PfSense 2.2 not passing traffic, but ping does get through
-
I am having no problems putting traffic through modern pfSense installs on a modern proxmox VE installation using the virtio drivers.
I, too, suffered from the issue with XenServer but there were fixes (using HV drivers or disabling the checksums in the VM).
-
@derelict could you please run iperf from pfsense to the host and copy&paste the output here? And maybe from a linux vm to the host?
Many thx
-
Full speed, but I only have 350/30 here.
The problems on XenServer resulted in almost no throughput when using TCP, like single-digit kilobits-per-second. If you are seeing just lower-than-expected throughput then it's a completely separate issue and you should start a different thread.
Don't performance-test by running iperf on the firewall. Test through the firewall.
-
@derelict thx for your replay, i already stared a thread "https://forum.netgate.com/topic/138988/pfsense-on-kvm-slow-network-speed" but nobody replayed, that's why i asked here. ^^
i am more interested in throughput between two local subnets through the firewall than between local net and internet. -
1.6 Gbit/sec between two VMs in each direction. Single-stream TCP.
iperf3 hosts are on 1302 and 1201.
-
Sorry for adding to an old post but just wanted to add another +1 to this in case someone else is struggling.
Anything ICMP related seemed to work fine (ping, trace route etc) but no web, ssh, telnet, etc.
under System / Advanced / Networking; disabled Hardware Checksum Offloading, saved the setting and everything seems to have sprung into life again.
pfsense: 2.4.4-RELEASE-p3
vm host: ubuntu 16.04.6
using KVM and virtio NICs -
@Bullz3y3 Hello..
here same situation... really frustrating..I have tried any kind of network card in proxmox.. can't reach internet from the virtual lan.
If start all lan virtual machines and I reboot the pfsense.. all works.. if i restart a lan VM with pfesense running, no internet connection...
ooh s***!!!
-
My entire lab is in proxmox. Works absolutely fine.
It is key to disable the checksum offloads or you won't be able to pass traffic reliable becasue the checksums will fail due to the way the networking stack in proxmox/kvm works. This is not an uncommon requirement in other hypervisors either.
-
But it is the first setting that i have made on pfsense after installation..
I have tried to change the network type..and nothing.. and the fact is that this error replicate in any other proxmox host installation....
-
I do not have such problems. Those settings should only be needed on guests that actually pass traffic through them.
I have never needed to do anything special on guests that simply transmit and receive traffic on one interface (Linux, Windows, FreeBSD, etc).
-
-
No idea about e1000. I always use virtio.
I do know that these checksum issues were completely absent in XenServer when you disabled PV NICs but you had to tweak the VM interfaces to not use checksums if you used PV NICs so what you have might behave completely different from what I am doing.
-
e1000 is only one of the test changing ethernet card type.
I was using virtio first.. same problem -
if I apply the reboot with re-run startup sequences all works newly in the lan...
really strange -
@Derelict installed now windows 10, and don't have the network problem that affect linux vps...
-
@bullz3y3 Have same issue in 2021, and fixed by changing the Network Type from Virtio to e1000 also. Your finding in 2015 is still helping others. Thanks.
My case is having a PCI Passthrough WAN, and 2 bridge LAN, hosted on KVM on debian 10
