Extremely strange network issue with virtualised pfsense
-
…if it's Linux (as i'm a Windows guy mainly)
You didn't happen tell ESXi that pfSense was Linux when you built the VM?
It would probably be better to run ESXi 5.1 now than 4.1 now.
-
No, just checked (was going to kick myself if I had), but it's FreeBSD 64bit (identical settings and identical ISO that I built my HP Microserver pfsense from that i'm typing this behind).
The only difference my HP Microserver ESXi has is that it's running 4.1.0 build 502767 versus build 348481 on the Dell.
-
Hold on….......
Does "2.0.1 release (i386)" mean it's a 32bit ISO in a 64bit VM??
This might explain something..... (although it wouldn't explain why the HP Microserver at my home is working fine).
-
348481 is 4.1U1 and the 502767 is 4.1U2
So different ESXi :)
-
…although it wouldn't explain why the HP Microserver at my home is working fine
Maybe your customer's machine is under bit more load than yours and some situation just doesn't get handled properly.
Not sure about that 32-bit image running in a 64-bit VM thing but it's gotta be suspect.
It's probably easier to go straight to 5.1 than it is to update 4.1u1 to u2 or u3.
-
5.1 has some issues relating to FreeBSD and I would suggest 4.1U3 until 5.1U1 is released.
-
5.1 has some issues relating to FreeBSD and I would suggest 4.1U3 until 5.1U1 is released.
What sort of issues? I thought I'd checked pretty thoroughly for any reported problems before going to 5.1 about a week ago.
-
Been running my pfsense on 5.1 since the day it released and not issue one.. So what are these issues your going on about?
-
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2032803
Cant find the rest right now…
-
Well, whichever it is i'll be doing it in a week or so's time. I've just built an identical pfsense Microserver here in the office so that we can try it out for a week, then at least I know there's likely to be a solution for my customer (despite me needing to migrate VMs across whilst I upgrade the server).
-
Are you using E1000 NIC's in both boxes?
-
"Enhanced VMXNET adapter cannot obtain a DHCP IP address with FreeBSD 8.2"
Ok not using vmxnet, nor are we using 8.2 of freebsd ;)
So that would explain why this has been non issue for me.. And would never have used the vmxnet2 in the first place, article states it works with vmxnet3. But using e1000, there was a benchmark done a few threads back and they sure didn't notice any real performance increase with them, and I had some issues with access ipsec vpn on the outside of the pfsense box from clients inside when using them. Went back to e1000 and no issues.
-
I have used pfsense on a dell r710 before and it worked … I was not firewalling though ... just a soft router. I also have 128GB of memory and 4 CPUs, so I was not hurting for resources. Even though I had upwards of 30 VMs running at one time. props to pfsense.
-
Well, whichever it is i'll be doing it in a week or so's time.
Please post again and let us know how it goes.
-
Are you using E1000 NIC's in both boxes?
Yes, I have no need to go to VMXNET-based NICs, and one nagging doubt I had was that there may have been E1000-based code in FreeBSD which didn't translate well to the Broadcom NIC, but I must say it was incredibly weird to find that other VMs on the server were affected by the pfsense VM.
-
Well, whichever it is i'll be doing it in a week or so's time.
Please post again and let us know how it goes.
Will do. However, so far so good with the Microserver running a 32bit VM of a 32bit OS, and i'm sure my web developers will test pfsense a hell of a lot more than a training company do :)
-
Just to close off on this, I have rebuilt the 32-bit PFSense in a 32-bit VM container, and it's been stable for a week now. I think that must have been the issue. Glad to have spotted that or it would have driven me round the bend!
