HyperV VLANs inquiry

_neok

Good morning,

I have some questions about how to work correctly with VLANs on a virtualized pfSense 2.4.3 in HyperV Server 2012R2.

When I used a physical pfSense I defined my VLAN interfaces in pfSense without problems.

For example, I introduced to a port the trunk that came from my switch and lifted the VLAN interfaces in my pfSense and I had no problem.

About HyperV this didn't work for me. If I create a VLAN interface on the port where my trunk enters I can't get connection to the VLAN. I had to put the virtual NICs on the VLAN I need to be able to use them. The thing is that HyperV limits me to 8 virtual NICs and there it complicates things a bit.

Does anyone with more experience know if there is a better way to work with VLANs in this scenario?

I thank you for your experience and help.

Have nice day!

Best regards

Gabriel

CPrat

You just have to create a vNIC that is a trunk in hyper-v, which can only be done in powershell. I have 3 vNICs on my pfSense, 1 for the WAN, 1 for the LAN (Trunk) and 1 to sync with my secondary pfSense

I use Windows 2016, but this commands work on 2012R2 as well

With this command, you make a vNIC act as a trunk, configuring which VLANS can go through it (VLANs 0 to 200 in this case):

Set-VMNetworkAdapterVlan -VMName pfsense01 -VMNetworkAdapterName TrunkLAN -Trunk -AllowedVlanIdList 0-200 -NativeVlanId 0

Make sure to enable MAC spoofing on the Hyper-v network

To check that your vNIC was configured properly:

Get-VMNetworkAdapterVlan -VMName pfsense01 -VMNetworkAdapterName TrunkLAN -Verbose | select *

PS: Notice that I changed the name of the vNIC to "TrunkLAN", which cannot be done through the hyper-v GUI either, you need to use the command Rename-VMNetworkAdapter
PSS: If you make any change on the GUI for that network adapter, you will lose this configuration, since hyper-v will overwrite the vNIC settings

CPrat

This post is deleted!

_neok

@cprat It works like a charm! Thank you very much @CPrat !
And if it's true... when I applied changes in the GUI I lost everything... I had to reconfigure it. And not only that, if I restart the VM I also lose the configuration and I have to reapply them... Oh my god microsoft for when we improve this?

Thank you very much for the help!
Best regards

Gabriel!

CPrat

@_neok You only lose the configuration when you apply settings to the adapters through the GUI.

I restart my VMs multiple times and I have never lost the settings since I configured them for the first time

_neok

@cprat Yes is true. My mistake. Thanks again!
Best regards.

Gabriel

_neok

@CPrat I correct myself. I thought I was wrong. But I didn't...
My VM doesn't keep the Trunk configuration in the vNIC when I restart the VM. And although I can apply it with the VM turned on and I have connectivity of my VLAN interfaces again and of course this is not optimal. My HyperV server is 2012 R2.
The curious thing is that if I review the configuration of my vNIC with

Get-VMNetworkAdapterVlan -VMName firewall01 -VMNetworkAdapterName Trunk_WAN -Verbose | select *

This I get:

it comes out as if it is well configured with my Trunk and the VLANs that I assigned to it, but I just don't have connectivity on my pfSense until I run (live) again

Set-VMNetworkAdapterVlan -VMName firewall01 -VMNetworkAdapterName Trunk_WAN -Trunk -AllowedVlanIdList 0-600 -NativeVlanId 0

I tried VM generation 1 and 2 and I have the same problem. This sounds to me like 2012R2 and 2016 work differently at this point.
A real shame...

_neok

@_neok said in HyperV VLANs inquiry:

@CPrat I correct myself. I thought I was wrong. But I didn't...
My VM doesn't keep the Trunk configuration in the vNIC when I restart the VM. And although I can apply it with the VM turned on and I have connectivity of my VLAN interfaces again and of course this is not optimal. My HyperV server is 2012 R2.
The curious thing is that if I review the configuration of my vNIC with

Get-VMNetworkAdapterVlan -VMName firewall01 -VMNetworkAdapterName Trunk_WAN -Verbose | select *

This I get:

it comes out as if it is well configured with my Trunk and the VLANs that I assigned to it, but I just don't have connectivity on my pfSense until I run (live) again

Set-VMNetworkAdapterVlan -VMName firewall01 -VMNetworkAdapterName Trunk_WAN -Trunk -AllowedVlanIdList 0-600 -NativeVlanId 0

I tried VM generation 1 and 2 and I have the same problem. This sounds to me like 2012R2 and 2016 work differently at this point.
A real shame...

I will try do this on HyperV Server 2016.
I will come later y let feedback.
Seeya