Search results

yes high availability is important.

we have pf running on hardware [ for over 15 years ] we are getting a new WAN connections and want to try pf as a kvm. so I want to have our port forwards done same as on hardware. I have done that in the past. this time instead of connecting WAN to a hardware port on one pve node , I...

Hello lixaotec, I am trying to get pfsense to work as a kvm , and having nat difficulties . Did you end up getting pfsense to work as a KVM? thanks.

all set - I had to add rules. I just copied lan rules... so i'll try to make a lan group for rules. thanks again!

the vmbr on pve and switch are set to vlan aware. I tried both add nics and and just defining vlans. I could have done those wrong. I have tried adding gateways per vlan and not. I suspect the issue is with switch settings , however linux vm's work with ping and ssh from other vlans...

Hello I have a testing pfsense vm running as a kvm. The issue we have is that the pfsense kvm is not reachable on lan from other then one vlan. so from workstations on a different vlan - pf can not be reached using http or ssh. all other linux vm's are reachable. it runs on this...

we want prioritize network traffic at our switch . it uses cumulus linux and can prioritize traffic based on 802.1q . that way from the KVM phone system just voip / voice would get a different value then rsync backups. coming from pve , backups would get a lower value then other types of...

and pfsense plugs in here at switch. lacp is not set up yet due to a bug auto swp24 iface swp24 bridge-pvid 2

this is how the bond and bridge is set up at switch. note lacp lag is used to the pair of switches: auto bond2 iface bond2 alias bond2 on swp2 bond-miimon 100 bond-mode 802.3ad bond-slaves swp2 bond-xmit-hash-policy layer2+3 bridge-pvid 10 clag-id 2 #bridge-vids...

I think just one vmbr would be needed on pve? then vlans assigned at vm config at pve screen. or could you give me an example of using multiple vmbrs in interface file format?

"Then why not either have multiple NICs assigned to the pfsense VM with the VLAN tags set?" yes that is what we will do. we'll set ip the wan and lan vlans to be used by pfsense at the bridge on the switch and just tag the vlans in vm config. I thought it would work and was just wanted to...

Hello Aaron, we are using vmal-aware . here is interfaces: iface lo inet loopback auto eno1 iface eno1 inet manual auto enp5s0f1 iface enp5s0f1 inet manual auto enp3s0f0 iface enp3s0f0 inet manual auto enp3s0f1 iface enp3s0f1 inet manual iface enp2s0f0 inet manual iface enp2s0f1 inet...

Hello, I am looking at this: https://pfsense-docs.readthedocs.io/en/latest/virtualization/virtualizing-pfsense-with-proxmox.html we have a 7 node cluster. the nodes connect to a pair of cumulus linux switches using LACP . there is a bridge at switches with bonds and switch-ports assigned...

Is anyone familiar with mlag configuration on cumulus? we re looking for clagd configuration examples and advice.

also - we are really just starting out to set up the two switches. static routing link was good for connection to other switches. now we are working on connections for ceph storage network and vm's . so we are using these and guidance from Nvidia tech support: mlag...

for out case we'll be using this: https://docs.cumulusnetworks.com/cumulus-linux-42/Layer-3/Routing/Static-Routing/

disabling UFW at the target fixes traceroute . network does seem to be the cause of overload causes service issues. we are in the process of upgrading hardware from 1G to Mellanox 25G nics and 40G switch. so until the upgrade is done , we'll limit some of the high bandwith clients...

Hello Stoiko, thank you for the reply! '- what path do the packets take? (`ip route get 10.1.3.14` run on the same prompt should tell you)' : from a pve node # ip route get 10.1.3.14 10.1.3.14 via 10.1.10.1 dev vmbr0 src 10.1.10.3 uid 0 from a desktop # ip route get 10.1.3.14 10.1.3.14 via...

using -I on traceroute works : # traceroute -I mail traceroute to mail (10.1.3.14), 30 hops max, 60 byte packets 1 mail.fantinibakery.com (10.1.3.14) 0.315 ms * *

so we just use vmbr0 and tak vms like this: net0: virtio=F6:BC:CB:79:8D:3E,bridge=vmbr0,tag=3