Someone running OPNsense 22.1 inside a VM?

[Dunuin]

Hi,

Did someone else upgraded a OPNsense VM from 21.7.8 to 22.1? After upgrading to 22.1 I can't shutdown the VM anymore because the VM gets stuck with 100% CPU utilization and I need to hard "Stop" that VM. Console then looks like this until I forcefully Stop it:


VM Config is this:

agent: 0
boot: order=ide2;scsi0
cores: 1
cpu: host,flags=+pcid;+spec-ctrl;+ssbd;+aes
ide2: none,media=cdrom
memory: 1024
name: FFR
net0: virtio=22:9B:DF:3D:37:C6,bridge=vmbr3
net1: virtio=8E:CF:D7:09:2F:C1,bridge=vmbr47
numa: 0
ostype: other
rng0: max_bytes=2048,source=/dev/urandom
scsi0: VMpool_VLT_VM:vm-119-disk-0,discard=on,iothread=1,size=16G,ssd=1
scsi1: VMpool_VLT_VM:vm-119-disk-1,size=4G,ssd=1
scsihw: virtio-scsi-single
smbios1: uuid=6d4811cc-60ab-4630-bed2-679a4c3f44a7
sockets: 1
startup: order=1
vmgenid: 9d8f6f94-ff56-4fdc-b37e-fceec6de16e8
vmstatestorage: VMpool7_VMSS

Would be nice to hear if that is working on your servers. Not sure if that is just a problem with the guest itself or a general problem with KVM and FreeBSD 13.

I also asked in the OPNsense forum, but no one answers me there so far.

 

[birdy]

Did someone else upgraded a OPNsense VM from 21.7.8 to 22.1?

I did upgrade from 21.7.8 to 22.1 last week. No issues regarding reboot/shutdown, neither from Proxmox or from within OPNsense.

I am running the QEMU agent in OPNsense though (and you are not if I see that correctly).

agent: 1
boot: order=scsi0
cores: 1
cpu: host
description: OPNSense
memory: 1024
name: eagle
net0: virtio=0E:F7:01:B1:67:F8,bridge=vmbr1,firewall=1
net1: virtio=7A:30:CF:57:D3:DD,bridge=vmbr1,firewall=1,tag=254
net2: virtio=4E:31:A4:27:7B:BF,bridge=vmbr1,firewall=1,tag=200
net3: virtio=06:91:93:D1:1A:30,bridge=vmbr1,firewall=1,tag=100
net4: virtio=0E:4B:66:C4:86:85,bridge=vmbr1,firewall=1,tag=201
numa: 0
onboot: 1
ostype: l26
parent: update221
scsi0: local-zfs:vm-100-disk-0,discard=on,size=32G
scsihw: virtio-scsi-pci
smbios1: uuid=a1e1f6f8-ea39-4126-91b2-d33d9e3b2965
sockets: 1
startup: order=1
tablet: 0
vmgenid: 96236380-1086-44b6-bf5a-760da4778435

 

[Dunuin]

Thanks, thats good to hear. Then I will try changing some VM configs and disableing some OPNSense plugins.

 

[vesalius]

Try adding and setting up the os-qemu-guest-agent plugin in OPNsense then enable the Guest agent under the Proxmox VM options. Like @birdy this setup also works for me with my OPNsense 22.1 vm.

 

[Dunuin]

I originally did that. Just disabled it because shutdown wasn't working. Shutdown doesn'T work with ACPI from host, guest agent from host and not using shutdown command from inside the VM.
I also can't see any logs because syslog-ng process is shutting down too when the VM is shutting down. And as seen in the screenshot the console isn't showing a error message.

 

[Nyana]

Hi ... I'm new at Proxmox .. is it realy safe to run the Firewall in VM ?
I don't really understand, if I use the OPNSense Hardware as Proxmox Server - which LAN Port I still needed as real one and what I only need virtualized ..?

Now I've 1x LAN / 1x Wan and 4x unused Lan-ports physical .... how can i safely virtualize it?