pfSense not booting


Recommended Posts

Hello.  When I launch PFSense for the first time I get stuck on the black screen where it says booting... and nothing else happens

1476788785_pfsenseerror.thumb.png.7209562af2fe16b21cc1c791087cb02d.png

 

  I see the following errors in the pfsense logs

2020-05-24 02:05:07.735+0000: Domain id=1 is tainted: high-privileges
2020-05-24 02:05:07.735+0000: Domain id=1 is tainted: host-cpu
char device redirected to /dev/pts/0 (label charserial0)
2020-05-24T02:05:18.252838Z qemu-system-x86_64: vfio-pci: Cannot read device rom at 0000:08:00.0
Device option ROM contents are probably invalid (check dmesg).
Skip option ROM probe with rombar=0, or load from file with romfile=
2020-05-24T02:05:18.254745Z qemu-system-x86_64: vfio-pci: Cannot read device rom at 0000:09:00.0
Device option ROM contents are probably invalid (check dmesg).
Skip option ROM probe with rombar=0, or load from file with romfile=
2020-05-24T02:05:18.256320Z qemu-system-x86_64: vfio-pci: Cannot read device rom at 0000:08:00.1
Device option ROM contents are probably invalid (check dmesg).
Skip option ROM probe with rombar=0, or load from file with romfile=
2020-05-24T02:05:18.257872Z qemu-system-x86_64: vfio-pci: Cannot read device rom at 0000:09:00.1
Device option ROM contents are probably invalid (check dmesg).
Skip option ROM probe with rombar=0, or load from file with romfile=

I did some searches and someone mentioned it has to do with the CPU pinning but I pinned 2 threads on 1 core.  I even tried switching the pinning to a different core.  I had 1 and 7 pinned but now I have 5 and 11.  

 

418020667_cpupinning.png.a42cf13cd0bb9689dd91a78398737135.png

 

So Im a little lost here.  I used the vfio plugin to get passthrough working.  I also had to enable ACS override to get the IOMMU groups broken up. 

 

Here is my pfsense VM config

Part 1

1902156401_pfsenseconfigpart1.png.9c6a8cfbac865f38c19d294fb5408fba.png

Part 2

1003478907_pfsenseconfigpart2.png.64f25bb351af788b2cd691c8cbaed8e8.png

 

I asked on the pfSense thread but nobodw was responding.

 

 

I have attached my pfsense logs and my IOMMU group in txt files. 

 

Any help would be appreciated. 

 

 

IOMMU Groups.txt PFsense logs.txt

Link to comment
11 hours ago, Abzstrak said:

set your machine type to q35-2.6, its due to old qemu drivers in pfsense.  

I switched it to q35-2.6 and I get the following when launching VNC.

image.png.67656c0fb62e4e7a173dc64526f709e1.png

I tried 2.7 and it reverts back to the original issue.  Stuck on the boot screen.  I have attached log.

 

Also I am using a Ryzen 2700X for my CPU if that matters. 

pfSense Logs.txt

Edited by Armed Ferret
more info
Link to comment

I switched it to 2.6 and uninstalled and reinstalled on 2.6 as well.  I tried 2.7 and the if drivers as well.  2.6 is the only one that gives me the guest has not installed the display.  The rest get stuck on the boot screen. 

Edited by Armed Ferret
fixing info
Link to comment
12 hours ago, Armed Ferret said:

I switched it to 2.6 and uninstalled and reinstalled on 2.6 as well.  I tried 2.7 and the if drivers as well.  2.6 is the only one that gives me the guest has not installed the display.  The rest get stuck on the boot screen. 

Use the Q35-2.6 machine type and try to manual edit the xml with the following CPU section. You only have to adjust the amount of cores you're giving to the VM.

  <cpu mode='custom' match='exact' check='full'>
    <model fallback='forbid'>Skylake-Client</model>
    <topology sockets='1' cores='2' threads='1'/>
    <feature policy='require' name='hypervisor'/>
    <feature policy='disable' name='pcid'/>
    <feature policy='disable' name='hle'/>
    <feature policy='disable' name='erms'/>
    <feature policy='disable' name='invpcid'/>
    <feature policy='disable' name='rtm'/>
    <feature policy='disable' name='mpx'/>
    <feature policy='disable' name='spec-ctrl'/>
  </cpu>

 

  • Like 1
  • Thanks 1
Link to comment
  • 7 months later...

This was exactly what I have needed for a pfSense VM on threadriper, was running ok on previous build with Intel on it, but after migrating to threadriper, it was not working any more, this has solved the problem

  • Haha 1
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.