Hyper-V integration installed with pfSense 2.0.1
-
@mats - thanks a lot for your response.
I tried that too, but still no luck. The NIC is an intel 6200 wifi, with the latest drivers (released by intel towards the end of October). Can you post the links to the additional articles - I'll see if it helps!
Only thing left now to try is to see if it works with a wired connection - but then, it would be a pain to be chained to a desk.
Any other suggestions appreciated :).
WAN and WLAN is 2 different things. Don't mix them up :)
-
WAN and WLAN is 2 different things. Don't mix them up :)
yes, I'm totally aware of the difference between the two. The WLAN interface is assigned to the external virtual switch in hyper-v, with the OS managing the interface - this means that the hyper-v layer will route traffic from the external switch and the physical machine over the same physical interface.
The WAN interface of pfsense connects to the external switch - hence it should either pick up an ip address from the router on the 192.168.1.x network thru DHCP, or should be able to connect to the internet using a 192.168.1.0/32 static address.
-
WAN and WLAN is 2 different things. Don't mix them up :)
yes, I'm totally aware of the difference between the two. The WLAN interface is assigned to the external virtual switch in hyper-v, with the OS managing the interface - this means that the hyper-v layer will route traffic from the external switch and the physical machine over the same physical interface.
The WAN interface of pfsense connects to the external switch - hence it should either pick up an ip address from the router on the 192.168.1.x network thru DHCP, or should be able to connect to the internet using a 192.168.1.0/32 static address.
So it doesn't work even if you give it a static address?
-
WAN and WLAN is 2 different things. Don't mix them up :)
yes, I'm totally aware of the difference between the two. The WLAN interface is assigned to the external virtual switch in hyper-v, with the OS managing the interface - this means that the hyper-v layer will route traffic from the external switch and the physical machine over the same physical interface.
The WAN interface of pfsense connects to the external switch - hence it should either pick up an ip address from the router on the 192.168.1.x network thru DHCP, or should be able to connect to the internet using a 192.168.1.0/32 static address.
So it doesn't work even if you give it a static address?
nope. It doesn't! that's what's very wierd!
there are only two things I have to try out - 1) hook up the laptop to the internet connection directly (that way, the interface address will be in the routable public internet) and 2) try using the wired nic to see if the WAN interface can pick up a 192.168.1.x address via DHCP.
-
I haven't seen anything on Intel cards (they are usually the good guys that always works).
Realtec and Marvell is more of bad boys :)
-
Cool, glad you got it sorted :)
Mine has been fine although I did have an incident where I lost all configuration inside the VM, however I did cluster the hosts and mess with snapshots so I think I probably caused that.
That Supermicro box is to die for, do you know how much power that is drawing from the wall because it looks exactly like what I want! :D
I dont cluster this box but I have others that are fine with pfSense in a cluster and I have failed over a few times.
With about 10-20% cpu useage with all the power saving turned off it is currently using about 30-35 watts .3 amps with setup. I have 3 other VMs running on it with the pfSense one for a total of 4. -
After some amount of testing, have finally got a repetitive pattern. Here are the steps and conditions
-
Setup an external switch in hyper-v. The switch is mapped to a nic which is shared with the management OS (The setting "Allow Management OS to share this network adapter" setting is checked"
-
The external network has a router providing DHCP services
-
Connect any linux vm - with a legacy network adapter or a hyper-v enabled adapter to this external switch
-
Power on the linux VM - it does not get an IP address from the router. Any addition steps (like shutting down and bringing up the vm nic using ifconfig up/down does not help)
-
Connect a windows VM instead of the linux VM - it picks up an IP address without any issues.
-
On a Internal switch (A private network), everything works perfectly well.
I'm thinking there might be a bug on the external side - where the OS has to share the NIC with the OS and the VM.
Can someone test this / provide additional comments? Have some more scenarios I will be testing, will post once I'm done.
OS's / distros used for testing:
Windows - Windows 7
Linux - Backtrack 5 r3 (hyper-v network drivers), pfsense (downloaded from this thread), untangle (no hyper-v drivers, using legacy nic), zentyal (hyper-v drivers installed), ubuntu 12.04 LTS (with hyper-v drivers.) -
-
What does Linux have to do with pfsense?
-
What does Linux have to do with pfsense?
okay - any *nx / bsd variant using the ms provided synthetic drivers. Should have phrased it better :D.
-
I used "sysctl kern.timecounter.hardware=TSC" to fix the calc runtime error.
This resolves the error outputs but makes the pfSense clock run. I get +8 hours a day.
I don't know, I sync to external NTP time source so my clock is good.
I have the same issue. My clock runs with "TSC" +8 hours a day.
The service NTPd runs with 3 external ntp-servers, but it did not change the clock.
Even if I run ntpdate to bring the clock in sync and then starts NTPd, the clock runs out of sync.
@Magsy: Do you make a special config change?
Have somebody else a hint in the right direction for me? -
Just don't use this command. The error message indicates that the VM synced the time with the Hyper-V Host. It does not influence anything else on my System (except that you should not use the pfSense box as a time Server for your Hyper-V).
-
I've been running this for a few months on various machines and haven't ran into any issues of yet. Curious to see others reporting issues.
I've exported the VM as a complete package, zipped it up and am sharing it on skydrive. Ready for you to import into Hyper-V 2012. http://sdrv.ms/15jeBZ6. Unzipped this package extracts to 5GB in size.
When you import the VM you will find that Hyper-V console will ask you to match your adapters with your virtual switch configuration. The first adapter is hn0 in pfsense, which is the “WAN” interface. It is also set to pick up IP address via DHCP. The second adapter is hn1 in pfsense, which is the “LAN” interface. It is set to default static IP address of 192.168.1.1. You can change this via the command line menu driven option, or via the webgui. The default username and password is set on this VM, which is admin/pfsense.
Be interested to hear any feedback, fire me an email - alex <at>northernjeep<dot>com. I don't consider myself to be a pfsense expert, but I've set this VM months ago on a few different test beds, and basically forgot about it; it just runs away without concern. So far my experiences with pfsense in Hyper-V have been nothing but positive. </dot></at>
-
nice work, alex. thanks for sharing the vm.
-
I've tested the PRERELEASE ISO and found some things which are not working:
- Traffic Sharping (no interfaces shown)
To help others to waste too much time (as I did), you can simple enable Traffic shapping with an edit in a file.
In the shell, open /etc/inc/interfaces.inc and search for "altq".
There should be an array where you just have to add the entry "hn".
After saving traffic shapping should work immediately.@zootie thank for your great work, i test your image since jan and for me it is nearly perfect :)
Sorry for my bad english :)
-
After additional testing, I think this might be an issue with the MS hyper-v drivers. Have opened up a thread on the technet forums http://social.technet.microsoft.com/Forums/en-US/w8itprovirt/thread/cef0a9db-ec2d-47fa-b71e-e7f503356913. Summarizing my findings below:
- linux/bsd system with hyper-v drivers will not get an IP from a DCHP server through a wireless NIC (tried with two different wireless cards)
- same vm will get itself an IP when it is connected through the wired NIC.
the "allow management os to share this interface" setting does not have any effect (however, if you uncheck this, the host machine loses connectivity to the gateway).
Will post back when I get some additional information.
-
Also, just a little curious, so asking for feedback: If you had no issues with a virtualized pfsense install, could you please report how your NIC's were assigned (whether wired / wireless and shared with mgmt os or not?) on the WAN and LAN side.
Thanks
-
Success!!!!! :D
I was able to create ISOs with a Hyper-V kernel for both 2.0.x and 2.1 Beta. Both install and show no major errors and seem functional. More testing is needed, but it is a good starting point for all of us needing to have better Hyper-V support in pfSense.
I'll post more details once I get some sleep and go deal with life. In the meantime, I posted the ISOs on RapidShare:
I have tested both of the Images that was created by zootie.
My setup is as follows:
Intel XEON E3-1220LV2
Intel Serverboard S1200 series
OS: Windows Server 2012I have been trying to get my firewall running virtual for some time now, and with the non-synthetic drivers it was a pain…...
First off I installed the 2.1-BETA1 - this quickly became annoying, as it would crash and reboot every once i a while. I havent been digging into what was happening, as im a bit of a unix newb, and dont even know where to begin.
After about 1 week of random crashes i desided to try the other image 2.0.3-PRERELEASE. This is working perfectly and have been running without any crashes. Even rebooted my HyperV hostmashine many times without touching the PFsense VM, an everything is just working without any hickups.
/Kind Regards
-
nice work, alex. thanks for sharing the vm.
Using alex's vm for 2 weeks. No issues for synthetic NICs detected :) Good! But have crashed pfsense when tryed to install bandwidthd package. And there is no RRD graphs (it don't work).
-
I to have random but frequent crash/reboots with 2.1-BETA1 (amd64).
It would be interesting to try one of the later releases with integrated services installed.
I was foolish enough to try and update this version and after a few hours of trying to get it to run again and failed, I reloaded my install in less than 5 minutes.
It's such a tease to almost have the answer to so many admin's prayers. -
I to have random but frequent crash/reboots with 2.1-BETA1 (amd64).
It would be interesting to try one of the later releases with integrated services installed.
I was foolish enough to try and update this version and after a few hours of trying to get it to run again and failed, I reloaded my install in less than 5 minutes.
It's such a tease to almost have the answer to so many admin's prayers.Tell me about it. I was this || close using it on a production level. But that wouldn't be very responsible isn't it?