virtio_balloon drivers appear to work fine.

            1 Reply Last reply Reply Quote 0
            • M
              Mattz
              last edited by Nov 25, 2012, 2:58 PM

              I was able to load the Virtio drivers, but on new installs I can't at the moment.

              I was also not able to generate traffic on my previous configured Virtio Nic… so I wonder what goes wrong here.

              1 Reply Last reply Reply Quote 0
              • M
                msi
                last edited by Nov 25, 2012, 4:15 PM

                Just to not be the only bad voice ;-)

                Fresh installs with snaps from 22 and 24th in both VirtualBox and KVM have loadable and save-able virtio modules here.
                Still not sure if I can simulate the networking inside a local environment to confirm that there are regressions otherwise.

                1 Reply Last reply Reply Quote 0
                • M
                  msi
                  last edited by Dec 3, 2012, 9:52 AM

                  As conclusion from my side:

                  • FreeBSD VM and pfSense LAN devices (virtio) connected to an isolated virbr on Debian Squeeze
                  • WAN device on pfSense is an e1000

                  NAT works this way quite well :-)

                  NAT works so far. I've had some whacky results with virtio_blk however, not sure if that's a local issue but
                  for pfSense if_vtnet is likely the most interesting part.

                  1 Reply Last reply Reply Quote 0
                  • C
                    c0mputerking
                    last edited by Aug 2, 2013, 6:43 PM

                    Just to confirm in the beginning (a couple of weeks ago) the only way i could get NAT working was using the virtio for WAN and e1000 for LAN
                    it seems this is/has been fixed as of lately could this have to do with hardware checksums as i have read the post below and adjusted the offload setting and a couple of reboots later i have 2 virtio interfaces WORKING now even for NAT

                    http://forum.pfsense.org/index.php/topic,50128.msg340321.html#msg340321

                    Should this option always be disabled when using virtio interfaces anyway??

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.