PF2.2 on Xen PVHVM: VLANs, MTU, workarounds?
-
Since the FreeBSD 10.1 kernel doesn't provide VLAN on xn* interfaces, using VLANs in PF2.2 running on Xen doesn't work. There's a 3-years old workaround in https://forum.pfsense.org/index.php/topic,37693.0.html , as well as a still dormant bug report in https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=195978 , which won't help me much.
Question 1: There have been rumours that VLAN tagging is disabled because there are MTU issues in xen netfront FreeBSD 10 drivers, I couldn't find any bug reports about this. Does anybody know more about that?
Question 2: I've been waiting for a long time for PVHVM support in PF/FreeBSD for improved LAN throughput, and have to realize that it's probably quite a while away. Even worse, I can't upgrade to the most recent version since it will break my setup. There have been hints to use the fully virtualized NICs (em*) instead, which would give me back the upgrade path, but no hint how to achieve this. So: How to disable the PV drivers xn* so em* are used?
Regards,
Andreas -
Well I know that disabling tx offloading will make Pf2.2 work in general, with quite some performance improvement over 2.1. Apparently, it's not pf that drops the packet (it won't work whether pf is enabled or not), instead a tcpdump in Dom0 shows that packets are leaving the pfSense vif with wrong checksums, which are not accepted by the target VM.
Still, disabling tx offloading doesn't fix the VLAN issue.
-
@johnkeates:
You can circumvent this using VLAN interfaces and hanging those in a VLAN bridge, or disable VirtIO and use HVM network devices which do support NIC VLAN'ing.
That's exactly my question: how to disable virtio xn* interfaces.