Need some help with a /28 range of IP's and how to use them



  • I have a server co-located in a datacenter and they gave me a /28 block of IP's.  I am running KVM virtualization on the host, and am building a mini-lab to learn new tech on.

    The DC gave me a 1 gig ethernet drop, which I plugged into an unmanaged switch.  My host has several nics plugged into that switch.  The hypervisor is working correctly, and I have used on  of the IP's for it.

    For my Lab, I created a pfSense VM that has two nics.  One nic is tied to a physical nic on the host, which is plugged into that hardware switch.  This I wanted to use for my WAN connection.  The other nic I have setup to another phyiscal NIC that is bridged so that my KVM guests can share it as a "bridged switch" essentially.

    I have pfSese up and running, and have a few virtual machines up as well.

    Here is my /28 details:

    ***.**5.187.160  <– Network ID
    ***.**5.187.161  <-- Gateway given to me from the Datacenter
    ***.**5.187.162  <-- using for the iLO interface
    ***.**5.187.163  <-- Using for the hypervisor OS
    ***.**5.187.164 through .174 are avaialable for use.
    ***.**5.187.175  <-- Broadcast ?

    I was wanting to use the 187.174 IP address for my pfSense WAN connection.  I will use regular class C networks for the LAN side of pfSense.

    So, I setup my wan connection to have these details: 
    IP address: ***.**5.187.175  using /28
    Gateway: ***.**5.187.161

    I can access the WebUI from my PC at home (setup the firewall rules and put it on a different port for safety).  I can even ping external addresses using the ping and traceroute tools in the pfSense webUI.

    Here's where it gets odd.  My guest VM's will happily get a dhcp address from pfsense.  They can access the webui of pfsense.  They can even resolve and ping addresses outside the datacenter (google, yahoo and a few others ping perfect).  BUT, when I try to access any webpages or do a yum update from them, it doesnt work.

    What am I doing wrong?  My suspicion leads me to believe I have something jacked up on my gateway / WAN configuration.



  • I think I may have found my issue:

    https://doc.pfsense.org/index.php/VirtIO_Driver_Support

    I am using KVM as my hypervisor, and I an running VirtIO NIC's. I ticked that one freaking check box to disable hardware checksum offloading, and rebooted my pfSense machine and BLAM! Everything is working now.

    I spent the weekend dicking around with this. HAHA! And it came down to that.


Log in to reply