On 14 March 2014 18:40, Paul Mansfield <[email protected]> wrote: > * success in the sense of getting started, breaking it, doing factory > resets, breaking again and gradually discovering what I am doing > wrong!
I just learned a new way to break firefly vsrx. If you starve it of memory it can't load its custom modules into the kernel and thus has no working network devices. In my testing, I have a relatively low-powered VM host (centos 6.5 with KVM, on old Dell 2950 with dual E5405, and 16GB ram). I created virtual machines to simulate the entire network, an outer node which is bridged to the office, then a pfsense VM, in parallel with that the vsrx VM, then an inner node which relies on the pfsense or vsrx firewalls. The default jva file creates the VM with 2GB of RAM, but I cut it down to 768MB, the same as all the other nodes. When I rebooted it, none of the network devices appeared, but I didn't make the connection because I'd made other changes to the container to tweak other network settings, so it took me a while before I realised. sigh.
