P
puwaha
Guest
Sorry it took me so long to get back to you. I haven't had any issues with Proxmox, so I don't visit this forum very much. But here's a quick rundown:
1. Install two separate NICs to use exclusively for the IPFire VM (or any other router VM you want). You don't want to use the NIC that Proxmox or any of the other VMs use for security reasons.
2. Set them up in Proxmox but don't assign them any network information. If you do assign them network information withing Proxmox, you may expose your Proxmox system to the outside world.
3. Setup a KVM session with the guest type as Linux 2.6, and otherwise generic hardware (IDE drive, etc.). I used 512MB of memory and an 8GB harddrive size. Adjust as you see fit if you want to push IPFire harder than just a router/firewall.
4. Now the important first step, setup two emulated NICs before you launch the VM for the first time. I'd stick with the more well known emulated NICs like an e1000 or an rtl8139. You might do one of each so you can easily tell them apart in the IPFire setup... or just note the emulated MAC addresses to tell them apart.
5. You'll want to at the very least connect your "Red" connection (external WAN or internet connection) to your NIC you want to use for that connection if your Internet or WAN connection requires DHCP.
6. Run the VM and install IPFire... follow the instructions from IPFire.org as they are very detailed. If you've ever setup a linux router distro before then it's pretty straightforward.
7. After it's all setup on the emulated NICs, shutdown the IPFire VM, and modify the VM config in Proxmox to delete the emulated NICs, and add the VIRTIO NICs. Make sure that the VIRTIO NICs are only pointing to the two physical NICS that you just installed (i.e. ETH1 and ETH2). No other VMs or the Proxmox system should use these NICs. Note the MAC addresses to make it easy to tell which is which when you are back in the IPFire setup. You will only have the two VIRTIO NICs in the VM config... no other emulated NICs. If you want to experiment with DMZs or wifi connections in IPFire you can always go back later and add in extra VIRTIO NICs to accomodate those zones.
8. Boot the IPFire VM and in the console (use the Proxmox GUI not the any SSH console at this point, as there is no network setup on the VM.) You will see IPFire complain about the missing configuration and not start the core router functions. Check and see if the VIRTIO NICs installed by issuing the command "lspci" (without quotes) and see if the "Ethernet controller: Red Hat, Inc Virtio network device" is listed twice. If they are you can continue... if they aren't reboot the IPFire VM from within the VM by issuing the "reboot" command.
9. Now you are ready to run the setup again by issuing the command "setup" (without quotes) and go through the setup again and point the "Red" and "Green" networks to the appropriate NIC.
That's it.
You could do the same with any other Linux router distro that supports VIRTIO hardware... I believe the only requirement is that the distro has a 2.6 linux kernel.