[Beginner question] pfsense under Hyper-V tutorial



  • Hello friend

    I have a PC running Windows 10 Pro. I used this as my home media server (the mobo has one Realtek ethernet port). I want to run pfsense on this machine so I recently bought 2x Intel PT Pro single port.

    Now that I have 3 ethernet port (1 Realtek from mobo + 2x Intel PT Pro) I was thinking of doing something like this.

    Both Intel PT Pro will act as pfsense ethernet port (one WAN and one LAN) while Realtek will act as Windows ethernet ports (I hope this is not confusing), hence:

    1st Intel PT Pro will act as WAN port, so modem -> 1st Intel PT Pro. 
    2nd Intel PT Pro will act as LAN port, so 2nd Intel PT Pro -> Gigabit switch -> my LAN (including Realtek port).
    Realtek port will be used as Windows ethernet port, so from 2nd Intel PT Pro -> Switch -> Realtek port.

    Illustration

    So my question: 
    1. Is this the best practice? If yes, can someone provide me a tutorial? I've looked on youtube, pfsense documentation, forums, etc and every tutorial is kinda different so I'm not sure which one I should follow. 
    2. If I do what I said above, both Intel Pro will not be recognized in Windows device manager as they are now dedicated to pfsense, am I right? 
    3. If for some reason I decided to drop pfsense, will simply removing it from Hyper-V bring back both of my PT Intel Pro to be recognized again in Windows?

    Any help will be appreciated and apologize for noob question as my networking knowledge is pretty basic.



  • Unless your switch has Spanning Tree / Rapid Spanning Tree activated this loop will saturate your switch and the ports in pfSense.
    Why do you think you need another port back into pfSense for green Realtek when you have a blue LAN already in place (according to your drawing).



  • @jahonix:

    Unless your switch has Spanning Tree / Rapid Spanning Tree activated this loop will saturate your switch and the ports in pfSense.
    Why do you think you need another port back into pfSense for green Realtek when you have a blue LAN already in place (according to your drawing).

    Because I was thinking to only use the 2nd Intel Pro (blue line) for pfSense LAN (not the host machine) and Realtek (green line) is only used by host machine. Is this a bad idea? If yes, is it better that the 2nd Intel Pro (blue line) is used for both host machine and pfSense LAN?

    So far, I ended up creating 2 external virtual switch inside Hyper-V (1st Intel Pro for pfSense WAN and 2nd Intel Pro for pfSense LAN). I'm still waiting for switch to be delivered though.



  • now I get it … so you're doing this on a Wondows 10 Pro machine. Is that your main workstation or why W10 as host system? How many other clients will be on pfSense Lan being served through this connection?

    IIRC you can bridge your PC (W10 host) to the vSwitch that's configured for pfSense Lan so you don't need the additional physical connection.



  • @jahonix:

    now I get it … so you're doing this on a Wondows 10 Pro machine. Is that your main workstation or why W10 as host system? How many other clients will be on pfSense Lan being served through this connection?

    IIRC you can bridge your PC (W10 host) to the vSwitch that's configured for pfSense Lan so you don't need the additional physical connection.

    Because I need to run a few .NET and some windows only app. For now, probably about 5 wired devices and dozen of wireless devices (mostly smarthome devices).



  • @jahonix:

    Is that your main workstation … ?



  • @jahonix:

    @jahonix:

    Is that your main workstation … ?

    Nope, I have separate PC as my main workstation, the thing that pisses me off is Windows 10 has constant update, so far I just set it on manual update but I don't know if MS will force and update if I keep ignoring that. Probably stupid question, but is there any way for VM inside Hyper-V to survive a windows update?