As an update on the topic, I have updated to 2.4.5-p1 and changed the virtual driver to virtio instead of e1000.
This has greatly improved the stability of the pfSense and the high traffic induced network loss have disappeared.

We still experience some random network loss that are under investigation.

@firerobin said in pfSense VM latency and WAP performance issues:

@bmeeks Thanks again for the info. I'll ask around in neighborhood forums to see if anyone else is having issues with their xfinity connection. Hopefully I can find someone as knowledgeable as the folks in this forum, but then they'd probably already be on top of the issue 😬

Would this problem be as noticeable if they have a higher bandwidth service plan?

If you have issues with the node you are served from, a higher speed tier is not likely to help. An overloaded or malfunctioning node would be expected to affect all speed tiers. The one exception might be if they moved you to another node for a higher tier, but that is extremely unlikely as the node serving you is usually fixed due to the realities of coax cable routing on the poles.

To test and make sure a saturated uplink is not your issue, play your game at a time when you are 100% certain nobody else is using your Internet connection but you and your gaming machine. No streaming or anything else going on. If you have problems then, it is likely to be an upstream ISP problem. If you have no issues, then somebody really loading up on downloads can hurt your gaming and ping times as all the ACKs from the busy downloads can eat up the upload bandwidth.

@viragomann said in Running pfSense 2.4.4 over a KVM VM in PROXMOX 6.1.5.:

You will get the best benefits of the processor features, when using host type. This passes all the features of the processor through to the VM, while KVM64 provides only a small amount of common features. For instance, KVM64 doesn't make use of AES-NI, even if your host CPU supports it.

with kvm64 you can set extra cpu flags though, including AES. All via proxmox gui.

Bonjour,

Alors moi aussi je suis en train de faire ce setup avec comme but de garder Livebox , TV et phone de coté.
Donc je regarde cette doc :
https://wiki.csnu.org/index.php/Fibre_orange_en_DHCP_avec_routeur_pfsense
J'ai acheté un switch microtik 260gs, parce que je suis un geek et que c'est bien foutu ces switch pour pas chère :)

Bref en attendant d'avancer sur ce setup j'ai ma solution intermédiaire pour la partie TV
Sur un switch qui supporte les vlan je créé un vlan spécial ou je branche et j'isole du reste de mon réseau la livebox et la box tv. Bien entendu j'ai du tirer un câble de mes serveurs vers ma tv mais je suis bien content du résultat.
Après je n'ai rien inventé j'ai suivi l'idée de la doc ci dessus :
"Enfin, dans le cas ou vous ne pourriez pas brancher directement le port LAN de la livebox à votre décodeur, il est possible (à condition que le switch gérant votre lan soit manageable et supporte les VLANs) de brancher le port LAN de la livebox directement à votre switch de LAN et d'y taguer les paquets sur un VLAN (666 dans cet exemple). Cela impose d'avoir un second switch sur votre lan, qui sera, lui, directement connecté au décodeur et qui doit être lui aussi manageable afin de détaguer du VLAN 666 les paquets pour le décodeur. "

Tous ça pour dire que je pense que virtualiser pfsense dans proxmox peut ajouter plus de complication que de solution. Mais c'est intéressant de monter ce setup

Quand j’aurais le temps d’avancer sur ce setup j'ajouterais des infos.

@+

@stephenw10

I have rechecked my NAT rules and it appears it was natting on the Vlan, which was causing a double NAT, which was why it was showing PFsense's Interface address! Thanks for the help anyhow