PFsense with SR-IOV virtual function NIC

gandolf

Just in case for anyone like me who want to use SR-IOV VF for their LAN side interface, you need to add 'hw.pci.honor_msi_blacklist=0' to /boot/loader.conf.local file. If the file does not exist, create one manually. This is due to the limit of FreeBSD kernel.

TrevorX

@gandolf:

Just in case for anyone like me who want to use SR-IOV for their LAN side interface, you need to add 'hw.pci.honor_msi_blacklist=0' to /boot/loader.conf.local file. If the file does not exist, create one manually. This is due to the limit of FreeBSD kernel.

Hi Gandolf,

I'm trying to get pfSense set up as a VM on my Hyper-V 2016 server - the host has an Intel S2600SO4 mainboard, Xeon E5-2670's, and a genuine Intel i350-T4 NIC - checking the SR-IOV flags shows the hypervisor is fully enabled. But I have no idea how to enable SR-IOV within pfSense - I was able to find this, which provides the 'iovctl' command, but lacks context or examples, so I have no idea how to inspect pfSense for the PF (Physical Frame) or VF (Virtual Frame) device names to parse to the iovctl command.

Your post was very limited, but can I infer from it that you have actually managed to get SR-IOV working to a pfSense VM? Are you using Hyper-V, or some other hypervisor? It really shouldn't matter, as the pfSense VM configuration should be identical irrespective of the hypervisor - the SR-IOV spec is an open standard, so the way it is passed through to the VM should be universal. Is there any chance you could post your procedure for getting this working?

Thanks,

Trevor

gandolf

Hi,
The command you found only applies when using FreeBSD as the host so it won’t help you in your case. I am using VMware Vsphere 6.5 as the hypervisor. What I did was turn on SR-IOV in Vsphere, and choose vNIC type as SR-IOV passthrough when creating the pfsense VM. You need to turn on SR-IOV function in the hypervisor and see the virtual functions appearing, then you can pass them to your VM. Unfortunately I don’t have any experience with HyperV so I cannot walk you through the steps but the general idea should be the same.

riahc3

Im trying to do the same thing in ESXi 6.7 and pfSense. What did you do?

ITFlyer

@TrevorX Did you ever find a way to get this to work? I'm looking to set up SR-IOV in my virtualized pfSense under Hyper-V 2016 with the exact same NIC as you.

provels

@ITFlyer Hello again. I found this, appears it may be FreeBSD's lack of support of SR-IOV in any version as Hyper-V VM. https://docs.microsoft.com/en-us/windows-server/virtualization/hyper-v/supported-freebsd-virtual-machines-on-hyper-v#table-legend