2.3.1-p1 64 bits FREEZE on VmWare ESXi 5.1

  • Hello

    I have a pFsense 2.3.1-P1 64 bits installed in my VmWare ESXi 5.1 (new install not migration)

    • Vm installed with SE client :  FreeBSD (64 bits)
    • VmWare tools package installed
    • Packages installed : CRON / Open-VM-Tools / openvpn-Client-Export / Squid / SquidGuard
    • 4 vNic with WMXNET3
    • 2 Vproc / 3Go Ram
    • 30 Go space on Hard disk (25 Go free)

    Works :

    • 2 tunnels Ipsec
    • Multiple OpenVPN Server
    • Routing between multiple network
    • Squid Proxy (SquidGuard is disable)
    • Firewall between multiple interfaces (Vlans / vnic / …)

    my Pfsense freeze anytime with no specific logs .

    Any idea ?

    Thanks by advance.


  • Your ESXi is very old and does not support FreeBSD 10.  Go to at least 5.5U2 or 6.0.

  • As you can see http://www.vmware.com/resources/compatibility/search.php?deviceCategory=software, FreeBSD 10.x is supported from ESXi 5.5U3.

  • LAYER 8 Global Moderator

    ^ if you expand that window you will see that 5.5u2 is when 10.x was first supported

  • Thank you for your answer.  :-\

  • Unsupported OS for your ESX version might be why. But define "freeze", is it accessible at the console? On the network at all?

  • LAYER 8 Global Moderator

    While I concur with your curiosity cmb, not sure why we should even be curious about issues he is having when its not a supported setup.

    Clearly vmware has problems with 10.x of freebsd if not on min 5.5u2, or vmware would state that they support it on previous versions.  So while some things might function.  Its not a supported configuration by vmware.

    My suggestion would be get on supported setup, if still having problems then can dig deeper.

  • ESX has a very long history of working perfectly fine with FreeBSD versions that are newer than those technically supported. I've been running newer than supported since at least 2002 and have yet to see a problem myself. I can only recall one instance (outside general ESX bugs that need a patch update) where upgrading ESX to one technically supporting that FreeBSD version helped anything.

    The problems people describe as "freeze" vary so widely it's a completely meaningless description without further classification of what it means. IP conflict making the LAN IP unreachable? FREEZE! Lose network connectivity because of something at the host level? FREEZE! Pretty much every possible problem has been described as "freeze" by someone here at some point, often when nothing is actually "frozen".

  • LAYER 8 Global Moderator

    I agree with the FREEZE description being pretty much useless as well like saying my car is broke.

    The one that always gets me is internet doesn't work.  Well what doesn't work your browser doesn't launch, dns not working - did you even get a freaking IP address, etc..

  • @johnpoz:

    I agree with the FREEZE description being pretty much useless as well like saying my car is broke.

    The one that always gets me is internet doesn't work.  Well what doesn't work your browser doesn't launch, dns not working - did you even get a freaking IP address, etc..

    I agree with you, the word "FREEZE" is generic, not technical analyse…
    When this problem arrive (Freeze) i am not present, but the people report :

    • No vpn works (openVpn + Ipsec)
    • No routing between networks works
    • No SSH connexion to the PfSense
    • I don't now if console works. ...

    When i watch the monitoring about Processor the graph is on 0.

    Need a hard reboot in VmWare for restart.
    I 'am sure i have not duplicate ip adresse.


  • @faesis:

    I 'am sure i have not duplicate ip adresse.

    That wasn't necessarily a suggestion specific to your thread, just that people have described such a circumstance as such.

    The fact your monitoring graphs are null during the time suggests the VM is actually frozen. Knowing whether or not it's responsive at the console would fully confirm or deny that.

  • I am running 8 pfSense VMs on VMware ESXi 5.1 without issue:

    2.3.1-RELEASE-p1 (amd64)
    built on Tue May 17 18:46:53 CDT 2016
    FreeBSD 10.3-RELEASE-p3

    Utilizing VMXNET3 on all 4 interfaces
    VM version 9

    I recommend deleting the Floppy & CDROM devices
    Don't sync time with ESXi server
    Ensure you have FREE BSD(64bit) for chosen OS version

    Not in the same: Not supported vs does not work

  • LAYER 8 Global Moderator

    Good for you - but why??  Would be the question for what good reason would you have to run an OS on an unsupported version of vmware?  Seems wreakless to me..  There is one thing if your in a home setup, anotherthing if production.. Running 8 of them sure seems like more than your typical home network to me.

    So your corp policy allow for running software that is not considered supported setup?

    Sure doesn't seem like something I would be bragging about…  You happy you run a version of esxi that came out in 2012 in your environment?  You still got some XP too?  Maybe windows 95 machines or 2k?

  • I am NOT narcissistic.

    My experience is that it works various environments (hardware) without issue. I support about 30 SMB whose hardware is NOT certified with <esxi5.1. <br="">As an IT consultant, I don't depend upon expensive support contracts with vendors. SMB typically pays their solution provider for professional services. My company would rather capture that revenue rather than giving to vendor. If you are careful you can get away with such. Hardware/software vendors want to sell products; planned obsolescence. While VMware is NOT guilty of such in my experience. Their parent company EMC is very heavy handed in planned obsolescence. Product life-cycle is determined prior to a product making it to market. IBM releases AIX systems every quarter (used too anyway). EMC is introducing new products every 18 months.

    While I have 10+ yrs in VERY large Enterprise IT shops, I cut my teeth in the SMB market. Sad to say that often we found ourselves with NO vendor support or maintenance. Due to poor procurement practices or funding issues. I am referring to U.S. Federal entities, specifically DoD. And now you know why the U.S. Government IT infrastructure is so easily compromised.</esxi5.1.>

  • LAYER 8 Global Moderator

    Sounds like a shitty job to me, working with old shit day in and day out ;)

    That your smb has hardware that is so old they can only run version that came out 5 years ago, again much suck working with such crap…  Sure they are big spendings and pay the big bugs out for support working with such old shit..

    I can fire up windows 3.1 on a vm as well.. Doesn't mean something should be doing...