Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Hosting services in pfSense

    Scheduled Pinned Locked Moved General pfSense Questions
    14 Posts 6 Posters 1.6k Views 5 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • NollipfSenseN Offline
      NollipfSense @nunu
      last edited by

      @nunu said in Hosting services in pfSense:

      How are the services installed?

      As packages.

      pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
      pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

      1 Reply Last reply Reply Quote 0
      • N Offline
        nunu
        last edited by

        How about installing as a virtual machine? For example bhyve is available from packages. If the service was a VM, is it possible to block the traffic from the VM?

        The other way around, I don't understand how pfSense could be installed as a virtual machine, how is it able to use the hosts interfaces?

        @nollpfsense How are the services started then? Is it something in the package?

        GertjanG 1 Reply Last reply Reply Quote 0
        • GertjanG Offline
          Gertjan @nunu
          last edited by

          @nunu said in Hosting services in pfSense:

          How are the services started then? Is it something in the package?

          It's all open ^^ I'll give you a hint : /usr/local/etc/rc.d/

          @nunu said in Hosting services in pfSense:

          how pfSense could be installed as a virtual machine

          Have one running @home in a Hyper-V VM Win Pro as my main router/firewall.
          Just slap some NICs in your desktop, assign a LAN NIC so your other local devices can join, a WAN NIC that goes to your ISP-whatever-connection-device-plug and done.

          Btw : pfSense has all the doc freely available on te net. Did you saw it ? There are several VM examples.

          @nunu said in Hosting services in pfSense:

          For example nginx is available (it looks like apache is missing...)

          And before, we had lighttpd as the web GUI server.
          I never understood why it's now nginx - or, why not, apache, as these are industrial strength web servers. The web server of pfSense is used, ones in a while, by just one person, the admin. Not half a million.

          No "help me" PM's please. Use the forum, the community will thank you.
          Edit : and where are the logs ??

          1 Reply Last reply Reply Quote 0
          • N Offline
            nunu
            last edited by nunu

            The easiest in the home/home office use would be to settle to use a smaller device. ARM is supported if it is compiled from community sources. Is it possible to get ARM pkg updates even if compiled from a community edition?

            At least the bhyve has a setting if the VM should start automaticly. This must be the type2 not recommended, hosted VM.

            NollipfSenseN 1 Reply Last reply Reply Quote 0
            • NollipfSenseN Offline
              NollipfSense @nunu
              last edited by NollipfSense

              @nunu So, you wanted to run pfSense as a VM or did you wanted to install a VM unto pfSense? If it's the former, there are several examples available as Gertjan pointed out. I learned pfSense by installing it on a VirtualBox VM then, graduated to a dedicated hardware later.

              pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
              pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

              Cool_CoronaC 1 Reply Last reply Reply Quote 0
              • Cool_CoronaC Offline
                Cool_Corona @NollipfSense
                last edited by

                I run pfsense in nothing but VM's.

                Running it bare metal has so little to offer performance wise compared to the flexibility of vm's and the scalability

                johnpozJ 1 Reply Last reply Reply Quote 0
                • johnpozJ Offline
                  johnpoz LAYER 8 Global Moderator @Cool_Corona
                  last edited by

                  @cool_corona said in Hosting services in pfSense:

                  Running it bare metal has so little to offer performance wise

                  While I agree with you if you have a decent VM host hardware. Flexibility and scalability can not be beat with some decent VM hardware.

                  Where hardware wins hands down is maintaining connection when you have to do maint on your VM host ;)

                  There are way more things that happen from a maint point of view that require VM host reboot compared to a little box just being the firewall.

                  When I up'd my internet connection speed, my old vm host couldn't do it. So I had a choice upgrade to a beefier VM host.. Or downsize my whole vm thing, and break out router to hardware. While I do miss the ease of playing with snapshots of latest and greatest pfsense without a care in the world, because could always just boot the snapshot I took on the host if something went wrong. I do like now being able to reboot my nas (has vms and dockers on it - none of which are resource hogs or required for my network to function).. And still have full connectivity.

                  And I can still play with pfsense on a VM if want to play with latest dev version or test a snapshot version, etc.

                  And while if you understand VM networking, etc. It not difficult to use a VM running on your host for your firewall/router for your whole network.. It is a bit more complex than just booting some hardware and plugging in wires..

                  I ran pfsense as VM for many years - and it worked great.. But hardware for your router/firewall does have some advantages for sure. It really comes down to skill set of user, what hardware they have or are willing to purchase.

                  Either way works.. I would be hard pressed to find a reason to go back to doing it on a VM though.. But if I was more into VMs and had hardware with the spare cycles on the host - sure I would run it on VM again.

                  An intelligent man is sometimes forced to be drunk to spend time with his fools
                  If you get confused: Listen to the Music Play
                  Please don't Chat/PM me for help, unless mod related
                  SG-4860 24.11 | Lab VMs 2.8, 24.11

                  Cool_CoronaC 1 Reply Last reply Reply Quote 1
                  • Cool_CoronaC Offline
                    Cool_Corona @johnpoz
                    last edited by

                    @johnpoz

                    I run everything on Super Micro 5019D in several variants.

                    Started with old IBM X3650m3's that cost close to nothing with redundant power and bulletproof performance.

                    I run them all in vmware clusters and always more than one way in so I can manage everything remote despite one of them going down.

                    DRS takes care of the performance clusterwise

                    johnpozJ 1 Reply Last reply Reply Quote 0
                    • johnpozJ Offline
                      johnpoz LAYER 8 Global Moderator @Cool_Corona
                      last edited by

                      @cool_corona said in Hosting services in pfSense:

                      Super Micro 5019D

                      And how much did you pay for that? ;)

                      There is a big difference between that hardware and say my ds918+ nas that currently running vms and dockers on.. hehehe

                      Like I said if you have the hardware, then yeah its very desirable setup.. Especially if you have a HA cluster ;) heheheh -- Sorry but do you think the OP has that skill set or hardware from how they are talking about running VMs on their pfsense hardware? ;) Really??

                      An intelligent man is sometimes forced to be drunk to spend time with his fools
                      If you get confused: Listen to the Music Play
                      Please don't Chat/PM me for help, unless mod related
                      SG-4860 24.11 | Lab VMs 2.8, 24.11

                      1 Reply Last reply Reply Quote 2
                      • N Offline
                        nunu
                        last edited by

                        What open source virtual machine would you recommend if the host os was FreeBSD?

                        The pricepoint looks nice looking at the Netgate consumer products and I'm sure if someone is buying new consumer hardware would find a good solution from those. Nice package, good software and enough hardware, low power.

                        I have tried installing pfSense just yesterday in an old ARM64 device. If the /etc was copied from the x86 the device just deleted every file in the disk. Is pfSense a community edition? How do you install the pfSense in an ARM system?

                        with best regs, nunu

                        1 Reply Last reply Reply Quote 0
                        • stephenw10S Offline
                          stephenw10 Netgate Administrator
                          last edited by

                          Compile your own image for that specific system complete with all the required hardware details and customisations. Then flash it. 😉

                          In reality, unless you're an experienced developer with both ARM and FreeBSD, you don't.

                          Each of the ARM devices we have built images for required significant development effort.

                          Steve

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.