[Real world case, Sharing] Seems it's ok to run pfSense on VMware Workstation
-
Just want to share some points here, regarding to running pfSense within VMware Workstation.
I think this is the ultimate solution for home users like me, I started using it two weeks ago on a similar setup and I have no plans to dedicate a PC for a router/firewall even if its so handy like pfsense.
my HTPC is already running 24/7 because i have freenas mapped to two physical WD red hard drives for backup/Plex/Torrent.the HTPC is very old but its sporting i7 920 with 18GB RAM, i have dedicated 10GB RAM to freenas and only 1GB to pfsense firewall, it seems like its very stable no matter what i did to abuse it and the performance is far better than my costly asus AC66U router.
the new setup is ISP fiber box >> HTPC win8.1 WAN NIC >> PFsense on VMware workstation 12 >> HTPC LAN NIC >> Asus AC66U router now acting as Access point.
so all my machines are connected over WIFI or router's Gigabit switchports and getting the IP address from PFsense VM…i can't be happier as the router has 600MHz single core processor with 256 MB RAM and my PFsense VM is rocking i7 2.6Ghz quad core with 1GB RAM, plus i now have squid3 in transparent mode cacheing to a RAMDISK, not to mention the add blocker and all the other PXE goodies that comes with PFsense.....just started exploring ;D
Nice to see that I'm not the only one doing this haha.
Your solution looks great to me ;D
Just thinking, since you are exploring and adding more packages, I would suggest you to give pfSense a bit more ram ;) especially for squid, a bit more ram the better the performance generally. Also if you are thinking make use of Snort in pfSense, add much more ram for that. It is ram hunger. But for home use, i7 is definitely more than enough I think ;)
-
I have been running pfsense on vm for quite some time.. As a home/lab solution it really does rock.. If you want to use a type 2 hypervisor ok, but its better with 1 if you ask me.. Take your box and use your fav hypervisor, be it hyper-v, esxi, xen, whatever.
Advantages I see, biggest one is ability to take snapshots for when you want to play with a package or update or run snapshot versions. Also since my router is in vm, I can switch that out with another vm whenever want to really easy.. No wires to move, my public IP doesn't even change since I just use the same mac on the new vm.. Shutdown old vm, boot new vm there you go playing with a new router distro be it beta snapshot of pfsense latest and greatest or some distro.
-
I have been running pfsense on vm for quite some time.. As a home/lab solution it really does rock.. If you want to use a type 2 hypervisor ok, but its better with 1 if you ask me.. Take your box and use your fav hypervisor, be it hyper-v, esxi, xen, whatever.
Advantages I see, biggest one is ability to take snapshots for when you want to play with a package or update or run snapshot versions. Also since my router is in vm, I can switch that out with another vm whenever want to really easy.. No wires to move, my public IP doesn't even change since I just use the same mac on the new vm.. Shutdown old vm, boot new vm there you go playing with a new router distro be it beta snapshot of pfsense latest and greatest or some distro.
These are definitely nice advantages :D
Only problem that stops me from using esxi instead of VM Workstation is, I won't be able to control/use the laptop directly, since with esxi, the screen will only display configuration interface :-\But type 1 would be better for firewall I agree with that, especially from performance perspective I guess.
-
I have been running pfsense on vm for quite some time.. As a home/lab solution it really does rock.. If you want to use a type 2 hypervisor ok, but its better with 1 if you ask me.. Take your box and use your fav hypervisor, be it hyper-v, esxi, xen, whatever.
Advantages I see, biggest one is ability to take snapshots for when you want to play with a package or update or run snapshot versions. Also since my router is in vm, I can switch that out with another vm whenever want to really easy.. No wires to move, my public IP doesn't even change since I just use the same mac on the new vm.. Shutdown old vm, boot new vm there you go playing with a new router distro be it beta snapshot of pfsense latest and greatest or some distro.
These are definitely nice advantages :D
Only problem that stops me from using esxi instead of VM Workstation is, I won't be able to control/use the laptop directly, since with esxi, the screen will only display configuration interface :-\But type 1 would be better for firewall I agree with that, especially from performance perspective I guess.
well, in ESXi (and XEN, and KVM…)you can use a GPU in passthrough mode (and an USB port at least, for keyboard & mouse), and use a virtual machine as your main workstation, That's what I do (and many other people). From that same virtual machine you can control all vmware tools&apps.
Apart from that, I was wondering about running pfsense in virtualbox, ¿is that posible? If it runs ok in vmware workstation, there's no reason why not in virtual box.
One question, which USB3/gigabit ethernet adapters are you using?
-
¿is that posible?
Yes. Lots of people run pfSense inside VirtualBox.
-
well, in ESXi (and XEN, and KVM…)you can use a GPU in passthrough mode (and an USB port at least, for keyboard & mouse), and use a virtual machine as your main workstation, That's what I do (and many other people). From that same virtual machine you can control all vmware tools&apps.
Apart from that, I was wondering about running pfsense in virtualbox, ¿is that posible? If it runs ok in vmware workstation, there's no reason why not in virtual box.
One question, which USB3/gigabit ethernet adapters are you using?
Thanks for sharing! That's Cool!
Do you have any tutorial/guide links? It's first time I hear it :) The power of sharing haha :D
Yes, as KOM said, it is possible, also I've ran pfSense in Virtualbox before, it was working fine.Edit: Sorry, forget to tell which USB adapter. It's UGreen, chip is ASIX AX88179 USB 3.0 Gigabit Ethernet Adapter.
-
well, in ESXi (and XEN, and KVM…)you can use a GPU in passthrough mode (and an USB port at least, for keyboard & mouse), and use a virtual machine as your main workstation, That's what I do (and many other people). From that same virtual machine you can control all vmware tools&apps.
Apart from that, I was wondering about running pfsense in virtualbox, ¿is that posible? If it runs ok in vmware workstation, there's no reason why not in virtual box.
One question, which USB3/gigabit ethernet adapters are you using?
thanks for this tip…now i know am very rusty.
i hope you or anyone can answer few of my questions: pleaaaase1-Dose the passthrough option require especial processor support like VT-d
2- can i also passthrough digital audio via SPDIF port?
3- if the GPU is built-in within the processor, will that be a problem or i can still use it in passthrough mode?
4-where do you install the ESXI hypervisor, on a USB or directly to the SSD where the other vms reside?got the answer to this, i installed esxi6 on a vm and i can see that it allows me to add the same ssd as storage to install my other vms.
I tried esxi5 when my reg was new and I ran into compatibility issues with my Realtek 8168 nic card, it did not detect it easily. i hope i will have better luck with esxi6 -
well, in ESXi (and XEN, and KVM…)you can use a GPU in passthrough mode (and an USB port at least, for keyboard & mouse), and use a virtual machine as your main workstation, That's what I do (and many other people). From that same virtual machine you can control all vmware tools&apps.
Apart from that, I was wondering about running pfsense in virtualbox, ¿is that posible? If it runs ok in vmware workstation, there's no reason why not in virtual box.
One question, which USB3/gigabit ethernet adapters are you using?
thanks for this tip…now i know am very rusty.
i hope you or anyone can answer few of my questions: pleaaaase1-Dose the passthrough option require especial processor support like VT-d
2- can i also passthrough digital audio via SPDIF port?
3- if the GPU is built-in within the processor, will that be a problem or i can still use it in passthrough mode?
4-where do you install the ESXI hypervisor, on a USB or directly to the SSD where the other vms reside?got the answer to this, i installed esxi6 on a vm and i can see that it allows me to add the same ssd as storage to install my other vms.
I tried esxi5 when my reg was new and I ran into compatibility issues with my Realtek 8168 nic card, it did not detect it easily. i hope i will have better luck with esxi6Nice questions, I would like to know the answer for that as well :)
-
Nice questions, I would like to know the answer for that as well :)
unfortunately, the advanced configuration options are not supported if you install the hypervisor on VMware workstation 12, I have to do a bare-metal installation on a compatible hardware which I don't have ATM.
i still have few months to research it until I upgrade to Skylake setup.initial thoughts:
the hypervisor consumes about 1.3 GB ram and it will hold my HTPC, freeNas and PFsense as vms, which makes me wonder if the performance and manageability boost really worth it.
looks like my setup requires 32GB of RAM!! -
Nice questions, I would like to know the answer for that as well :)
unfortunately, the advanced configuration options are not supported if you install the hypervisor on VMware workstation 12, I have to do a bare-metal installation on a compatible hardware which I don't have ATM.
i still have few months to research it until I upgrade to Skylake setup.initial thoughts:
the hypervisor consumes about 1.3 GB ram and it will hold my HTPC, freeNas and PFsense as vms, which makes me wonder if the performance and manageability boost really worth it.
looks like my setup requires 32GB of RAM!!Yea, I know. I was just thinking if I can use the machine directly with hypervisor installed then I might give a try on it.
Hypervisor like ESXI itself will only require several hundred MB RAM if I remembered right :)
-
This looks very promising, when I get my new reg, i will try this first then ESXI and my last option is the same windows 10 host with guest VMs.
https://youtu.be/LuJYMCbIbPk
-
This looks very promising, when I get my new reg, i will try this first then ESXI and my last option is the same windows 10 host with guest VMs.
https://youtu.be/LuJYMCbIbPk
Ummm, looks interesting, that's something new to me :)
Thanks! ;D