Latest PFsense for hyper-V?
-
@cmb:
I'll be trying to see if I can set it up with CARP as well.
There's an issue in the network driver that prevents CARP from working currently, but that is something we'll be working with Microsoft to address post-2.2 release.
Microsoft has patched the issue, and we're looking at folding it into pfSense version 2.2
-
I can confirm that CARP is fully functional in Hyper-V with the most recent 2.2 snapshot available! Thanks to the folks at Microsoft for fixing it and getting us the patch. Those who'd like to use CARP in Hyper-V, check out the most recent 2.2 from snapshots.pfsense.org and let us know your experiences.
-
Is anyone up and running on Gen 2 VM's with 2.2 and non legacy drivers?
-
It seems as if freeBSD with Generation 2 VMs are not fully supported:
https://technet.microsoft.com/en-us/library/dn848318.aspxBut it could work if you disable secure boot option:
https://technet.microsoft.com/en-us/library/dn282285.aspxHere's a list of Best practices for running FreeBSD on Hyper-V:
https://technet.microsoft.com/en-us/library/dn848317.aspxP.S. Have to admit that I didn't implement any of those recommended practices :-o
Cheers,
Thomas -
No, pfsense won't even boot off the ISO under a Generation 2 setup–even if you disable secure boot. The pfsense ISO would would require GPT/EFI partition or be converted to GPT/UEFI to boot... You'll get an error message: "Boot Failed. EFI SCSI Device" ... Confirmed.
-
Is anyone up and running on Gen 2 VM's with 2.2 and non legacy drivers?
Gen 2 wouldn't really give you any advantages for pfSense even if it would install (which it won't). The big advantage is Synthetic network drivers, which 2.2 now supports. Install at as a Gen 1 with synthetic drivers (No more legacy drivers required) and be happy :)
-
Looks like Hyper-V and pfSense just won't get along…
My test setup looks like this:
• Host OS: Windows 8.1 Enterprise with Hyper-V up and running (essentially the same as Windows Server 2012 R2)
• Physical networking: WiFi - Broadcom (ven-14e4, dev-4359), Ethernet - Broadcom (ven-14e1, dev-16b5)
• Virtual networking: 1x External (tied to WiFi-adapter, impossible otherwise), 2x Private (different subnets)
• VM with 3 NICs: 1x WAN (to External), 2x LAN (to each of Privates) (tested both legacy and regular ones in different setups)
• Latest pfSense (2.2.0 Release x64)Every WAN-assigned NIC, regardless of generation, fails to interact with the rest of the external network (no DHCP interaction). The regular one seems to start working as intended somehow after I reboot the host OS (which itself is strange enough), but after some time, regardless of WAN load, all traffic going through WAN vNIC is just silently blocked until I down-up-dhclient said NIC (rinse-and-repeat every 2~5 minutes); legacy vNIC refuses even to get IP address. Once I reassign WAN vNIC to Ethernet adapter though, it suddenly starts working flawlessly. =\ As of private vNICs, they work as intended, no problems detected there (for now).
To sum it up:
• Hyper-V: WAN vNIC (hn0; regular) connected to physical WiFi adapter = no internet, and even if there is somehow, then it won't last long anyway (down-up-dhclient every now and then)
• Hyper-V: WAN vNIC (hn0; regular) connected to physical Ethernet adapter = all ok
• Hyper-V: WAN vNIC (de0; legacy) connected to physical WiFi adapter = no external access AT ALL
• Hyper-V: WAN vNIC (de0; legacy) connected to physical Ethernet adapter = all ok (supposedly; didn't test because regular one worked as intended)
• VMware: everything works out of the box no matter which physical adapter I connect pfSense's WAN vNIC to (duh)Kinda makes me want to give up trying and just scrap Hyper-V.
-
I can report that the 2.2 releases, both Beta and Release, work fine with Hyper-V, and with CARP.
6 Pf's on different hosts/clusters & I have a CARP array doing OpenVPN Site-to-Sites to other PF's, works fine.
Only thing you need to do i've found is:
Use a Gen1 VM.
Set the disk to be fixed size.
Enable MAC Spoofing on the NICs that will have CARP addresses.
Disable dynamic memory.