Can pfSense on a VM handle Gigabit Internet link?



  • I have been running pfSense in a VM as my firewall / router for a while now. I used to a 115/20 internet link. I recently got upgraded to a Gigabit link. I was wondering if pfSense running on a VM (all NICs are Intel Gigabit NICs) is capable of handling the gigabit link or if I need to purchase one of the appliances? If purchase an appliance, then which one?

    Thanks and Cheers



  • That depends on the hardware & type of hypervisor



  • I am running a ESXi 6.0 on a HP Gen8 Proliant Microserver with 12GB RAM. All NICs on the server are Intel Gigabit NICs. The VM has 1GB of RAM and 1 vCPU. I can grant it more resources if needed. Currently, I am only using pfSense as simple firewall. Down the line I will probably look into using other features like VPN and Squid, etc.





  • Per the hardware requirements page (https://www.pfsense.org/hardware/#requirements), even on bare metal, in order to get over 500 Gbit, you need:

    Multiple cores at > 2.0GHz are required. Server class hardware with PCI-e network adapters.

    So, I would go multiple cores, 4GB RAM and a 64 bit install to start with.

    Also, I've seen posts that suggest unless you're using the VMXNET3 driver you will see a ~400 Mbit limit.

    It may also be worth mentioning that since you have an HP server and using ESXi, you might want to re-install with the HP specific ESXi image, so all the drivers are VMware certified.  It may or may not make a difference, but it's just a thought.