Issue Bridging OPT1 & LAN for 10GB link into VM Environment

heper

most network cards aren't capable of being a switch (yes some are). No software-router on the planet is currently capable of forwarding 10Gbe wirespeed … this might change at some point.

pfsense maxes out at 2.5Gbe wirespeed, no matter what ultra-core cpu you throw at it.

cbutters

@heper:

most network cards aren't capable of being a switch (yes some are). No software-router on the planet is currently capable of forwarding 10Gbe wirespeed … this might change at some point.

pfsense maxes out at 2.5Gbe wirespeed, no matter what ultra-core cpu you throw at it.

I'll be happy with 2.5Gbe speeds over 1gbps speeds 312 MB/s will be much better than the 125 I get now during large file copies. For reference, the NICs in the pfsense box are PCIe 10GB Intel NICs

johnpoz

At airport on phone but yes just create new network your rules could be any any if u want but pfsense is not your typical soho router that comes with switch ports but i hear future appliance might have some switch ports. Can anwser in more detail when get home

robi

If your physical host has at least 3 network cards (and pfSense runs as a virtual machine), do it like this:

• create a virtual switch for WAN, add one physical network card to it (connect it to your internet), and add pfSense's WAN port here
• create a separate one for LAN, add the other two 10GBe network cards to it, add pfSense's LAN port here, and your other virtual machines ports also
• connect your PC to one of the free 10GBe ports.

cbutters

@robi:

If your physical host has at least 3 network cards (and pfSense runs as a virtual machine), do it like this:

• create a virtual switch for WAN, add one physical network card to it (connect it to your internet), and add pfSense's WAN port here
• create a separate one for LAN, add the other two 10GBe network cards to it, add pfSense's LAN port here, and your other virtual machines ports also
• connect your PC to one of the free 10GBe ports.

That's exactly what I'm doing. Its the configuration in pfsense after the VM stuff has all been configured that is giving me problems.

I haven't been able to test the suggestions on the thread yet, but I will in a few hours once I get off work.

robi

If you do what I wrote above, you don't need any bridge in pfSense. "Bridging" is done by the virtual switch, and not by pfSense.

cbutters

I was able to take the advice given on this thread.
My workstation is on a different subnet, but can still talk to both internet and also devices on other networks. There are still a few little issues with getting things to talk correctly, but I'm able to copy files to the server at ~480 MB/s which is pretty dang good. (still need to add a few vdevs to the ZFS pool to see if its pfsense maxing out or if it is my drives.) Much faster than gigabit and I'm happy with it.

Edit: Anybody know why when I send to devices From LAN2 -> LAN1 I get 480 MB/s, but when I receive files from from LAN1 -> LAN2 It goes 180 MB/s? Anything I can try to tune to help?

cbutters

I'm sorry if this post is going on too long. I'm just really excited….

As I show in my initial diagram, I'm using PFSense virtualized in ESXi on the 192.168.1.0 network, passing a 10gbe NIC to ESXI and linking  up a physical workstation directly into the 10gbe plug  on the 192.168.2.0 network in order to avoid having to purchase a costly 10gb switch.

So I have pfsense working as the (layer 3) link between the two networks bridging the gap between the virtualized network and the physical network.

Initially I was getting 480 MB/s sending to the VM network and ~180MB/s downloading from the VM Network.

I just got jumbo frames working across all networks and I'm BLOWN away...
I'm peaking at over 1.0GB/s during file transfers  (yes that's 8gbps+!) both up and down with jumbo frames enabled and averaging ~650 MB/s on large file transfers.  (And it's probably my 950 PRO or ZFS Array that is capping out, I'll have to load up a RAMDISK and see what I can really push across the link. :)

PFSense really is very capable!

edit: For extra LOLs, the 10gb connection is running over CAT5e 350mhz and seems to be doing fine. (because that is all I have in the wall.)

nef

This post is deleted!

nef

@robi said in Issue Bridging OPT1 & LAN for 10GB link into VM Environment:

• create a separate one for LAN, add the other two 10GBe network cards to it, add pfSense's LAN port here, and your other virtual machines ports also

Hi! Sorry for retrieving this thread after few years, but I'm trying now to accomplish this virtual switch on Xen (XCP-NG). However, I can not create any network with more than one physical interface. Is it possible to make this kind of virtual switch on XCP-NG? Thanks!