As a note on cpu allocations for vnware vm's... this also applies to xen and hyper-v
Example: Vmhost: 2 quad core cpu's vm1 8 vcpu's vm2 1 vcpu's vm3 1 vcpu vm4 1 vcpu vm5 1vcpu say vm1 is running something like active directory.. or any single threaded app. VMware will Que up all 8 vcpu's for vm1's cpu schedule. Once that's done it will release the cpu scheduler for the other vm's. This is kinda hard to explain, however the bottom like is try out assigning no more that 1-2 cpu's per vm unless its needed. I use resource pools heavily to contain my cpu usage its often times ok to have a vm that's using 80% of its spu usage. this takes some time to test anc configure to achive optimal results. however you dont want to over provision your resources on the cpu side too much otherwise you'll run into contention, and if you are using vmware enterprise + with drs then you'll see vm's bounce from host to host in your cluster.... again not necessarily a bad thing just something to keep an eye on. I guess the answer is always it depends. On Thu, Oct 7, 2010 at 8:45 AM, Greg Hennessy <greg.henne...@nviz.net>wrote: > If I may add one thought to this, > > Chokepoint have recently announced a virtual version of their 'blade' > product which uses the VMSafe API to enable more efficient inspection of > traffic travelling between virtual machines and the outside world. > > > http://www.networkworld.com/news/2010/090110-check-point-vmware-security.html?hpg1=bn > > Dunno what the possibilty of such an approach is with pfSense. > > Given the innards of VMWare is linux based, the ABI is likely to be > interesting for other operating systems to interface against. > > > > Greg > > > ________________________________________ > From: Chris Buechler [cbuech...@gmail.com] > Sent: 07 October 2010 15:32 > To: discussion@pfsense.com > Subject: Re: [pfSense-discussion] pfSense router/firewall in a Vmware ESXi > guest for other guests > > On Thu, Oct 7, 2010 at 3:43 PM, Eugen Leitl <eu...@leitl.org> wrote: > > On Sat, Oct 02, 2010 at 03:53:54PM -0400, Chris Buechler wrote: > > > >> That's not the normal experience from what I've seen, sounds specific > >> to something in particular you're doing. I believe every environment > >> I've seen that routes between VLANs within ESX handles the VLANs > >> entirely at the ESX level, with one vswitch per VLAN and the firewall > >> connected to the individual vswitches, maybe that's the difference. > >> > >> Running inside of VMware isn't nearly as fast as running on equivalent > >> bare metal, but most of the time you don't need that kind of > >> performance, 300 Mbps is easily achievable with e1000 NICs and > >> moderately new (anything with VT) server hardware. I've been on dozens > > > > Chris, how much memory do you recommend for a pfSense ESXi instance, > > which handles 4 guests (one IP address each), 100 MBit/s switched > > setup? Do I need 1+ GByte, or can I risk allocating just 512 > > MBytes to the guest? > > > > "It depends". Virtual sizing no diff from physical. Depends on > simultaneous connections, what packages and configurations they use, > etc. I use 128 MB RAM and 2 GB disks on most of my test and dev boxes, > they're mostly pretty basic though. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: discussion-unsubscr...@pfsense.com > For additional commands, e-mail: discussion-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > --------------------------------------------------------------------- > To unsubscribe, e-mail: discussion-unsubscr...@pfsense.com > For additional commands, e-mail: discussion-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > >
