pfSense VM on Proxmox: PPPoE only works when parent NIC is PCI passthrough — virtual NIC breaks LAN→WAN traffic
-
I’m running pfSense as a VM on Proxmox. WAN is PPPoE.
If the PPPoE parent interface is a PCI passthrough NIC, everything works.
If I switch the parent to any virtual NIC (VirtIO/e1000) on a Proxmox bridge, pfSense connects via PPPoE and gets an IP, but not all traffic passes. pfSense itself can ping using pppoe0, clients can ping DNS servers, but can't open pages on the internet.What I verified:
PPPoE session establishes normally on the virtual NIC, ookla speedtest on pfSense itself runs just fine.
NAT rules are ok.
Offloading disabled inside pfSense (Checksum/TSO/LRO)
Separate bridges for WAN and LAN
Proxmox firewall disabled
Multiqueue on/off tested
If_pppoe/mpd testedKey issue:
Works with pci passthrough and virtually not working.Looking for ideas: VirtIO/iflib bug? Proxmox bridge issue? Offload problem on the host?
Can anyone replicate issue on the latest version? -
I've used the same Proxmox VM template for IPFire and everything works as expected.
I also tried installing 2.8 from scratch, and it works just fine.
Only the latest beta plus fails to pass traffic to clients. -
Also changing VrtIO to RTL8139 or E1000 also passes traffic to the clients behind the NAT.
So to replicate, create VM that uses VirtIO cards/bridges and do simple config WAN-PPPoE/LAN on the latest pfSense beta, try speedtest on pfSense itself by installing speedtest-go and the try to reach the internet on any LAN client.
Should I report this one on the Redmine? -
@stephenw10, what do you think?
I understand this cannot be show stopper since nobody else mentioned this issue so far, but...
