PfSense Installer optimizations



  • I am running pfSense on top of VMware ESXi 4.0. When I run pfSense off LiveCD, with a no frills setup (just assigning LAN and WAN interfaces and doing a ping from shell), the WAN interface has no problems. It gets an IP from my ISP. The pfSense installation can ping to the Internet.

    Immediately after, I did an installation to disk. After finishing, the boot up of pfSense from disk hangs at "Configuring WAN interface…". It does not hang if I unplug the WAN cable before "Configuring WAN interface...". Doing so obviously results in no IP from the ISP's DHCP server.

    Shouldn't the configuration present with the live CD be the same as the installation to disk? I tried saving all the live CD config off the Web GUI, booting without the WAN cable, and restoring that config through the Web GUI. No cigar.

    I noticed that the pfSense installer detects VMware and applies some optimizations. Could somebody provide me with some info about these optimizations? Are they driver related, perhaps related to this interface issue? How can I reverse them?

    I must note that I am using a somewhat peculiar setup. The virtual machine that I run pfSense off of has the following specifications:
    256 MB RAM
    1 vCPU
    1 E1000 Intel virtual NIC
    1 Intel Pro 1000 GT PCI physical NIC passed through to the VM with Intel VT-D/VMdirectpath It is essential pfSense have access to a physical NIC. I also tried a Netgear GA311 (Realtek based) NIC in the same slot.

    I first thought that this "PCI passthrough" might not be so transparent, perhaps affecting the functionality of the NIC. I installed FreeBSD on this virtual machine and setup the NIC with NO issues. Also there are no issues with Opensolaris, Windows XP, and Windows 2003 Server. I am fairly certain that the functionality of the NIC has not been affected.

    I was wondering if the "VMware optimizations" applied by the installer set the driver on all the NICs to one for E1000…this could cause the malfunction of the Pro 1000 GT NIC.

    Some other observations:

    Boot up from live CD results in NIC staying online (through the hardware detection, past the LAN/WAN assignment) until "Configuring WAN interface", then going down for 2-3 seconds, then coming back up, then the screen printing "...done"

    Boot up from disk results in the NIC going offline for 1-2 seconds once during hardware detection, then going down again at "Configuring WAN interface", then going back up, whereupon pfSense hangs.

    And finally, boot up from disk without the WAN cable results in a smooth boot, but obviously no WAN connection.

    Advice on how to troubleshoot this would be much appreciated. I apologize for the long thread.

    Thanks!



  • When using ESX I never pass the NIC through physically.  I just create two bridged NICs of the e1000 type and that works fine.



  • Thanks for your reply sullrich.
    I am quite certain ESX cannot bridge NICs. Other VMware products can (perhaps you're thinking of VMware Workstation or VMware Server).

    The issue is still outstanding.



  • Yep you are right.  I just add two nics (do not pass through.)





Log in to reply