Hyper-V integration installed with pfSense 2.0.1
-
Could you share your hyper-v pfSense ISO with us ?
Because I have many difficulties to correct the error and do not know what else to do
-
RE: lack of VLAN support, one workaround I've been using successfully on Hyper-V PF vm's is to simply create additional vNics in Hyper-V, tagging at the Host level. PF just sees them as separate Network Adapters, which should work just fine for your needs.
Best advice, at least in 2012 / 2012 R2 with Hyper-V is to team all the host nics, then use the HV Virtual Switch to break out vNics via powershell, especially if you need to expose them to the host.
Add-VMNetworkAdapter -VMNetworkAdapterName "eth1" -VMName "PFsense"
Set-VMNetworkAdapterVlan -VMName "PFsense" -Trunk -NativeVlanId 1 -AllowedVlanIdList 1-4094 -VMNetworkAdapterName "eth1"
Where PFsense is the name of your Virtual.To set the VLAN on the Host vNics, you'll need the -ManagementOS flag.
Set-VMNetworkAdapterVlan -ManagementOS [-Access] [-AllowedVlanIdList <string>] [-Community] [-ComputerName <string[]>] [-Isolated] [-NativeVlanId <int32>] [-Passthru] [-PrimaryVlanId <int32>] [-Promiscuous] [-SecondaryVlanId <int32>] [-SecondaryVlanIdList <string>] [-Trunk] [-Untagged] [-VlanId <int32>] [-VMNetworkAdapterName <string>] [-Confirm] [-WhatIf] [ <commonparameters>]</commonparameters></string></int32></string></int32></int32></int32></string[]></string> -
Many thanks to all for a superb product.
I have installed pfSense 2.1 Rel w/Hyper-V 20130915 pfSense-LiveCD-2.1-RELEASE-amd64-hyperv-kernel-20130915-1129.iso on Hyper-v 2012 R2 and it appears to work very well. At installation the synthetic Network Adapters are found and install with no problem.
My only question is concerning said Network Adapters which are reported as Degraded (Integration services upgrade required), is this the state of play at the moment or have I missed something/messed up?Thanks again
-
Bill, with your sucessful installation on Windows 2012 Hyper V are you seeing decent throughput?
Dale
-
Many thanks to all for a superb product.
I have installed pfSense 2.1 Rel w/Hyper-V 20130915 pfSense-LiveCD-2.1-RELEASE-amd64-hyperv-kernel-20130915-1129.iso on Hyper-v 2012 R2 and it appears to work very well. At installation the synthetic Network Adapters are found and install with no problem.
My only question is concerning said Network Adapters which are reported as Degraded (Integration services upgrade required), is this the state of play at the moment or have I missed something/messed up?Thanks again
This is normal when you install a Gen 1 VM. This even applies to Server 2012 (without R2) and Windows 8.0. With R2/8.1 Microsoft also updated the Integration tools.
-
Bill, with your sucessful installation on Windows 2012 Hyper V are you seeing decent throughput?
Dale
i've been using the 2.1 hyper-v kernel pfsense with much success in my datacenter environment for several months now
i'm using hyper-v 2012 in several failover clusters and pfsense is able to properly failover from 1 node to another as normal
i supply each VM with 3GB of VHDX and 1024MB of Memory with 2 standard NICs (not legacy)
it's great to just be able to also turn up an individual firewall instances for each customer on our gear with a different vlan for each customers internal subnet
all the features i've come to love in pfsense work perfectly, even openvpn and ipsec which are key to alot of work i do
i also do the vlan tagging at the host level in the settings for the VM
i honestly could not be happier with how well it's working, i will report back if i run into any majors issues
only thing i've noticed which many people have mentioned, is the time sync at console. which is a minor annoyance at most.
also to answer your question, i get 100MB up and 100MB down. exactly as i should.
-
I hope we'll see official pfsense for hyper-v this summer: http://blogs.technet.com/b/port25/archive/2012/05/11/freebsd-to-run-as-a-first-class-guest-on-windows-server-hyper-v.aspx
-
Bill, with your sucessful installation on Windows 2012 Hyper V are you seeing decent throughput?
Dale
Hi Dale
Sorry for the late reply. I am seeing throughput as expected and though the NICs throw up integration services warnings they seem to be working fine in terms of speed.Bill
-
Many thanks to all for a superb product.
I have installed pfSense 2.1 Rel w/Hyper-V 20130915 pfSense-LiveCD-2.1-RELEASE-amd64-hyperv-kernel-20130915-1129.iso on Hyper-v 2012 R2 and it appears to work very well. At installation the synthetic Network Adapters are found and install with no problem.
My only question is concerning said Network Adapters which are reported as Degraded (Integration services upgrade required), is this the state of play at the moment or have I missed something/messed up?Thanks again
This is normal when you install a Gen 1 VM. This even applies to Server 2012 (without R2) and Windows 8.0. With R2/8.1 Microsoft also updated the Integration tools.
Ah I see…
Saw a nice script to convert from Gen 1 to Gen 2, trouble is its just Win8/2012. http://code.msdn.microsoft.com/windowsdesktop/Convert-VMGeneration-81ddafa2
Was about to try a fresh Pfsense install as Gen 2 but I see its only for the latest and greatest MS OSs.
Don't know why I am worrying as it all works fine.Bill
-
I'm cross posting on this thread, and my own bounty thread.
I've had success getting this up and running, but as soon as any proper traffic goes across it - Crash. Every time. Then it reboots and the network cards are muddled up.
Very sadly a show stopper. I'm increasing bounty to $1000 for a fix.
Sleeping thread (tid 100036, pid 12) owns a non-sleepable lock
sched_switch() at sched_switch+0x102
mi_switch() at mi_switch+0x176
sleepq_wait() at sleepq_wait+0x42
_sx_xlock_hard() at _sx_xlock_hard+0x305
hn_start() at hn_start+0x57d
if_transmit() at if_transmit+0xea
ether_output_frame() at ether_output_frame+0x33
ether_output() at ether_output+0x50d
ip_output() at ip_output+0xda9
tcp_output() at tcp_output+0xa7d
tcp_do_segment() at tcp_do_segment+0xbbc
tcp_input() at tcp_input+0xcb8
ip_input() at ip_input+0x162
netisr_dispatch_src() at netisr_dispatch_src+0x7b
ether_demux() at ether_demux+0x169
ether_input() at ether_input+0x191
netvsc_recv() at netvsc_recv+0x202
hv_rf_on_receive() at hv_rf_on_receive+0x147
hv_nv_on_channel_callback() at hv_nv_on_channel_callback+0x38e
hv_vmbus_on_events() at hv_vmbus_on_events+0xa8
intr_event_execute_handlers() at intr_event_execute_handlers+0x104
ithread_loop() at ithread_loop+0x95
fork_exit() at fork_exit+0x11f
fork_trampoline() at fork_trampoline+0xe
–- trap 0, rip = 0, rsp = 0xffffff8000125d00, rbp = 0 ---
panic: sleeping thread
cpuid = 1
KDB: enter: panic
panic.txt0600001712274404005 7134 ustarrootwheelsleeping threadversion.txt06000022412274404005 7607 ustarrootwheelFreeBSD 8.3-RELEASE-p11 #0: Sun Sep 15 12:27:10 PDT 2013
root@fbsd83minx64.corp.itbxb.com:/usr/obj.pfSense/usr/pfSensesrc/src/sys/pfSense_SMP.8 -
First, it is randomly crashing and rebooting. The crash log reports a kernel panic due to a sleeping thread. I'm not sure what to do to fix that. If that was the only issue, I could probably live with it.
The main issue I'm having is that when it reboots due to the crash, the interfaces are switching. For example, I set WAN to hn0 (mac xx::45), LAN to hn1 (mac xx::46). When it reboots, it is changing hn0 to the interface with mac xx::46 and hn1 to the interface with mac xx::45. So I have to reassign the interfaces. Does anyone know why it would do this or how to ensure that hn0 stays with a specific virtual network interface?
I have the exact same issues… Really too bad... it's unstable. Randomly reboots (once or twice a day). And if it does, it does not come up cleanly (interfaces are wrongly assigned). I can fix that by shutting it down through hyperv with the button and start it up again.. and then magically interfaces are correct again...
Panic String: sleeping thread
-
I hope we'll see official pfsense for hyper-v this summer: http://blogs.technet.com/b/port25/archive/2012/05/11/freebsd-to-run-as-a-first-class-guest-on-windows-server-hyper-v.aspx
Look at post date: 11 May 2012 11:35 AM
All working good now!
-
Yes, 2.1 looks great. It has a long list of new features and improvements. IPv6 support is welcome, looking forward to trying it.
Do you have how-to or build script?
I want to use Hyper-V kernel with nightly builds…I'm using Hyper-V 2012 R2 as virtualization platform and want to test pfSense nightly builds!
Don't want to use other virtualization platforms. No options for me without Hyper-V kernel :( -
Although i really like pfsense, i could not longer wait for official Hyper-V integration. I started using Sophos UTM 9.x. The personal edition is even for free…
-
Although i really like pfsense, i could not longer wait for official Hyper-V integration. I started using Sophos UTM 9.x. The personal edition is even for free…
I'm using release pfSense-LiveCD-2.1-RELEASE-amd64-hyperv-kernel-20130915-1129.iso in production, all servers 2012 R2 and one 2012
No problems, kernel panic, etc…
Longest up time 60 days without problems. -
using pfsense as a server loadbalancer for few years on a Dell PE server in my dev environment.
Found this post so wanted to move the aged box to VM. Have downloaded and installed the custom iso on server 2012 R2 hyper-v. Installation went smooth and restored backup to VM from the physical box.
Everything looks fine but none of the sites hosted being the VIPs of the loadbalancer are responding. These VIPs are configured as PARP.
Could not find any logs that can be of help.
Would be greatfull if any one can help me with this.
-
@hmh:
Although i really like pfsense, i could not longer wait for official Hyper-V integration. I started using Sophos UTM 9.x. The personal edition is even for free…
I'm using release pfSense-LiveCD-2.1-RELEASE-amd64-hyperv-kernel-20130915-1129.iso in production, all servers 2012 R2 and one 2012
No problems, kernel panic, etc…
Longest up time 60 days without problems.What are your VM settings? Are you giving it only 1 CPU by chance? There is code in the source that has something to do with tying to a certain CPU.
-
A couple general news on this topic.
Looking in the git repository, there have been considerable improvements in the source code for the integration component drivers and are now at a 1.0 release level. I've been trying to figure out a way to inject these newer drivers into a running pfSense VM or to generate a new pfSense ISO build with this new code (been at it for a few days). I'll report back once I figure out a way to build it (or if I give up for the time being).
These newer drivers are considered stable enough to be included in FreeBSD 10. Hopefully, it'll be a considerable improvement that will solve some of the issues we've experienced. There is also the possibility that a near future version of pfSense (maybe 2.2) will be based on FreeBSD 10 (rather than 8.3 as 2.1), making it easier to support Hyper-V going forward.
-
What are your VM settings? Are you giving it only 1 CPU by chance? There is code in the source that has something to do with tying to a certain CPU.
I'am using 2 or 4 CPU and 1 Gb RAM
Config on my test lab:
2 CPU 1Gb RAM
WAN1 Link 1 Gigabit (True 1 Gigabit internet link)
WAN2 Link 5 Megabit (Backup link, and some services published to internet) -
hmh,
I tried those instructions on a vanila 2.1 installation, and it crashes the VM as soon as you try and enable the interface or to assign them. There are other users attempting similar strategies, but so far, all have reported that the precompiled (or trivially recompiled) drivers break pfSense (and we're having to go through hoops to try and compile a version that is more compatible with pfSense).
Can anyone confirm they got the new precompiled drivers using the instructions on https://github.com/FreeBSDonHyper-V/Hyperv-Ports/wiki/Install-pre&minus%3Bbuilt-FreeBSD-8-Hyper&minus%3BV-Integration-Components-using-packages? Are you sure you're using the synthetic driver (ie, shutdown and remove the Legacy NIC from the VM so it attemtps a reassign on the following boot). You can re-add the Legacy NICs to get the VM back online (and/or you should make a backup of your VHD before installing these drivers).