[SOLVED] kvm pfsense proxmox

G

geos_one

Renowned Member
Aug 28, 2014
32
0
71
I have a setup of proxmox whehre as a vm pfsense is running as the main gateway.
but proxmox can't use (ping) this vm or use it for update.
what needs to be changed to get the proxmox host to use the vm as gateway ?

Solved:
the problem was a bug in freebsd or virtio drivers
you have to switch off the tx offload for the vmbr where pfsense connects too.
https://forum.pfsense.org/index.php?topic=88858.0
 
Last edited:
geos_one said:
I have a setup of proxmox whehre as a vm pfsense is running as the main gateway.
but proxmox can't use (ping) this vm or use it for update.
what needs to be changed to get the proxmox host to use the vm as gateway ?

thx in av
Mario
Click to expand...

Hi, I use pfSense and Proxmox in development and production environments. My pfSense boxes are physical servers but I do have quite a lot of experience with it.

What is your network set up exactly?

I would assume you are presenting two or more virtual NIC's to the pfSense VM, one for LAN, one for WAN? (Or your LAN is a trunk carrying multiple VLAN's?)

I would also guess that your pfSense LAN side is on the same network as the proxmox hosts, or on a network that is routable from the network that the proxmox hosts are on?
 
you are right one linux bridge vmbr0 as lan its also the bridge that has the ip assigned of the proxmox host and one vmbr1 that has no ip assigned as wan device.
all the vms/hosts are on the same 172.16.1.0 subnet no vlan tagging or anything.
the other proxmox host (the one not running pfsense) can use the pfsense as a std gateway but the one where the pfsense is running could not.
 
geos_one said:
you are right one linux bridge vmbr0 as lan its also the bridge that has the ip assigned of the proxmox host and one vmbr1 that has no ip assigned as wan device.
all the vms/hosts are on the same 172.16.1.0 subnet no vlan tagging or anything.
the other proxmox host (the one not running pfsense) can use the pfsense as a std gateway but the one where the pfsense is running could not.
Click to expand...

What are you doing when you say the proxmox running pfsense cannot use the pfsense lan side as its gateway? Pinging it / setting the gateway?

Are you sure that the proxmox firewall isnt configured for the pfsense VM and is blocking comms?

Also, what virtual NIC driver are you using for pfSense? I would suggest VirtIO. I done a quick google and some people report that the Intel E1000 causes problems with inter-vm comms on the same bridge.
 
Last edited:
no the proxmox firewall is not running
yes i try ping not possible ....
the proxmox host was setup when there was still an old belkin home router (not save got hacket many times) so i setup pfsense and used the same ip as this old router (not present was trashed) so the routing informations on the proxmox host are still the same but now pfsrense is running as an vm on the host and connectect the lan part to the linux bridge. ecvery host in the net wks vm can use this vm router exept the proxmox host where the pfsense vm is running.
 
geos_one said:
no the proxmox firewall is not running
yes i try ping not possible ....
the proxmox host was setup when there was still an old belkin home router (not save got hacket many times) so i setup pfsense and used the same ip as this old router (not present was trashed) so the routing informations on the proxmox host are still the same but now pfsrense is running as an vm on the host and connectect the lan part to the linux bridge. ecvery host in the net wks vm can use this vm router exept the proxmox host where the pfsense vm is running.
Click to expand...

What virtual NIC driver are you using for pfSense? I would suggest VirtIO. I done a quick google and some people report that the Intel E1000 causes problems with inter-vm comms on the same bridge.
 
looks good is running in virtio drivers.

virtio_pci0: <VirtIO PCI Balloon adapter> port 0xc080-0xc09f irq 11 at device 3.0 on pci0
vtballoon0: <VirtIO Balloon Adapter> on virtio_pci0
virtio_pci0: host features: 0x71000002 <EventIdx,RingIndirect,NotifyOnEmpty,StatsVq>
virtio_pci0: negotiated features: 0
virtio_pci1: <VirtIO PCI Console adapter> port 0xc0a0-0xc0bf mem 0xfc032000-0xfc032fff irq 10 at device 9.0 on pci0
virtio_pci2: <VirtIO PCI Block adapter> port 0xc000-0xc03f mem 0xfc033000-0xfc033fff irq 10 at device 10.0 on pci0
vtblk0: <VirtIO Block Adapter> on virtio_pci2
virtio_pci2: host features: 0x71000ed4 <EventIdx,RingIndirect,NotifyOnEmpty,ConfigWCE,Topology,WriteCache,SCSICmds,BlockSize,DiskGeometry,MaxNumSegs>
virtio_pci2: negotiated features: 0x10000a54 <RingIndirect,ConfigWCE,WriteCache,BlockSize,DiskGeometry,MaxNumSegs>
vtblk0: 131072MB (268435456 512 byte sectors)
virtio_pci3: <VirtIO PCI Network adapter> port 0xc0c0-0xc0df mem 0xfc034000-0xfc034fff irq 10 at device 18.0 on pci0
vtnet0: <VirtIO Networking Adapter> on virtio_pci3
virtio_pci3: host features: 0x79bfffe7 <EventIdx,RingIndirect,0x8000000,NotifyOnEmpty,SetMacAddress,GuestAnnounce,RxModeExtra,VLanFilter,RxMode,ControlVq,Status,MrgRxBuf,TxUFO,TxTSOECN,TxTSOv6,TxTSOv4,RxUFO,RxECN,RxTSOv6,RxTSOv4,TxAllGSO,MacAddress,0x4,RxChecksum,TxChecksum>
virtio_pci3: negotiated features: 0x308fbbe3 <EventIdx,RingIndirect,SetMacAddress,VLanFilter,RxMode,ControlVq,Status,MrgRxBuf,TxTSOECN,TxTSOv6,TxTSOv4,RxECN,RxTSOv6,RxTSOv4,TxAllGSO,MacAddress,RxChecksum,TxChecksum>
virtio_pci4: <VirtIO PCI Network adapter> port 0xc0e0-0xc0ff mem 0xfc035000-0xfc035fff irq 11 at device 19.0 on pci0
vtnet1: <VirtIO Networking Adapter> on virtio_pci4
virtio_pci4: host features: 0x79bfffe7 <EventIdx,RingIndirect,0x8000000,NotifyOnEmpty,SetMacAddress,GuestAnnounce,RxModeExtra,VLanFilter,RxMode,ControlVq,Status,MrgRxBuf,TxUFO,TxTSOECN,TxTSOv6,TxTSOv4,RxUFO,RxECN,RxTSOv6,RxTSOv4,TxAllGSO,MacAddress,0x4,RxChecksum,TxChecksum>
virtio_pci4: negotiated features: 0x308fbbe3 <EventIdx,RingIndirect,SetMacAddress,VLanFilter,RxMode,ControlVq,Status,MrgRxBuf,TxTSOECN,TxTSOv6,TxTSOv4,RxECN,RxTSOv6,RxTSOv4,TxAllGSO,MacAddress,RxChecksum,TxChecksum>
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back