PfSense Guest Notes: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
| (2 intermediate revisions by one other user not shown) | |||
| Line 7: | Line 7: | ||
* Create a new VM: | * Create a new VM: | ||
** CPU: dual-socket or dual-core | ** CPU: dual-socket or dual-core | ||
*** '''IMPORTANT:''' cpu type 'default kvm64' works, but if pfSense does not boot try 'qemu64' instead. | *** '''IMPORTANT:''' cpu type 'default kvm64' works, but if pfSense does not boot try 'qemu64' instead.<br />Alternatively do the following:<br />Either by escaping to boot prompt and run: | ||
**** set hw.mca.enabled=0 | |||
**** boot | |||
**** Or start with CPU emulation qemu64 | |||
***After successful boot: echo "hw.mca.enabled=0" >> /boot/loader.conf.local<br />Above fix means that any CPU model can be used (verified on Opteron). Documentation here -> [https://forum.pfsense.org/index.php?topic=30593.0 pfSense forum] | |||
** RAM: 512 MB (minimum) | ** RAM: 512 MB (minimum) | ||
** Network: 2 or more Virtio (bridged) | ** Network: 2 or more Virtio (bridged) | ||
| Line 13: | Line 17: | ||
** Add pfSense-LiveCD-2.2-RELEASE-amd64.iso ISO as an optical drive | ** Add pfSense-LiveCD-2.2-RELEASE-amd64.iso ISO as an optical drive | ||
** Options, '''use tablet for pointers: No''' (you don't have to use mouse to manage it, if disabled reduces interrupts) | ** Options, '''use tablet for pointers: No''' (you don't have to use mouse to manage it, if disabled reduces interrupts) | ||
==Network Virtio consideration== | ==Network Virtio consideration== | ||
In the guest network interfaces names are like 'vtnetX' | In the guest network interfaces names are like 'vtnetX' | ||
'''IMPORTANT:''' Enter the web GUI and go in System > Advanced > Networking and flag '''Disable hardware checksum offload'''. If you don't do it layer3 traffic from lan to wan will not work, or will be really slow (but traffic to/from the firewall will work fine) | '''IMPORTANT:''' Enter the web GUI and go in System > Advanced > Networking and flag '''Disable hardware checksum offload'''. If you don't do it layer3 traffic from lan to wan will not work, or will be really slow (but traffic to/from the firewall will work fine: see the pf sense wiki about virtio for details https://doc.pfsense.org/index.php/VirtIO_Driver_Support ) | ||
Latest revision as of 11:12, 17 December 2015
Tweaks and tips for better performance with pfSense >= 2.2 on Proxmox >= 3.4.
- Note: This has been tested with pfSense 2.2 and Proxmox 3.4 (qemu 2.1)
Create VM
- Download the pfSense 2.2 amd64 "Live CD with installer" ISO .gz (from here), extract (gunzip) and transfer the ISO to your Proxmox server.
- Create a new VM:
- CPU: dual-socket or dual-core
- IMPORTANT: cpu type 'default kvm64' works, but if pfSense does not boot try 'qemu64' instead.
Alternatively do the following:
Either by escaping to boot prompt and run:- set hw.mca.enabled=0
- boot
- Or start with CPU emulation qemu64
- After successful boot: echo "hw.mca.enabled=0" >> /boot/loader.conf.local
Above fix means that any CPU model can be used (verified on Opteron). Documentation here -> pfSense forum
- IMPORTANT: cpu type 'default kvm64' works, but if pfSense does not boot try 'qemu64' instead.
- RAM: 512 MB (minimum)
- Network: 2 or more Virtio (bridged)
- Create a 8GB primary disk, Virtio (scsi, qcow2)
- Add pfSense-LiveCD-2.2-RELEASE-amd64.iso ISO as an optical drive
- Options, use tablet for pointers: No (you don't have to use mouse to manage it, if disabled reduces interrupts)
- CPU: dual-socket or dual-core
Network Virtio consideration
In the guest network interfaces names are like 'vtnetX'
IMPORTANT: Enter the web GUI and go in System > Advanced > Networking and flag Disable hardware checksum offload. If you don't do it layer3 traffic from lan to wan will not work, or will be really slow (but traffic to/from the firewall will work fine: see the pf sense wiki about virtio for details https://doc.pfsense.org/index.php/VirtIO_Driver_Support )