Re: [pfSense] vmware tools

[Chris Buechler]

On Wed, Apr 13, 2016 at 5:12 AM, Olivier Mascia  wrote:
> Reading this: https://doc.pfsense.org/index.php/Open_VM_Tools_package
> after package installation and reboot,
>
> ps uxawww | grep vmware
>
> gives me this output which differs from the doc.pfsense.org article:
>
> root55265   0.0  0.2  17000  2516  -  S12:04PM  0:00.00 sh -c ps 
> uxawww | grep vmware 2>&1
> root55414   0.0  0.2  18740  2248  -  S12:04PM  0:00.00 grep vmware
> root84296   0.0  0.8 103460  8236  -  S11:37AM  0:00.34 
> /usr/local/bin/vmtoolsd -c /usr/local/share/vmware-tools/tools.conf -p 
> /usr/local/lib/open-vm-tools/plugins/vmsvc
>
> Does /usr/local/bin/vmtoolsd here correspond to /usr/local/sbin/vmware-guestd 
> which the article shows?
> It says "As long as vmware-guestd is shown in the output, it is working."
> Here I have vmtoolsd, not vmware-guestd.
> Merely a matter of older/newer version of this stuff between the article and 
> 2.3.x?
>

Correct, that hadn't been updated for more recent changes in
open-vm-tools. I just updated the page, yours is fine.
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

[pfSense] vmware tools

[Olivier Mascia]

Reading this: https://doc.pfsense.org/index.php/Open_VM_Tools_package
after package installation and reboot,

ps uxawww | grep vmware

gives me this output which differs from the doc.pfsense.org article:

root55265   0.0  0.2  17000  2516  -  S12:04PM  0:00.00 sh -c ps uxawww 
| grep vmware 2>&1
root55414   0.0  0.2  18740  2248  -  S12:04PM  0:00.00 grep vmware
root84296   0.0  0.8 103460  8236  -  S11:37AM  0:00.34 
/usr/local/bin/vmtoolsd -c /usr/local/share/vmware-tools/tools.conf -p 
/usr/local/lib/open-vm-tools/plugins/vmsvc

Does /usr/local/bin/vmtoolsd here correspond to /usr/local/sbin/vmware-guestd 
which the article shows?
It says "As long as vmware-guestd is shown in the output, it is working."
Here I have vmtoolsd, not vmware-guestd.
Merely a matter of older/newer version of this stuff between the article and 
2.3.x?

Thanks!
-- 
Meilleures salutations, Met vriendelijke groeten, Best Regards,
Olivier Mascia, integral.be/om


___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] VLAN Issue - pfSense/VMware/Cisco

[Jonatas Baldin]

*ISSUE SOLVED!*

I use the VLAN ID in the vSwitch and took off the TAG in the pfSense (just
adding a simple interface)

Thanks for the help guys!


2014-07-14 17:43 GMT-03:00 Jonatas Baldin :

> Using the same configuration, but excluding the ESXi host (using a
> physical pfSense) it worked smoothly.
>
> I tried to remove the VLAN ID Tag from the vSwitch, but didn't work too :/
>
>
> 2014-07-13 23:55 GMT-03:00 Justin Edmands :
>
> Here is some interesting info about esxi NICs when used with Cisco, or
>> other, VLAN:
>>
>> "Only allowing through VLAN traffic on physical switch ports
>> connecting to ESX reduces TCP/IP overhead. Native VLANs do not tag the
>> out going VLAN packets toward ESX NICs and if the same VLAN ID is used
>> to configure the vSwitch port group, the vSwitch drops any packet that
>> is not tagged for it, causing the connection to fail. Unnecessary VLAN
>> traffic on a TRUNK port that connects to ESX can cause major
>> performance issues.
>>
>> Note: Do not use the Native VLAN ID of a physical switch as a VLAN on
>> ESX/ESXi portgroups."
>>
>> Also the link shows the proper Cisco trunk config
>>
>>
>> http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1006628
>>
>> On Sun, Jul 13, 2014 at 10:07 PM, Alex Needham 
>> wrote:
>> > Hi
>> >
>> > If the port group is already in vlan 10 then you don't need to create a
>> vlan
>> > in pfsense as the vswitch is already untaging it.
>> >
>> > Just add teh interface and assign an ip, or set the vswitch to be vlan
>> 4095
>> > and it will send tagged traffic through. Which is what I do so that you
>> can
>> > make changes to pfSense without rebooting to detect a new interface
>> that has
>> > been added through esx.
>> >
>> > Also throw an ip on the cisco switch ion vlan 10, that will help you
>> trouble
>> > shoot the problem.
>> >
>> > Hope that helps
>> >
>> > Cheers
>> >
>> > Alex
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> > On 13 July 2014 18:03, Jonatas Baldin  wrote:
>> >>
>> >> Hi guys, how u doing?
>> >>
>> >> I'm doing a home lab for VLAN studying and it's going bad. I don't know
>> >> where the problem is.
>> >>
>> >> Here's my setup:
>> >>
>> >> VMware ESXi 5.5
>> >> pfSense 2.3.4 (VM)
>> >> Cisco SF300
>> >>
>> >> - The ESXi has o vSwitch attached to a port group in a physical
>> interface
>> >> with VLAN 10.
>> >> - The pfSense has this port group attached and recognizing as em2.
>> >> - In the pfSense I created a VLAN interface binding on em2 with de ID
>> 10.
>> >> - The FW rules are allowed everything in this interface and a DHCP
>> server
>> >> is configured on the VLAN interface.
>> >> - Physically, this em2 interface is connected to the SF300 on a TRUNK
>> port
>> >> (port 10), with the VLAN 10 allowed.
>> >> - And the port 11 is configured as an access port with VLAN 10, where I
>> >> connected a laptop expecting to receive a DHCP address and got I ICMP
>> >> response which I didn't, even configuring a static IP.
>> >>
>> >> Does anyone have a clue where the problem is?
>> >>
>> >> Thx!
>> >> 
>> >> Jonatas Baldin de Oliveira
>> >> Profissional de TI
>> >> Skype: jonatas.baldin
>> >>
>> >>
>> >> ___
>> >> List mailing list
>> >> List@lists.pfsense.org
>> >> https://lists.pfsense.org/mailman/listinfo/list
>> >
>> >
>> >
>> > ___
>> > List mailing list
>> > List@lists.pfsense.org
>> > https://lists.pfsense.org/mailman/listinfo/list
>> ___
>> List mailing list
>> List@lists.pfsense.org
>> https://lists.pfsense.org/mailman/listinfo/list
>>
>
>
>
> --
> 
> Jonatas Baldin de Oliveira
> Profissional de TI
> Skype: jonatas.baldin
>
>


-- 

Jonatas Baldin de Oliveira
Profissional de TI
Skype: jonatas.baldin
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] VLAN Issue - pfSense/VMware/Cisco

[Jonatas Baldin]

Using the same configuration, but excluding the ESXi host (using a physical
pfSense) it worked smoothly.

I tried to remove the VLAN ID Tag from the vSwitch, but didn't work too :/


2014-07-13 23:55 GMT-03:00 Justin Edmands :

> Here is some interesting info about esxi NICs when used with Cisco, or
> other, VLAN:
>
> "Only allowing through VLAN traffic on physical switch ports
> connecting to ESX reduces TCP/IP overhead. Native VLANs do not tag the
> out going VLAN packets toward ESX NICs and if the same VLAN ID is used
> to configure the vSwitch port group, the vSwitch drops any packet that
> is not tagged for it, causing the connection to fail. Unnecessary VLAN
> traffic on a TRUNK port that connects to ESX can cause major
> performance issues.
>
> Note: Do not use the Native VLAN ID of a physical switch as a VLAN on
> ESX/ESXi portgroups."
>
> Also the link shows the proper Cisco trunk config
>
>
> http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1006628
>
> On Sun, Jul 13, 2014 at 10:07 PM, Alex Needham 
> wrote:
> > Hi
> >
> > If the port group is already in vlan 10 then you don't need to create a
> vlan
> > in pfsense as the vswitch is already untaging it.
> >
> > Just add teh interface and assign an ip, or set the vswitch to be vlan
> 4095
> > and it will send tagged traffic through. Which is what I do so that you
> can
> > make changes to pfSense without rebooting to detect a new interface that
> has
> > been added through esx.
> >
> > Also throw an ip on the cisco switch ion vlan 10, that will help you
> trouble
> > shoot the problem.
> >
> > Hope that helps
> >
> > Cheers
> >
> > Alex
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > On 13 July 2014 18:03, Jonatas Baldin  wrote:
> >>
> >> Hi guys, how u doing?
> >>
> >> I'm doing a home lab for VLAN studying and it's going bad. I don't know
> >> where the problem is.
> >>
> >> Here's my setup:
> >>
> >> VMware ESXi 5.5
> >> pfSense 2.3.4 (VM)
> >> Cisco SF300
> >>
> >> - The ESXi has o vSwitch attached to a port group in a physical
> interface
> >> with VLAN 10.
> >> - The pfSense has this port group attached and recognizing as em2.
> >> - In the pfSense I created a VLAN interface binding on em2 with de ID
> 10.
> >> - The FW rules are allowed everything in this interface and a DHCP
> server
> >> is configured on the VLAN interface.
> >> - Physically, this em2 interface is connected to the SF300 on a TRUNK
> port
> >> (port 10), with the VLAN 10 allowed.
> >> - And the port 11 is configured as an access port with VLAN 10, where I
> >> connected a laptop expecting to receive a DHCP address and got I ICMP
> >> response which I didn't, even configuring a static IP.
> >>
> >> Does anyone have a clue where the problem is?
> >>
> >> Thx!
> >> 
> >> Jonatas Baldin de Oliveira
> >> Profissional de TI
> >> Skype: jonatas.baldin
> >>
> >>
> >> ___
> >> List mailing list
> >> List@lists.pfsense.org
> >> https://lists.pfsense.org/mailman/listinfo/list
> >
> >
> >
> > ___
> > List mailing list
> > List@lists.pfsense.org
> > https://lists.pfsense.org/mailman/listinfo/list
> ___
> List mailing list
> List@lists.pfsense.org
> https://lists.pfsense.org/mailman/listinfo/list
>



-- 

Jonatas Baldin de Oliveira
Profissional de TI
Skype: jonatas.baldin
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] VLAN Issue - pfSense/VMware/Cisco

[Justin Edmands]

Here is some interesting info about esxi NICs when used with Cisco, or
other, VLAN:

"Only allowing through VLAN traffic on physical switch ports
connecting to ESX reduces TCP/IP overhead. Native VLANs do not tag the
out going VLAN packets toward ESX NICs and if the same VLAN ID is used
to configure the vSwitch port group, the vSwitch drops any packet that
is not tagged for it, causing the connection to fail. Unnecessary VLAN
traffic on a TRUNK port that connects to ESX can cause major
performance issues.

Note: Do not use the Native VLAN ID of a physical switch as a VLAN on
ESX/ESXi portgroups."

Also the link shows the proper Cisco trunk config

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1006628

On Sun, Jul 13, 2014 at 10:07 PM, Alex Needham  wrote:
> Hi
>
> If the port group is already in vlan 10 then you don't need to create a vlan
> in pfsense as the vswitch is already untaging it.
>
> Just add teh interface and assign an ip, or set the vswitch to be vlan 4095
> and it will send tagged traffic through. Which is what I do so that you can
> make changes to pfSense without rebooting to detect a new interface that has
> been added through esx.
>
> Also throw an ip on the cisco switch ion vlan 10, that will help you trouble
> shoot the problem.
>
> Hope that helps
>
> Cheers
>
> Alex
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> On 13 July 2014 18:03, Jonatas Baldin  wrote:
>>
>> Hi guys, how u doing?
>>
>> I'm doing a home lab for VLAN studying and it's going bad. I don't know
>> where the problem is.
>>
>> Here's my setup:
>>
>> VMware ESXi 5.5
>> pfSense 2.3.4 (VM)
>> Cisco SF300
>>
>> - The ESXi has o vSwitch attached to a port group in a physical interface
>> with VLAN 10.
>> - The pfSense has this port group attached and recognizing as em2.
>> - In the pfSense I created a VLAN interface binding on em2 with de ID 10.
>> - The FW rules are allowed everything in this interface and a DHCP server
>> is configured on the VLAN interface.
>> - Physically, this em2 interface is connected to the SF300 on a TRUNK port
>> (port 10), with the VLAN 10 allowed.
>> - And the port 11 is configured as an access port with VLAN 10, where I
>> connected a laptop expecting to receive a DHCP address and got I ICMP
>> response which I didn't, even configuring a static IP.
>>
>> Does anyone have a clue where the problem is?
>>
>> Thx!
>> 
>> Jonatas Baldin de Oliveira
>> Profissional de TI
>> Skype: jonatas.baldin
>>
>>
>> ___
>> List mailing list
>> List@lists.pfsense.org
>> https://lists.pfsense.org/mailman/listinfo/list
>
>
>
> ___
> List mailing list
> List@lists.pfsense.org
> https://lists.pfsense.org/mailman/listinfo/list
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] VLAN Issue - pfSense/VMware/Cisco

[Alex Needham]

Hi

If the port group is already in vlan 10 then you don't need to create a
vlan in pfsense as the vswitch is already untaging it.

Just add teh interface and assign an ip, or set the vswitch to be vlan 4095
and it will send tagged traffic through. Which is what I do so that you can
make changes to pfSense without rebooting to detect a new interface that
has been added through esx.

Also throw an ip on the cisco switch ion vlan 10, that will help you
trouble shoot the problem.

Hope that helps

Cheers

Alex


















On 13 July 2014 18:03, Jonatas Baldin  wrote:

> Hi guys, how u doing?
>
> I'm doing a home lab for VLAN studying and it's going bad. I don't know
> where the problem is.
>
> Here's my setup:
>
> VMware ESXi 5.5
> pfSense 2.3.4 (VM)
> Cisco SF300
>
> - The ESXi has o vSwitch attached to a port group in a physical interface
> with VLAN 10.
> - The pfSense has this port group attached and recognizing as em2.
> - In the pfSense I created a VLAN interface binding on em2 with de ID 10.
> - The FW rules are allowed everything in this interface and a DHCP server
> is configured on the VLAN interface.
> - Physically, this em2 interface is connected to the SF300 on a TRUNK port
> (port 10), with the VLAN 10 allowed.
> - And the port 11 is configured as an access port with VLAN 10, where I
> connected a laptop expecting to receive a DHCP address and got I ICMP
> response *which I didn't*, even configuring a static IP.
>
> Does anyone have a clue where the problem is?
>
> Thx!
> 
> Jonatas Baldin de Oliveira
> Profissional de TI
> Skype: jonatas.baldin
>
>
> ___
> List mailing list
> List@lists.pfsense.org
> https://lists.pfsense.org/mailman/listinfo/list
>
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

[pfSense] VLAN Issue - pfSense/VMware/Cisco

[Jonatas Baldin]

Hi guys, how u doing?

I'm doing a home lab for VLAN studying and it's going bad. I don't know
where the problem is.

Here's my setup:

VMware ESXi 5.5
pfSense 2.3.4 (VM)
Cisco SF300

- The ESXi has o vSwitch attached to a port group in a physical interface
with VLAN 10.
- The pfSense has this port group attached and recognizing as em2.
- In the pfSense I created a VLAN interface binding on em2 with de ID 10.
- The FW rules are allowed everything in this interface and a DHCP server
is configured on the VLAN interface.
- Physically, this em2 interface is connected to the SF300 on a TRUNK port
(port 10), with the VLAN 10 allowed.
- And the port 11 is configured as an access port with VLAN 10, where I
connected a laptop expecting to receive a DHCP address and got I ICMP
response *which I didn't*, even configuring a static IP.

Does anyone have a clue where the problem is?

Thx!

Jonatas Baldin de Oliveira
Profissional de TI
Skype: jonatas.baldin
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] vmware

[Ryan Rodrigue]

ESX does more than Virtualize the hardware, it also virtualizes 1 or more 
switches.
You could use a managed switch and have each virtual network set on a different 
vlan.  You would then assign each nic in each virtual machine to one of these 
virtual networks.  You would also assign the ports in your managed switch to 
these networks.

You could also have a separate nic assigned to a separate virtual switch and 
then assign each virtual nic accordingly

At my house (I know I am strange) I have the following setup

Internet --- [ESX NIC 1 -- {Virtual Switch 1 (named WAN)}]
Managed Switch --- [ESX NIC 2 -- {Virtual Switch 2 (named LAN)}
On Virtual Swich 2 I also have Virtual Networks Using Vlans (Phone - Vlan 10) 
(Wireless Vlan 20)
I have a virtual machine running Asterisk with its nic assigned to "Phone"
I have a virtual machine running Windows7 with its nic assigned to "LAN"
I have a virtual machine running Linux with its nic assigned to "LAN"
I have a virtual machine running PFsese with its 4 nics assigned to "WAN", 
"LAN", "PHONE", "Wireless" accordingly
I also have a port on my switch configured with vlan connected to my wireless 
access point

There is more than this, but I don't want to overcomplicate things.  All in 
all, things run great.  When you go virtual RAM in the host machine is what 
runs out first.  It is a little to wrap you head around virtualization, but 
once you do, you won't go back.  Be sure to add the open vmware tools package 
once you get things up and running.  I also found the e1000 nics played nicest 
with pfSense.
You could also install vmware player on your desktop / laptop to help 
understand things.  Once you login to esx with the client, things make more 
sense.
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] vmware

[Jason Whitt]

Your going to have all kinds of headaches with VMware on a 2850 Look into a 
2900 series at the least.

With VMware or any virtual platform you'll assign a nic on the host to a 
virtual switch. Then a vm to that switch. You'll have a vswitch for lan and a 
vswitch for wan. (Simplest configuration.

Your pfsense vm will have a vnic on each switch, then your www would be on the 
lan vswitch.

But first get better hardware you'll drink less.

Sent from my iPhone

> On May 28, 2014, at 9:36 AM, Adam Thompson  wrote:
> 
>> On May 28, 2014 10:33:59 AM CDT, Brian Caouette  wrote:
>> 4.1 appears to be the newest this hardware can use.
>> 
>>> On 5/28/2014 11:19 AM, Ryan Coleman wrote:
>>> 4.1? 
>>> 
>>> in 5.x you can assign VLANs to NICs and then different NICs to VMs. I don’t 
>>> know about 4.1.
>>> 
 On May 28, 2014, at 10:11, Brian Caouette  wrote:
 
 I'm looking to use vmware 4.1 on my poweredge 2850 when it arrives. I have 
 a question on how virtual machines work. With a hardware configuration of 
 two nics wan/lan how does each vm use them? Do I need a nic for each vm or 
 as long as each ap is using a different port i'm good to go?
 
 I'm thinking a vm for pfsense, another vm for a webserver, etc...
 ___
 List mailing list
 List@lists.pfsense.org
 https://lists.pfsense.org/mailman/listinfo/list
>>> 
>>> 
>>> 
>>> ___
>>> List mailing list
>>> List@lists.pfsense.org
>>> https://lists.pfsense.org/mailman/listinfo/list
>> 
>> 
>> List mailing list
>> List@lists.pfsense.org
>> https://lists.pfsense.org/mailman/listinfo/list
> 
> Do yourself a favor, then, and don't use VMware on it. That's akin to 
> deliberately installing a Windows 2000 domain controller today...
> pfSense itself runs quite well on 2750s and 2850s directly.
> -Adam
> -- 
> Sent from my Android device with K-9 Mail. Please excuse my brevity.
> ___
> List mailing list
> List@lists.pfsense.org
> https://lists.pfsense.org/mailman/listinfo/list
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] vmware

[Chris L]

I call [OT]

Please read a manual / move to an ESXi list.

On May 28, 2014, at 8:34 AM, Brian Caouette  wrote:

> virtual switch?
> 
> On 5/28/2014 11:18 AM, Doug Lytle wrote:
  With a hardware configuration of two nics wan/lan how does each vm use 
 them?
>> On my home ESXi system, the computer has 3 NICs.  Each NIC is assigned to a 
>> virtual switch.  I have 3 Virtual switches, LAN, DMZ, Internet
>> 
>> Each VM is assigned to one of the virtual switches, but in the case of my 
>> pfSense VM, it is assigned all 3.  So, it ends up with 3 NIC(s), 1 on the 
>> LAN, 1 on the DMZ and 1 on the Internet.
>> 
>> Doug
>> ___
>> List mailing list
>> List@lists.pfsense.org
>> https://lists.pfsense.org/mailman/listinfo/list
>> 
> 
> ___
> List mailing list
> List@lists.pfsense.org
> https://lists.pfsense.org/mailman/listinfo/list

___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] vmware

[Adam Thompson]

On May 28, 2014 10:33:59 AM CDT, Brian Caouette  wrote:
>4.1 appears to be the newest this hardware can use.
>
>On 5/28/2014 11:19 AM, Ryan Coleman wrote:
>> 4.1?
>>
>> in /5.x/ you can assign VLANs to NICs and then different NICs to VMs.
>
>> I don't know about 4.1.
>>
>> On May 28, 2014, at 10:11, Brian Caouette > > wrote:
>>
>>> I'm looking to use vmware 4.1 on my poweredge 2850 when it arrives.
>I 
>>> have a question on how virtual machines work. With a hardware 
>>> configuration of two nics wan/lan how does each vm use them? Do I 
>>> need a nic for each vm or as long as each ap is using a different 
>>> port i'm good to go?
>>>
>>> I'm thinking a vm for pfsense, another vm for a webserver, etc...
>>> ___
>>> List mailing list
>>> List@lists.pfsense.org 
>>> https://lists.pfsense.org/mailman/listinfo/list
>>
>>
>>
>> ___
>> List mailing list
>> List@lists.pfsense.org
>> https://lists.pfsense.org/mailman/listinfo/list
>
>
>
>
>
>___
>List mailing list
>List@lists.pfsense.org
>https://lists.pfsense.org/mailman/listinfo/list

Do yourself a favor, then, and don't use VMware on it.  That's akin to 
deliberately installing a Windows 2000 domain controller today...
pfSense itself runs quite well on 2750s and 2850s directly.
-Adam
-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] vmware

[Brian Caouette]

virtual switch?

On 5/28/2014 11:18 AM, Doug Lytle wrote:

  With a hardware configuration of two nics wan/lan how does each vm use them?

On my home ESXi system, the computer has 3 NICs.  Each NIC is assigned to a 
virtual switch.  I have 3 Virtual switches, LAN, DMZ, Internet

Each VM is assigned to one of the virtual switches, but in the case of my 
pfSense VM, it is assigned all 3.  So, it ends up with 3 NIC(s), 1 on the LAN, 
1 on the DMZ and 1 on the Internet.

Doug
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list



___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] vmware

[Brian Caouette]

4.1 appears to be the newest this hardware can use.

On 5/28/2014 11:19 AM, Ryan Coleman wrote:

4.1?

in /5.x/ you can assign VLANs to NICs and then different NICs to VMs. 
I don't know about 4.1.


On May 28, 2014, at 10:11, Brian Caouette > wrote:


I'm looking to use vmware 4.1 on my poweredge 2850 when it arrives. I 
have a question on how virtual machines work. With a hardware 
configuration of two nics wan/lan how does each vm use them? Do I 
need a nic for each vm or as long as each ap is using a different 
port i'm good to go?


I'm thinking a vm for pfsense, another vm for a webserver, etc...
___
List mailing list
List@lists.pfsense.org 
https://lists.pfsense.org/mailman/listinfo/list




___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list


___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] vmware

[Ryan Coleman]

4.1? 

in 5.x you can assign VLANs to NICs and then different NICs to VMs. I don’t 
know about 4.1.

On May 28, 2014, at 10:11, Brian Caouette  wrote:

> I'm looking to use vmware 4.1 on my poweredge 2850 when it arrives. I have a 
> question on how virtual machines work. With a hardware configuration of two 
> nics wan/lan how does each vm use them? Do I need a nic for each vm or as 
> long as each ap is using a different port i'm good to go?
> 
> I'm thinking a vm for pfsense, another vm for a webserver, etc...
> ___
> List mailing list
> List@lists.pfsense.org
> https://lists.pfsense.org/mailman/listinfo/list

___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] vmware

[Doug Lytle]

>>  With a hardware configuration of two nics wan/lan how does each vm use them?

On my home ESXi system, the computer has 3 NICs.  Each NIC is assigned to a 
virtual switch.  I have 3 Virtual switches, LAN, DMZ, Internet

Each VM is assigned to one of the virtual switches, but in the case of my 
pfSense VM, it is assigned all 3.  So, it ends up with 3 NIC(s), 1 on the LAN, 
1 on the DMZ and 1 on the Internet.

Doug
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

[pfSense] vmware

[Brian Caouette]

I'm looking to use vmware 4.1 on my poweredge 2850 when it arrives. I 
have a question on how virtual machines work. With a hardware 
configuration of two nics wan/lan how does each vm use them? Do I need a 
nic for each vm or as long as each ap is using a different port i'm good 
to go?


I'm thinking a vm for pfsense, another vm for a webserver, etc...
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] VMware patch released for clock stopping issue

[Ugo Bellavance]

On 2012-09-29 21:40, Chris Buechler wrote:

This ESX regression was discussed recently here in at least one if not
more threads, VMware has a patch out.

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2032586

PR887134: Timer stops in FreeBSD 8.x and 9.x as virtual hardware HPET
main counter register fails to update due to comparison failure
between signed and unsigned integer values.



So that means that if we update to ESXi500-201209001 (that gives build 
#821926) we fix that problem?


Thanks,

Ugo

___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

[pfSense] VMware patch released for clock stopping issue

[Chris Buechler]

This ESX regression was discussed recently here in at least one if not
more threads, VMware has a patch out.

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2032586

PR887134: Timer stops in FreeBSD 8.x and 9.x as virtual hardware HPET
main counter register fails to update due to comparison failure
between signed and unsigned integer values.
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] vmware appliance

[David Burgess]

On Tue, May 1, 2012 at 10:10 AM, Moshe Katz  wrote:
> If you look at the Snapshots server, it seems that there are VMWare
> snapshots.

Good. Thank you.

db
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] vmware appliance

[Moshe Katz]

If you look at the Snapshots server, it seems that there are VMWare
snapshots.

32-bit
http://snapshots.pfsense.org/FreeBSD_RELENG_8_3/i386/pfSense_HEAD/virtualization/?C=M;O=D

64-bit
http://snapshots.pfsense.org/FreeBSD_RELENG_8_3/amd64/pfSense_HEAD/virtualization/?C=M;O=D

If you look at the build logs on the snapshot server, you will also see the
VMWare builds there.

Moshe

--
Moshe Katz
-- mo...@ymkatz.net
-- +1(301)867-3732



On Tue, May 1, 2012 at 12:05 PM, David Burgess  wrote:

> The docs (http://doc.pfsense.org/index.php/VMwareAppliance) state that
> there is no longer a current vmware appliance for download. Is there a
> particular reason for this? Are there plans to reinstate that at some
> point?
>
> db
> ___
> List mailing list
> List@lists.pfsense.org
> http://lists.pfsense.org/mailman/listinfo/list
>
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

[pfSense] vmware appliance

[David Burgess]

The docs (http://doc.pfsense.org/index.php/VMwareAppliance) state that
there is no longer a current vmware appliance for download. Is there a
particular reason for this? Are there plans to reinstate that at some
point?

db
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] VMWare maximum of 10 vnics

[Joseph L. Casale]

>I did see the issue and I had the theory in my head, I just didn't know
>how to do it with VMWare.  So I create a new virtual network, set the
>VLAN ID to ALL (4095), and it will pass all the VLANs available on the
>physical port?

Yup, they are now available as tagged vlans to any vNic plugged into the
vSwitch.

> Then I just create VLAN interfaces in pfsense?

Yes, and they share the single parent vNic, if you have one pNic throughput
is obviously not an issue, but if you dont you can add more vNics and split
the vlans between them.

>One 120-port vSwitch with 13 vNets + the management (VmKernel) vNet.
>None of the vNets are configured with VLAN ID to ALL (4095).

That as basic as it gets, I don't see an issue...
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] VMWare maximum of 10 vnics

[Ugo Bellavance]

On 2012-03-06 07:59, Joseph L. Casale wrote:

I'm currently trying to configure pfSense firewall in a VMWare machine.
  There is apparently a limit of 10 vNICs on Vsphere 5, but I would need
this firewall to access 11 networks.  Since all the networks in VMWare
are already tagged vlans, I don't really how to overcome this limit.


Don't see the issue? Set the vSwitch vlan to All then assign the vlans
inside pfSense all to one or max 10 nics.


I did see the issue and I had the theory in my head, I just didn't know 
how to do it with VMWare.  So I create a new virtual network, set the 
VLAN ID to ALL (4095), and it will pass all the VLANs available on the 
physical port?  Then I just create VLAN interfaces in pfsense?




What's your vSphere net config look like?


One 120-port vSwitch with 13 vNets + the management (VmKernel) vNet. 
None of the vNets are configured with VLAN ID to ALL (4095).


Thanks a lot for your help.

Ugo


___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] VMWare maximum of 10 vnics

[Joseph L. Casale]

>I'm currently trying to configure pfSense firewall in a VMWare machine.
>  There is apparently a limit of 10 vNICs on Vsphere 5, but I would need
>this firewall to access 11 networks.  Since all the networks in VMWare
>are already tagged vlans, I don't really how to overcome this limit.

Don't see the issue? Set the vSwitch vlan to All then assign the vlans
inside pfSense all to one or max 10 nics.

What's your vSphere net config look like?
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

Re: [pfSense] VMWare maximum of 10 vnics

[Ugo Bellavance]

On 2012-03-05 21:28, Ugo Bellavance wrote:

Hi,

I'm currently trying to configure pfSense firewall in a VMWare machine.
There is apparently a limit of 10 vNICs on Vsphere 5, but I would need
this firewall to access 11 networks. Since all the networks in VMWare
are already tagged vlans, I don't really how to overcome this limit.

Any ideas?

Thanks,

Ugo


BTW I'm not looking for a solution, just an answer.  If it doesn't work 
in VMWare, I'll use 2 physical servers and a CARP setup.  However, I'd 
rather go with VMWare if possible.


Thanks,

Ugo

___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list

[pfSense] VMWare maximum of 10 vnics

[Ugo Bellavance]

Hi,

I'm currently trying to configure pfSense firewall in a VMWare machine. 
 There is apparently a limit of 10 vNICs on Vsphere 5, but I would need 
this firewall to access 11 networks.  Since all the networks in VMWare 
are already tagged vlans, I don't really how to overcome this limit.


Any ideas?

Thanks,

Ugo

___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list