Anyone successfully running pfsense??

totalimpact

Member
Dec 12, 2010
122
13
18
I am having stability issues on mine, pve 5.0-23, pfsense v2.4.3, any ideas??

My main firewall died last weekend, and having a R720 with 4 nics, as a temporary fix, I loaded a pfsense VM and was online... but after a random time, sometimes a couple days, sometimes 8 hours, the WAN gateway shows unreachable, I still have full access to the LAN side and a couple VLANs on the LAN port.

It never did this on the physical hardware, Atom+ 4GB RAM, running ifconfig down/up on the WAN in the vm brings it back online. I have 2 virtio nics, 3GB RAM, 2x cores. I doubled the RAM/CPU last night and am hoping that helps. That setup let me max out my cable modem at 300/30.

Here is the trick to get it working in case anyone else wants to try it:

Create a new bridge in proxmox (vmbr1)with no IP assigned, and add a dedicated port to it that will plug directly in to the ISP. I then put the 1st nic of the VM on vmbr0, and the 2nd on vmbr1, assigned the static IP to the WAN nic and it is online.

In pfsense I had to disable Hardware Checksum Offloading under Advanced>Networking to get it to be stable, otherwise a lot of inbound port forwards did not work.

I probably wont have new hardware for the firewall until next week, so hoping for any tips to get me by until then without a lot of outages.

VM conf:
Code:
balloon: 0
bootdisk: virtio0
cores: 4
ide2: none,media=cdrom
memory: 6000
name: Router
net0: virtio=CA:C7:C3:28:CD:AE,bridge=vmbr0
net1: virtio=AA:10:79:E1:F2:60,bridge=vmbr9
numa: 0
onboot: 1
ostype: other
protection: 1
scsihw: virtio-scsi-pci
smbios1: uuid=f48ccf47-1ddf-4080-a86d-571b5ef5f5c5
sockets: 1
startup: order=1
virtio0: VMStore1:102/vm-102-disk-2.qcow2,size=10G
 

Michel V

Member
Jul 5, 2018
31
1
8
120
No help just confirm:
I have a VM with pfsense running, but can confirm that stability is unfortunately not great. I get a random (sometimes weeks, sometimes days) drop of network traffic.
 

jkalousek

Member
Aug 28, 2016
40
0
6
27
I have pfsense running as VM over a 1,5 year and never had any problem with it.

My config (processor Default kvm64):
proxmox-pfsense.JPG

Options:
proxmox-pfsense2.JPG
 

jkalousek

Member
Aug 28, 2016
40
0
6
27
I have:
Hardware Checksum Offloading: unchecked (enabled)
Hardware TCP Segmentation Offloading: checked (disabled)
Hardware Large Receive Offloading: checked (disabled)

I have that option ticked/enabled (System>Advanced>Networking)
I thing that you have it backwards. When the option is ticked/checked the feature is disabled. (or I just misunderstand you and you meant the checkbox itself :) )
 

jkalousek

Member
Aug 28, 2016
40
0
6
27
damn...so still not solved :mad:
What HW nics are you using?
Right now I have uptime 10 days from last proxmox update and restart and pfsense has transfered ~435 GB without errors on any of the interfaces so I can say that pfsense can be stable on proxmox. I also have three vpn tunnels which I would know immediately if some of them went down, within like 5 minutes because of constant checks on intranet and internet.
 

Michel V

Member
Jul 5, 2018
31
1
8
120
I thing that you have it backwards. When the option is ticked/checked the feature is disabled. (or I just misunderstand you and you meant the checkbox itself :) )
Sorry, my bad. I have it ticked, so the option is to disable.

@TwiX: I am not an expert, just followed the instructions there....
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE and Proxmox Mail Gateway. We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!