Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    PfSense 2.2 not passing traffic, but ping does get through

    Virtualization
    20
    41
    29119
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jpsense42 last edited by

      Hi,

      I have a fresh 2.2 install on a KVM guest. The host has two physical network interfaces (bridges), one LAN, one connected to my ISP router (LAN side of the router, so pfSense WAN side is a private network). pfSense has two virtio interfaces. I understand this setup causes double NAT, but I have no choice, my ISP does not allow other equipment or config changes to their router.

      The following fails:

      • Clients cannot reach the internet, no traffic gets passed. Ping DOES work however, see below!
      • pfSense console: telnet <isp router="" lan="" ip="">80 > no connection, seems pfSense itself cannot do anything but ping hosts
      • pfSense console: telnet <any webserver="">80 > no connection

      The following all works:

      • I can reach the webconfig via the LAN
      • LAN clients can ping everything, using pfSense as their gateway, all the way to 8.8.8.8 (!)
      • pfSense can ping everything, all the way to 8.8.8.8 and everything on the LAN
      • Clients connected directly to the ISP router can access the internet just fine

      The following config checks look OK to me:

      • Firewall rules are clean, default (allow LAN to access everything. automatic NAT)
      • Private networks are not blocked, bogon networks are not blocked on the WAN interface
      • Gateway (ISP router LAN side) is the default and only gateway and is UP
      • Double-checked IP addresses, subnet masks, gateways address.

      Version: 2.2-RELEASE, built on Thu Jan 22 14:04:25 CST 2015</any></isp>

      1 Reply Last reply Reply Quote 0
      • T
        Trel last edited by

        Are you able to ping by hostname or only by IP?
        (from both client machines and pfsense)

        1 Reply Last reply Reply Quote 0
        • J
          jpsense42 last edited by

          Both. pfSense is able to resolve host names using 8.8.8.8. DNS lookup via the web configurator works.
          If I configure a LAN client to use pfSense as a local DNS server, lookups work too. So clients can ping google.com and they get replies.

          This is a copy/paste from diagnostics / DNS lookup:

          Resolve DNS hostname or IP
          Hostname or IP
          = 216.58.219.174

          Resolution time per server
          Server Query time
          127.0.0.1 5 msec
          8.8.8.8 107 msec
          8.8.4.4 87 msec
          More Information: Ping
          Traceroute
          NOTE: The following links are to external services, so their reliability cannot be guaranteed.

          IP WHOIS @ DNS Stuff
          IP Info @ DNS Stuff

          1 Reply Last reply Reply Quote 0
          • J
            jpsense42 last edited by

            And this is a copy/paste from Diagnostics / Ping:

            PING google.com (216.58.219.78): 56 data bytes
            64 bytes from 216.58.219.78: icmp_seq=0 ttl=55 time=55.964 ms
            64 bytes from 216.58.219.78: icmp_seq=1 ttl=55 time=55.682 ms
            64 bytes from 216.58.219.78: icmp_seq=2 ttl=55 time=56.017 ms

            –- google.com ping statistics ---
            3 packets transmitted, 3 packets received, 0.0% packet loss
            round-trip min/avg/max/stddev = 55.682/55.888/56.017/0.147 ms

            1 Reply Last reply Reply Quote 0
            • F
              fragged last edited by

              So you can ping things by both IP and hostname -> everything is working? What is the actual issue here?

              1 Reply Last reply Reply Quote 0
              • J
                jpsense42 last edited by

                If I set pfSense as my default gateway, I can ping, but I cannot access anything else. No ssh, no http. I was hoping pfSense would allow me to do more than just ping ;-)

                Edit: I just realized, ssh and http are TCP. Is it possible pfSense is passing UDP (DNS) and ICMP (ping) but not TCP?

                1 Reply Last reply Reply Quote 0
                • F
                  fragged last edited by

                  Assuming you have the default "Default allow LAN to any rule" on LAN then it should pass everything through from LAN -> WAN. Check the firewall log and do a packet capture to see whats going on.

                  1 Reply Last reply Reply Quote 0
                  • D
                    doktornotor Banned last edited by

                    Instead of letting people guess, why don't you just check/post firewall logs/rules here?

                    1 Reply Last reply Reply Quote 0
                    • J
                      jpsense42 last edited by

                      These (see attachment) are the LAN firewall rules. The WAN tab is empty.
                      Text version:

                      ID  Proto      Source  Port    Destination    Port    Gateway  Queue  Schedule        Description
                          *          *      *      LAN Address    80      *        *                      Anti-Lockout Rule
                          IPv4*      LAN net *      *              *      *        none                    Default allow LAN to any rule
                          IPv6*      LAN net *      *              *      *        none                    Default allow LAN IPv6 to any rule


                      1 Reply Last reply Reply Quote 0
                      • J
                        jpsense42 last edited by

                        As for the firewall log, it's empty. It did contain IP6 related entries. I disabled IP6 on the client, cleared the log and tried connecting to the internet via pfSense again. Nothing appeared in the log.

                        The system dashboard shows:
                        2.2-RELEASE (i386)
                        built on Thu Jan 22 14:04:25 CST 2015
                        FreeBSD 10.1-RELEASE-p4
                        Unable to check for updates.

                        pfSense is unable to check for updates, although it can ping the world, resolve host names and it's connected to a router that allows full internet access - clients connected directly to the ISP router can connect to anything on the internet.

                        I think: no TCP routing is happening here. Or it is happening, but no NAT is happening. The ISP router would not know what to do with non-NATted packets from the pfSense LAN side.

                        1 Reply Last reply Reply Quote 0
                        • J
                          jpsense42 last edited by

                          This is wat the NAT outbound rules look like. It's a fresh install, no changes.


                          1 Reply Last reply Reply Quote 0
                          • J
                            jpsense42 last edited by

                            Packet captures below. I can't see what's wrong from this, at least not yet.

                            Packet capture, LAN side.
                            Client 192.168.0.196 is trying to access Google (216.58.219.78:80)
                            pfSense LAN side is 192.168.0.252

                            19:06:53.285513 IP 192.168.0.252.53 > 192.168.0.196.60003: UDP, length 76
                            19:06:54.714668 IP 192.168.0.196.51332 > 216.58.219.78.80: tcp 0
                            19:06:54.841045 IP 192.168.0.196.56142 > 192.168.0.252.53: UDP, length 37
                            19:06:54.845216 IP 192.168.0.252.53 > 192.168.0.196.56142: UDP, length 77
                            19:06:54.846406 IP 192.168.0.196.51338 > 216.58.219.78.443: tcp 0
                            19:06:54.951584 IP 192.168.0.196.51333 > 216.58.219.78.80: tcp 0
                            19:06:55.291665 IP 192.168.0.196.51336 > 216.58.219.78.443: tcp 0
                            19:06:55.455828 IP 192.168.0.196.51337 > 216.58.219.78.443: tcp 0
                            19:06:56.671783 IP 192.168.0.196.51334 > 62.69.175.109.80: tcp 0
                            19:06:56.809020 IP 192.168.0.196.52478 > 192.168.0.252.53: UDP, length 28
                            19:06:56.810237 IP 192.168.0.252.53 > 192.168.0.196.52478: UDP, length 44
                            19:06:56.811612 IP 192.168.0.196.51339 > 216.58.219.78.80: tcp 0
                            19:06:57.062611 IP 192.168.0.196.51340 > 216.58.219.78.80: tcp 0
                            

                            Same scenario, now WAN side. pfSense WAN is 192.168.7.252, ISP router is 192.168.7.254

                            19:07:51.898694 IP 192.168.7.252.27180 > 205.251.192.57.53: UDP, length 44
                            19:07:52.198428 IP 205.251.192.57.53 > 192.168.7.252.27180: UDP, length 196
                            19:07:52.204635 IP 192.168.7.252.56383 > 108.160.165.189.443: tcp 0
                            19:07:52.210622 IP 192.168.7.252 > 192.168.7.254: ICMP echo request, id 14886, seq 35773, length 44
                            19:07:52.211711 IP 192.168.7.254 > 192.168.7.252: ICMP echo reply, id 14886, seq 35773, length 44
                            19:07:53.220143 IP 192.168.7.252 > 192.168.7.254: ICMP echo request, id 14886, seq 36029, length 44
                            19:07:53.220916 IP 192.168.7.254 > 192.168.7.252: ICMP echo reply, id 14886, seq 36029, length 44
                            19:07:53.748700 IP 192.168.7.252.9196 > 216.58.219.78.443: tcp 0
                            19:07:54.008374 IP 192.168.7.252.38630 > 216.58.219.78.443: tcp 0
                            19:07:54.228310 IP 192.168.7.252 > 192.168.7.254: ICMP echo request, id 14886, seq 36285, length 44
                            19:07:54.229275 IP 192.168.7.254 > 192.168.7.252: ICMP echo reply, id 14886, seq 36285, length 44
                            19:07:55.201675 IP 192.168.7.252.56383 > 108.160.165.189.443: tcp 0
                            19:07:55.267333 IP 192.168.7.252 > 192.168.7.254: ICMP echo request, id 14886, seq 36541, length 44
                            19:07:55.268015 IP 192.168.7.254 > 192.168.7.252: ICMP echo reply, id 14886, seq 36541, length 44
                            19:07:56.307582 IP 192.168.7.252 > 192.168.7.254: ICMP echo request, id 14886, seq 36797, length 44
                            19:07:56.308639 IP 192.168.7.254 > 192.168.7.252: ICMP echo reply, id 14886, seq 36797, length 44
                            19:07:56.712085 IP 192.168.7.252.24188 > 108.160.169.188.80: tcp 0
                            19:07:57.039836 IP 192.168.7.252.25088 > 62.69.166.210.80: tcp 0
                            19:07:57.303517 IP 192.168.7.252.27234 > 216.239.32.10.53: UDP, length 39
                            19:07:57.307442 IP 192.168.7.252 > 192.168.7.254: ICMP echo request, id 14886, seq 37053, length 44
                            19:07:57.308079 IP 192.168.7.254 > 192.168.7.252: ICMP echo reply, id 14886, seq 37053, length 44
                            19:07:57.388742 IP 216.239.32.10.53 > 192.168.7.252.27234: UDP, length 44
                            19:07:57.394470 IP 192.168.7.252.8493 > 216.58.219.78.80: tcp 0
                            19:07:57.646223 IP 192.168.7.252.49477 > 216.58.219.78.80: tcp 0
                            19:07:58.320115 IP 192.168.7.252 > 192.168.7.254: ICMP echo request, id 14886, seq 37309, length 44
                            19:07:58.320916 IP 192.168.7.254 > 192.168.7.252: ICMP echo reply, id 14886, seq 37309, length 44
                            19:07:59.330378 IP 192.168.7.252 > 192.168.7.254: ICMP echo request, id 14886, seq 37565, length 44
                            19:07:59.331114 IP 192.168.7.254 > 192.168.7.252: ICMP echo reply, id 14886, seq 37565, length 44
                            19:07:59.743873 IP 192.168.7.252.9196 > 216.58.219.78.443: tcp 0
                            19:08:00.003967 IP 192.168.7.252.38630 > 216.58.219.78.443: tcp 0
                            19:08:00.339999 IP 192.168.7.252 > 192.168.7.254: ICMP echo request, id 14886, seq 37821, length 44
                            19:08:00.340785 IP 192.168.7.254 > 192.168.7.252: ICMP echo reply, id 14886, seq 37821, length 44
                            19:08:00.393862 IP 192.168.7.252.8493 > 216.58.219.78.80: tcp 0
                            19:08:00.640923 IP 192.168.7.252.49477 > 216.58.219.78.80: tcp 0
                            19:08:00.647629 IP 192.168.7.252.33846 > 216.239.34.10.53: UDP, length 48
                            
                            1 Reply Last reply Reply Quote 0
                            • C
                              cmb last edited by

                              Guessing some kind of checksum offloading problem. Which type of NICs are you using in KVM? Try disabling hardware checksum offloading under System>Advanced, Misc. Reboot afterwards to be on the safe side.

                              1 Reply Last reply Reply Quote 1
                              • J
                                jpsense42 last edited by

                                I found the setting under System > Advanced > Networking.

                                Disable hardware checksum offload
                                Checking this option will disable hardware checksum offloading. Checksum offloading is broken in some hardware, particularly some Realtek cards. Rarely, drivers may have problems with checksum offloading and some specific NICs.

                                I selected the checkbox and rebooted. No change. The pfSense VM can ping external hosts, but ssh from the pfSense console to an external ssh server does not work, clients cannot access the internet via pfSense.
                                These are my KVM NIC settings (virtio). br0 is LAN on the host, br1 is WAN.

                                 <interface type="bridge"><mac address="54:52:00:44:13:69"><source bridge="br0">
                                      <target dev="vnet4"><model type="virtio"><address type="pci" domain="0x0000" bus="0x00" slot="0x03" function="0x0">
                                
                                    <interface type="bridge"><mac address="54:52:00:1d:48:7e"><source bridge="br1">
                                      <target dev="vnet5"><model type="virtio"><address type="pci" domain="0x0000" bus="0x00" slot="0x04" function="0x0">
                                
                                </address></model></target></mac></interface> </address></model></target></mac></interface> 
                                
                                1 Reply Last reply Reply Quote 0
                                • B
                                  Bullz3y3 last edited by

                                  I had this same problem with ProxmoVE. pfSense installed as KVM with "VirtIO" emulator which is default for KVM. WAN bride with eth0 and go out. Local bridge for LAN side of pfSense.

                                  Installed Windows & Ubuntu with VirtIO Driver. When Windows VM was set to go through pfSense I could ping but no internet no TCP/UDP connections at all. Same scenario. After bashing my head on the wall for whole sleepless night trying to resolve this. Finally I decided to setup XenServer instead of Proxmox which runs Xen hypervisor.

                                  Implemented the same setup in XenServer with all default settings. Windows was installed with default Realtek NIC driver. Alverything worked perfectly fine.

                                  When I installed xe-tools which turned Realtek NIC to "Xen Paravirtualized driver" it stopped work with same results as above. When I uninstalled xe-tools it worked again.

                                  Conclusion
                                  From this what I can see is Paravirtualzied drives are causing this issue in both setup. VirtIO in KVM & PV in Xen. With other NIC emulators like e1000 or Realtek it works fine.

                                  I haven't found a solution to get this working with para drivers which will improve the performance.

                                  J O M 3 Replies Last reply Reply Quote 2
                                  • Y
                                    yaplej last edited by

                                    I just ran into this issue too.  I have been beating my brain to figure out what the issue was.  Once I switched the vNICs to e1000 everything worked.

                                    1 Reply Last reply Reply Quote 0
                                    • T
                                      tier3 last edited by

                                      how to change vNICs to e1000 in xenserver 6.5

                                      1 Reply Last reply Reply Quote 0
                                      • M
                                        mdima last edited by

                                        Hello,
                                        I am running in the same problem just, it is not a Virtual Machine, just a normal HP server with 4 Intel NICs…

                                        I already disabled the Hardware checksum offload, and disabled "fast IP forwarding", but on one of my server (the primary) after a reboot this happens... :S

                                        Thanks,
                                        Michele

                                        1 Reply Last reply Reply Quote 0
                                        • R
                                          RK57 last edited by

                                          facing a similar issue since few days, have read almost every thread on this topic but couldn't make it work yet..!

                                          My network setup is as follows

                                          ISP modem to rl0 ie wan on pfsense , lan re0 to my switch box .

                                          everything was fine until last two days suddenly pfsense stopped giving access to the internet,, tried almost everything known but no success,, finally reconfigured the pfsense NO SUCCESS still.

                                          mine is a static IP connection ,
                                          I am able to ping anything and everything from the pfsense ping host using ip address aswell as the host-names, However i am not able to ping through the client using HOST-NAMES only IP address works and thats what i think is the problem,,

                                          ANY HELP would be heartily appreciated.. ! thanks in advance..

                                          1 Reply Last reply Reply Quote 0
                                          • KOM
                                            KOM last edited by

                                            i am not able to ping through the client using HOST-NAMES only IP address works

                                            Sounds like a DNS issue.  Check your client DNS settings and work up from there.  What is DNS for your network? pfSense?

                                            1 Reply Last reply Reply Quote 0
                                            • R
                                              RK57 last edited by

                                              Thanks for the reply KOM.

                                              my dns addresses are as follows : pref dns; 103.29.249.245
                                                                                                alt dns :8.8.8.8

                                              Also if i configure the same settings in my  DLINK DIR 600 ROUTER ie if i bypass the pfsense everything seems to work perfect. , my clients systems are on DHCP and refer to the pfsense LAN ip ie 192.168.0.1 as the gateway and the DNS server,

                                              1 Reply Last reply Reply Quote 0
                                              • G
                                                gjaltemba last edited by

                                                I had the same problem as described in op with Xen and pfSense. The first sticky post in this forum describes the problem and a workaround. In the end, I had to turn off just the checksum offload on my private network using ethtool.

                                                IMPORTANT: Xen/KVM networking will not work on 2.2 using default hypervisor settings!
                                                https://forum.pfsense.org/index.php?topic=88467.0

                                                1 Reply Last reply Reply Quote 0
                                                • E
                                                  EddDeDuck last edited by

                                                  @Bullz3y3:

                                                  I had this same problem with ProxmoVE. pfSense installed as KVM with "VirtIO" emulator which is default for KVM. WAN bride with eth0 and go out. Local bridge for LAN side of pfSense.

                                                  Installed Windows & Ubuntu with VirtIO Driver. When Windows VM was set to go through pfSense I could ping but no internet no TCP/UDP connections at all. Same scenario. After bashing my head on the wall for whole sleepless night trying to resolve this. Finally I decided to setup XenServer instead of Proxmox which runs Xen hypervisor.

                                                  Implemented the same setup in XenServer with all default settings. Windows was installed with default Realtek NIC driver. Alverything worked perfectly fine.

                                                  When I installed xe-tools which turned Realtek NIC to "Xen Paravirtualized driver" it stopped work with same results as above. When I uninstalled xe-tools it worked again.

                                                  Conclusion
                                                  From this what I can see is Paravirtualzied drives are causing this issue in both setup. VirtIO in KVM & PV in Xen. With other NIC emulators like e1000 or Realtek it works fine.

                                                  I haven't found a solution to get this working with para drivers which will improve the performance.

                                                  I wanted to post here to first say a deep and heartfelt THANK YOU for posting this as I spent days trying to work out why all my Linux boxes didn't have internet but my Mac's and Windows machines did. After trying loads of tests and variations I found your thread which was the final clue :)

                                                  For the record (and to help people searching with similar issues) I am running pfsense on a Virtualised installation on a QNAP server, it worked great apart from Linux VM's not having internet and the QNAP itself (if sharing a virtualised switch) also lacking internet. If you route the QNAP via a none virtualised ethernet socket then you aren't affected.

                                                  Ping worked just fine. When I swapped to the Realtek ethernet emulator everything started working again.

                                                  1 Reply Last reply Reply Quote 0
                                                  • D
                                                    DigitalDaz last edited by

                                                    @Bullz3y3 Your advice on switching to e1000 is as good on the latest version of Proxmox and the latest version of pfsense as it was in 2015, this was driving me insane, thank you!

                                                    1 Reply Last reply Reply Quote 0
                                                    • J
                                                      johnny94 @Bullz3y3 last edited by

                                                      @bullz3y3 I can definitely confirm your suggestion to change the network adapter to e1000 for proxmox. Thanks!

                                                      1 Reply Last reply Reply Quote 0
                                                      • Derelict
                                                        Derelict LAYER 8 Netgate last edited by

                                                        I am having no problems putting traffic through modern pfSense installs on a modern proxmox VE installation using the virtio drivers.

                                                        I, too, suffered from the issue with XenServer but there were fixes (using HV drivers or disabling the checksums in the VM).

                                                        Chattanooga, Tennessee, USA
                                                        The pfSense Book is free of charge!
                                                        DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
                                                        Do Not Chat For Help! NO_WAN_EGRESS(TM)

                                                        M 1 Reply Last reply Reply Quote 0
                                                        • M
                                                          macduke @Derelict last edited by

                                                          @derelict could you please run iperf from pfsense to the host and copy&paste the output here? And maybe from a linux vm to the host?

                                                          Many thx

                                                          1 Reply Last reply Reply Quote 0
                                                          • Derelict
                                                            Derelict LAYER 8 Netgate last edited by

                                                            Full speed, but I only have 350/30 here.

                                                            The problems on XenServer resulted in almost no throughput when using TCP, like single-digit kilobits-per-second. If you are seeing just lower-than-expected throughput then it's a completely separate issue and you should start a different thread.

                                                            Don't performance-test by running iperf on the firewall. Test through the firewall.

                                                            Chattanooga, Tennessee, USA
                                                            The pfSense Book is free of charge!
                                                            DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
                                                            Do Not Chat For Help! NO_WAN_EGRESS(TM)

                                                            M 1 Reply Last reply Reply Quote 0
                                                            • M
                                                              macduke @Derelict last edited by

                                                              @derelict thx for your replay, i already stared a thread "https://forum.netgate.com/topic/138988/pfsense-on-kvm-slow-network-speed" but nobody replayed, that's why i asked here. ^^
                                                              i am more interested in throughput between two local subnets through the firewall than between local net and internet.

                                                              1 Reply Last reply Reply Quote 0
                                                              • Derelict
                                                                Derelict LAYER 8 Netgate last edited by Derelict

                                                                1.6 Gbit/sec between two VMs in each direction. Single-stream TCP.

                                                                iperf3 hosts are on 1302 and 1201.

                                                                0_1546293928915_Screen Shot 2018-12-31 at 2.04.30 PM.png

                                                                Chattanooga, Tennessee, USA
                                                                The pfSense Book is free of charge!
                                                                DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
                                                                Do Not Chat For Help! NO_WAN_EGRESS(TM)

                                                                1 Reply Last reply Reply Quote 0
                                                                • Q
                                                                  qctech last edited by

                                                                  Sorry for adding to an old post but just wanted to add another +1 to this in case someone else is struggling.

                                                                  Anything ICMP related seemed to work fine (ping, trace route etc) but no web, ssh, telnet, etc.

                                                                  under System / Advanced / Networking; disabled Hardware Checksum Offloading, saved the setting and everything seems to have sprung into life again.

                                                                  pfsense: 2.4.4-RELEASE-p3
                                                                  vm host: ubuntu 16.04.6
                                                                  using KVM and virtio NICs

                                                                  1 Reply Last reply Reply Quote 0
                                                                  • O
                                                                    openaspace @Bullz3y3 last edited by

                                                                    @Bullz3y3 Hello..
                                                                    here same situation... really frustrating..

                                                                    I have tried any kind of network card in proxmox.. can't reach internet from the virtual lan.

                                                                    If start all lan virtual machines and I reboot the pfsense.. all works.. if i restart a lan VM with pfesense running, no internet connection...

                                                                    ooh s***!!!

                                                                    1 Reply Last reply Reply Quote 0
                                                                    • Derelict
                                                                      Derelict LAYER 8 Netgate last edited by

                                                                      My entire lab is in proxmox. Works absolutely fine.

                                                                      It is key to disable the checksum offloads or you won't be able to pass traffic reliable becasue the checksums will fail due to the way the networking stack in proxmox/kvm works. This is not an uncommon requirement in other hypervisors either.

                                                                      Screen Shot 2019-11-06 at 6.35.12 AM.png

                                                                      Chattanooga, Tennessee, USA
                                                                      The pfSense Book is free of charge!
                                                                      DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
                                                                      Do Not Chat For Help! NO_WAN_EGRESS(TM)

                                                                      1 Reply Last reply Reply Quote 0
                                                                      • O
                                                                        openaspace last edited by openaspace

                                                                        But it is the first setting that i have made on pfsense after installation..
                                                                        I have tried to change the network type..and nothing.. and the fact is that this error replicate in any other proxmox host installation....

                                                                        go go jasango pro - System  Advanced  Networking.jpg

                                                                        1 Reply Last reply Reply Quote 0
                                                                        • Derelict
                                                                          Derelict LAYER 8 Netgate last edited by

                                                                          I do not have such problems. Those settings should only be needed on guests that actually pass traffic through them.

                                                                          I have never needed to do anything special on guests that simply transmit and receive traffic on one interface (Linux, Windows, FreeBSD, etc).

                                                                          Screen Shot 2019-11-06 at 6.50.15 AM.png

                                                                          Chattanooga, Tennessee, USA
                                                                          The pfSense Book is free of charge!
                                                                          DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
                                                                          Do Not Chat For Help! NO_WAN_EGRESS(TM)

                                                                          1 Reply Last reply Reply Quote 1
                                                                          • O
                                                                            openaspace last edited by

                                                                            px - Proxmox Virtual Environment.jpg

                                                                            1 Reply Last reply Reply Quote 0
                                                                            • Derelict
                                                                              Derelict LAYER 8 Netgate last edited by

                                                                              No idea about e1000. I always use virtio.

                                                                              I do know that these checksum issues were completely absent in XenServer when you disabled PV NICs but you had to tweak the VM interfaces to not use checksums if you used PV NICs so what you have might behave completely different from what I am doing.

                                                                              Chattanooga, Tennessee, USA
                                                                              The pfSense Book is free of charge!
                                                                              DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
                                                                              Do Not Chat For Help! NO_WAN_EGRESS(TM)

                                                                              O 1 Reply Last reply Reply Quote 0
                                                                              • O
                                                                                openaspace last edited by

                                                                                e1000 is only one of the test changing ethernet card type.
                                                                                I was using virtio first.. same problem

                                                                                1 Reply Last reply Reply Quote 0
                                                                                • O
                                                                                  openaspace last edited by

                                                                                  if I apply the reboot with re-run startup sequences all works newly in the lan...
                                                                                  really strange

                                                                                  1 Reply Last reply Reply Quote 0
                                                                                  • O
                                                                                    openaspace @Derelict last edited by

                                                                                    @Derelict installed now windows 10, and don't have the network problem that affect linux vps...

                                                                                    1 Reply Last reply Reply Quote 0
                                                                                    • First post
                                                                                      Last post