pfsense vm creation help

luca2

By luca2
in VM Engine (KVM)

Recommended Posts

DZMM Proficient

DZMM

Posted
Posted

There's some weird behaviour with pfsense.  For some (including me initially) pfsense wouldn't install with anything greater than Q35-2.6....however , after hammering away at it I did get pfsense Q35-2.11 to work but no idea how as it made no sense.  This thread will help

 

 

Link to comment
luca2 Enthusiast

luca2

Posted
  • Author
Posted
8 minutes ago, DZMM said:

There's some weird behaviour with pfsense.  For some (including me initially) pfsense wouldn't install with anything greater than Q35-2.6....however , after hammering away at it I did get pfsense Q35-2.11 to work but no idea how as it made no sense.  This thread will help

 

 

 

Link to comment
luca2 Enthusiast

luca2

Posted
  • Author
Posted
I run unraid 6.4. Tried several and only "q35-2.6" worked.
Thx.
Hi, my quad-intel-nic still not arrived. But I am reading niw on how to set it up.
A quick question. I am planning on assigning the Intel nic to this VM (passthrough). So, how should I proceed (right after starting the VM for the first time and first setup)?
I guess I need to:
-assign 1 of the 4 ports to the wan(but where do I setup this .. in unraid>network settings?
-assign another port of the nic to the lan
Maybe someone already posted a guide for doing this in a VM in unraid?
Rgds
Link to comment
DZMM Proficient

DZMM

Posted
Posted
4 minutes ago, luca2 said:

Hi, my quad-intel-nic still not arrived. But I am reading niw on how to set it up.
A quick question. I am planning on assigning the Intel nic to this VM (passthrough). So, how should I proceed (right after starting the VM for the first time and first setup)?
I guess I need to:
-assign 1 of the 4 ports to the wan(but where do I setup this .. in unraid>network settings?
-assign another port of the nic to the lan
Maybe someone already posted a guide for doing this in a VM in unraid?
Rgds

you just assign the nic in unraid settings and then when the vm starts up it will see the nic and you can run through the standard pfsense setup

  • Like 1
Link to comment
joelones Enthusiast

joelones

Posted
Posted (edited)

I just did a pfSense install myself in a VM. I used q35-2.6 and the install was trouble free.

 

I'm assuming you want to pass the whole quad NIC to pfsense (all four ports) correct? If this is the case, then you'd be better off passing through the whole controller. You'll need to run the following command and see if the quad nic is in it's own IOMMU group: 

for iommu_group in $(find /sys/kernel/iommu_groups/ -maxdepth 1 -mindepth 1 -type d);do echo "IOMMU group $(basename "$iommu_group")"; for device in $(\ls -1 "$iommu_group"/devices/); do if [[ -e "$iommu_group"/devices/"$device"/reset ]]; then echo -n "[RESET]"; fi; echo -n $'\t';lspci -nns "$device"; done; done

If so, copy & paste the identifier between brackets [] and append it to /boot/syslinux/syslinux.cfg file:

  

label unRAID OS
  menu default
  kernel /bzimage
  append vfio-pci.ids=IDENTIFIER ...

Then reboot and you should see the four ports in "Other PCI Devices:", then start VM and  proceed with the standard pfsense installation. pfSense should see the Intel quad nic at that point and you can assign WAN, LAN interfaces.

 

On another note, I've yet to try it but does the pfsense VM respond to the Stop gui command?

 

Edited by joelones
Link to comment
luca2 Enthusiast

luca2

Posted
  • Author
Posted
I just did a pfSense install myself in a VM. I used q35-2.6 and the install was trouble free.
 
I'm assuming you want to pass the whole quad NIC to pfsense (all four ports) correct? If this is the case, then you'd be better off passing through the whole controller. You'll need to run the following command and see if the quad nic is in it's own IOMMU group:
for iommu_group in $(find /sys/kernel/iommu_groups/ -maxdepth 1 -mindepth 1 -type d);do echo "IOMMU group $(basename "$iommu_group")"; for device in $(\ls -1 "$iommu_group"/devices/); do if [[ -e "$iommu_group"/devices/"$device"/reset ]]; then echo -n "[RESET]"; fi; echo -n $'\t';lspci -nns "$device"; done; done

If so, copy & paste the identifier between brackets [] and append it to /boot/syslinux/syslinux.cfg file:
 

label unRAID OS menu default kernel /bzimage append vfio-pci.ids=IDENTIFIER ...

Then reboot and you should see the four ports in "Other PCI Devices:", then start VM and  proceed with the standard pfsense installation. pfSense should see the Intel quad nic at that point and you can assign WAN, LAN interfaces.
 
On another note, I've yet to try it but does the pfsense VM respond to the Stop gui command?
 

Yes, I want to passthrough the whole quad nic. Will check how iommu groups are.

No, Stop does not work. Only forcing a shutdown works.
Link to comment
  • 2 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing