HyperV -> pfsense WAN issue



  • I'm running a hyperV server with 3 nics.
    I have created 3 legacy nics for the pfsense box. (WAN, LAN, Opt1)

    Connected ISP cable directly to the WAN interface
    LAN interface card is tied to a switch for the rest of the LAN.
    Opt1 isnt doing much, got it in there for future purposes. (wifi config)

    I can see on my hyperV server that the WAN is getting an IP address from my ISP. (77.x.x.x/24 with DNS servers etc.)

    But somehow in pfSense I can release\renew what I want, but nothing happening.
    From the command line I did: ifconfig <wan interface="">down. Brought it up again and did: dhclient <wan interface="">Nothing different from release\renew I did within the browser.

    How can I sortoff "bridge" the physical WAN nic (which is resolving the correct ISP details) with my Virtual WAN interface?
    I suppose hyperV should do this automaticly…

    Kind regards,
    Idle</wan></wan>



  • When you look at the "Settings…" of a particular Virtual Machine, you can view/edit the mapping of each Legacy Network Adapter to the Virtual Network you've already set up.

    You can look under "Virtual Network Manager" to see what Virtual Networks you already have created and which you may use "New virtual network" to (obviously) create any new virtual networks needed.

    Between those two is the "bridge" to which you refer.  Does that make sense?



  • Thanks for you fast reply..

    I checked the Virtual Network Manager, and HyperV has made for each interface an External virtual switch. On each External network switch "Allow management OS to share this network adaptor" is enabled.

    So this seems to be ok.

    My current setup is:
    ISP => Router (with DHCP enabled) => pfSense WAN => Via LAN interface of pfSense => Switch (which is tied to Local machines)

    My goal is to get this router out of the loop. So once I connect my ISP cable directly to the WAN interface it won't resolve an IP from my ISP.

    Sidenote: CoreConfigurator on the HyperV server I can see an overview of my NICs and which IP addresses they have. Under advanced network card options I see in the section Disconnected Network Cards "Microsoft Virutal Network Switch Adaptor"
    Could this lead to my problem?
    Link to CoreConfigurator http://coreconfig.codeplex.com/Thread/List.aspx

    Cheers,
    Idle



  • Ah, I see.

    As long as you've got the Virtual Network set up for each physical card, you should be ok there.

    Ok, well, the next question may be rather basic, but I'd rather ask a basic question than miss a fundamental point.  The physical cable between the ISP equipment and the current "Router (with DHCP enabled)", if you plug that directly into, say, a Windows PC, does that PC get an IP address and work just fine?

    I'm assuming that when you say the problem is that pfSense "won't resolve an IP from my ISP", you actually mean something more like "my WAN interface does not get a DHCP address from the ISP.  If so, as is implied above, are you sure your ISP is doing simple DHCP?  There's no PPP-type setup?

    One more question:  when you go to the menu item "Status -> Interfaces", do you see the WAN interface listed as "UP" or "DOWN" or other?



  • This is EXACTLY my problem as well (LAN works but WAN will not get an IP).

    I got 3 NICs. All virtualized. The LAN and WAN are added as Legacy NICs for pfSense to discover.

    If I share the WAN nick with the HYPERV OS it will get a dhcp IP from the WAN DHCP (ISP). Since I do not wish to use up one of my 4 WAN IPs on the HYPERV, I disable IP4 and the rest of the checkboxes.

    Whether I disable IP4 or not in host OS, pfSense does not want to lease an IP from WAN anymore. It actually did it first time I installed it (1.2.3) a few weeks ago. Then suddenly it stopped responding a few days later. I upgraded to latest 2.0 and it still did not get an IP from WAN. I reset to factory settings and voila, it got an IP again. Then a few nights ago, WAN does not respond anymore. I reboot pfSense and nothing. No ifconfig ups and downs or dhclient gets me a WAN ip. Reset to factory. Nada.

    I tried deleting all the Virtual Networks on HYPERV and recreating them anew. Trying bridged NICs (shared with hyperv os) or exclusively setting the WAN for the virtual machines. Enabled IP4 again to check and HYPERV OS still gets an IP from WAN DCHP.

    So what is happening?

    The Host OS gets an IP from WAN with no problems.
    The Guest OS does NOT get an IP from WAN. dhclient just tries and tries and finally tries to failback to its last IP that does not work. All along, there has been new MAC addresses and new "interfaces" as I have recreated the NICs on HYPERV for the guest OS.

    So why can it not get an IP. Is it an OS error? Does the DHCP request get through? Or is it routed somewhere else.

    It worked before, but it does not anymore. I also tried with Untangle. Same thing. Does not want to get an IP from WAN…

    Later today I am going to install FreeBsd 8.1 and see if a clean install of that can get a WAN IP.

    Anyone got any other ideas on what to do?

    Is this a HYPERV thing? All my NICs are REALTEKs.

    I will also try to add the WAN to one of my Windows 2008 Core guest OSs and check.



  • After finding out no other guest OS could get a WAN address, I rearranged my NIC usage.

    I put my trustworthy LAN NIC as the WAN NIC, and 1 NIC for the HYPERV NIC. the last NIC was for LAN exclusively for the virtual machines.

    I noticed that when I bridged one of the NICs (shared mode between Guest and Host) it stopped responding when there was load (VNC remoting). So now after rearranging the NICs DHCP leasing works as it should. I got an IP almost immediately.

    This confirms what I have heard by others. When using HYPERV or other virtualization solutions, go quality on the NICs. I should probably get my hand on a Dual NIC from INTEL. Those are quality. But for now it works.



  • Of my 3 NICs. Only the onboard Realtek was strong enough it seems. The other 2 Realtek PCIs both works nicely on the Host OS alone, but once they got shared with the guest OS'es they stopped responding when loaded with traffic.

    So I just put in 2 new Intel Desktop NICs (2x $50) and the system is now stable.

    I use the onboard as the LAN access for the Host. And the Intels for LAN and WAN for the guest OSes.



  • Wow, that's weird.

    Well, thanks for posting your results and I'm glad you were able to (eventually) resolve it all.  :-)


Log in to reply