Notes to Self

Alex Sokolsky's Notes on Computers and Programming

View on GitHub

pfSense VM in Proxmox

Sources

run pfsense in proxmox

VM Setup

Defaults are safe. Make it better:

Either way:

After VM created - add another NIC.

pfSense Setup

System\Advanced\Networking

Disable all the offloading

Proxmox with a single NIC running pfSense + USB Ethernet dongle

Throughput limited to 30 Mbps. Therefore such config is not recommended. Blame the FreeBSD USB driver? Also the dongle (Realtec chipset) gets pretty hot.

Proxmox with a single NIC running pfSense + switch with VLANs

Throughput proved to easily reach 900 Mbps.

Configure the following VLANs:

VLAN ID 1 is a reserved, not used by user apps.

  1. Setup proxmox as usual, with bridge to be VLAN-aware. Continue proxmox config and setup control web GUI on vmbr0.20.

  2. Setup pfSense VM as usual, pass to it a single vmbr0.

  3. Configure pfSense to use VLANs. (re)Run setup to make pfSense VLAN-aware, so that:

 WAN (wan)       -> vtnet0.10  -> v4/DHCP4: <wan>
 LAN (lan)       -> vtnet0.20  -> v4: 192.168.245.1/24
  1. Configure the switch, e.g. TL-SG108E, to use VLANs, such that:

802.1Q VLAN Configuration:

VLAN ID VLAN Name Member Ports Tagged Ports Untagged Ports
1 Default 1-8 1-8 n/a
10 WAN 1-2 2 1
20 LAN 2-8 2 3-8

802.1Q VLAN PVID Setting:

Port PVID
1 10
2 1
3 20
4 20
5 20
6 20
7 20
8 20

unbound Instability

My install was affected by unbound instability. For now in Services/DNS Resolver/General Settings I UNchecked Register DHCP leases in the DNS Resolver.