ESXi 5 + pfSense 2.0 - 2 or 3 Intel NICs?

A Former User

I am running pfSense 2.0 as a full install (no virtualization).  The current hardware specs are:

CPU                   AMD Athlon II X2 250 AM3
Motherboard           Biostar A770E3 with 2 x PCI Express x1 Slots + 1 x PCI Express 2.0 x16 Slot
Memory                2 x GSkill 1GB DDR3 PC1333
Network Interfaces:   2 x Intel EXPI9301CTBLK 10/100/1000
Storage               1 x Seagate 320 GB
PSU                   Diablotek 350W

Each of the 2 Intel nics (WAN + LAN) are installed on the PCI Express x1 slots. The pfsense box LAN interface is connected to a 24 port unmanaged switch.

I am looking at making better use of the resources in my current pfSense box (as this probably over-powered for a simple home network firewall / gateway) by virtualizing pfSense together with other hosts (eg FreeNAS + a FreeBSD server) on ESXi 5.  I'm aware that 2GB of ram is the minimum recommended by VMware and I am planning to increase this by at least 4GB accommodate a possible ZFS setup on the FreeNAS host (separate issue).

My question is whether there would be any benefit in adding a third intel nic in the PCI Express 2.0 x 16 slot when virtualizing pfsense along with other hosts (or even utilizing the motherboard's onboard nic)?

biggsy

I'm aware that 2GB of ram is the minimum recommended by VMware…

It's the minimum required with ESXi 5.0.

The two Intel NICs will be OK if you don't need another physical network.  You can create a purely virtual network using vSwitches to attach the FreeNAS and FreeBSD VMs.  No need for another physical NIC.

Your onboard NIC (Realtek 8111DL?) may not be recognized by ESXi.  Plenty of stuff out there on what is and isn't supported, as well as some workarounds for stuff that isn't officially supported - http://www.vm-help.com/forum/viewtopic.php?f=13&t=3186

biggsy

A Former User

@biggsy:

It's the minimum required with ESXi 5.0.

Yep, quite right there - thanks for the correction. Definitely not a matter to skimp on then.  Perhaps 8GB would be a better bet?

@biggsy:

The two Intel NICs will be OK if you don't need another physical network.  You can create a purely virtual network using vSwitches to attach the FreeNAS and FreeBSD VMs.  No need for another physical NIC.

By another, I assume that you mean a physical network in addition to one that I already have. If so, then I imagine it's simply a matter of configuring ESXi properly so that both both the VMs and the physical hosts all appear in the same network.

Being an unmanaged switch, I won't have support for VLANs so there is an attendant security risk with this (but marginal given that this is a home network).

biggsy

I wasn't just being pedantic about the 2GB.  I recently tried to install 5.0 with only 2GB and it just wouldn't let me.  Didn't have that problem with 4.x - well, not that I remember.  8GB might be better but it really depends on budget and intended use.  4GB would get you started.

Counting WAN and LAN as two physical networks, if you don't need any more, the two Intels would do the job.

If you wanted to separate the ESXi management network from your LAN you would need one more physical NIC in each of the ESXi host and the PC on which you will be running the vSphere client.  Separation has a number of benefits, not the least of which is the back door to the console of the VMs when you screw up their networking :)

It seems the on-board Realtek 8111DL can be made to work with ESXi 5.0 but the effort is not something I'd recommend if you're just getting started.

A Former User

No, it's ok. There's definitely a big difference between not starting at all and just getting by.

Having the back door into the console would be useful, so perhaps this could be a good use of the spare nic.  You're right about the Realtek adapter too - best to focus on getting it up and running and then look at this later if needed.

Thanks for your help :)