Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

pfSense not booting

Featured Replies

Hello.  When I launch PFSense for the first time I get stuck on the black screen where it says booting... and nothing else happens

1476788785_pfsenseerror.thumb.png.7209562af2fe16b21cc1c791087cb02d.png

 

  I see the following errors in the pfsense logs

2020-05-24 02:05:07.735+0000: Domain id=1 is tainted: high-privileges
2020-05-24 02:05:07.735+0000: Domain id=1 is tainted: host-cpu
char device redirected to /dev/pts/0 (label charserial0)
2020-05-24T02:05:18.252838Z qemu-system-x86_64: vfio-pci: Cannot read device rom at 0000:08:00.0
Device option ROM contents are probably invalid (check dmesg).
Skip option ROM probe with rombar=0, or load from file with romfile=
2020-05-24T02:05:18.254745Z qemu-system-x86_64: vfio-pci: Cannot read device rom at 0000:09:00.0
Device option ROM contents are probably invalid (check dmesg).
Skip option ROM probe with rombar=0, or load from file with romfile=
2020-05-24T02:05:18.256320Z qemu-system-x86_64: vfio-pci: Cannot read device rom at 0000:08:00.1
Device option ROM contents are probably invalid (check dmesg).
Skip option ROM probe with rombar=0, or load from file with romfile=
2020-05-24T02:05:18.257872Z qemu-system-x86_64: vfio-pci: Cannot read device rom at 0000:09:00.1
Device option ROM contents are probably invalid (check dmesg).
Skip option ROM probe with rombar=0, or load from file with romfile=

I did some searches and someone mentioned it has to do with the CPU pinning but I pinned 2 threads on 1 core.  I even tried switching the pinning to a different core.  I had 1 and 7 pinned but now I have 5 and 11.  

 

418020667_cpupinning.png.a42cf13cd0bb9689dd91a78398737135.png

 

So Im a little lost here.  I used the vfio plugin to get passthrough working.  I also had to enable ACS override to get the IOMMU groups broken up. 

 

Here is my pfsense VM config

Part 1

1902156401_pfsenseconfigpart1.png.9c6a8cfbac865f38c19d294fb5408fba.png

Part 2

1003478907_pfsenseconfigpart2.png.64f25bb351af788b2cd691c8cbaed8e8.png

 

I asked on the pfSense thread but nobodw was responding.

 

 

I have attached my pfsense logs and my IOMMU group in txt files. 

 

Any help would be appreciated. 

 

 

IOMMU Groups.txt PFsense logs.txt

set your machine type to q35-2.6, its due to old qemu drivers in pfsense.  

11 hours ago, Abzstrak said:

set your machine type to q35-2.6, its due to old qemu drivers in pfsense.  

you my hero!!!
half a day could not run pfsense

  • Author
11 hours ago, Abzstrak said:

set your machine type to q35-2.6, its due to old qemu drivers in pfsense.  

I switched it to q35-2.6 and I get the following when launching VNC.

image.png.67656c0fb62e4e7a173dc64526f709e1.png

I tried 2.7 and it reverts back to the original issue.  Stuck on the boot screen.  I have attached log.

 

Also I am using a Ryzen 2700X for my CPU if that matters. 

pfSense Logs.txt

Edited by Armed Ferret
more info

did you install on 2.6?  if not, reinstall on 2.6

  • Author

I switched it to 2.6 and uninstalled and reinstalled on 2.6 as well.  I tried 2.7 and the if drivers as well.  2.6 is the only one that gives me the guest has not installed the display.  The rest get stuck on the boot screen. 

Edited by Armed Ferret
fixing info

12 hours ago, Armed Ferret said:

I switched it to 2.6 and uninstalled and reinstalled on 2.6 as well.  I tried 2.7 and the if drivers as well.  2.6 is the only one that gives me the guest has not installed the display.  The rest get stuck on the boot screen. 

Use the Q35-2.6 machine type and try to manual edit the xml with the following CPU section. You only have to adjust the amount of cores you're giving to the VM.

  <cpu mode='custom' match='exact' check='full'>
    <model fallback='forbid'>Skylake-Client</model>
    <topology sockets='1' cores='2' threads='1'/>
    <feature policy='require' name='hypervisor'/>
    <feature policy='disable' name='pcid'/>
    <feature policy='disable' name='hle'/>
    <feature policy='disable' name='erms'/>
    <feature policy='disable' name='invpcid'/>
    <feature policy='disable' name='rtm'/>
    <feature policy='disable' name='mpx'/>
    <feature policy='disable' name='spec-ctrl'/>
  </cpu>

 

  • 7 months later...

This was exactly what I have needed for a pfSense VM on threadriper, was running ok on previous build with Intel on it, but after migrating to threadriper, it was not working any more, this has solved the problem

Archived

This topic is now archived and is closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.