-
Important Announcement for the TrueNAS Community.
The TrueNAS Community has now been moved. This forum has become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums
PfSense Dual 10Gbps NIC Pass Through in VM
- Thread starter visamp
- Start date
- Joined
- Mar 5, 2013
- Messages
- 1,824
KVM uses Linux kernel extensions, so only SCALE. CORE also has an equivalent virtualization platform, but it's unrelated and called bhyve.
10G routing and filtering, in general, is a pretty CPU-intensive task especially if you're running Suricata and the likes. Forget virtualizing, even bare-metal systems can struggle depending on the CPU. 1G routing, on the other hand, can be done on a potato for the most part.
As for virtualizing pfSense on SCALE, I have never done it personally, but I do virtualize it on Proxmox (same KVM backend) on the system in my signature. I'd admit that it isn't optimal though. Ideally, you should do what others mentioned and run it as a separate box not only because it's a good security practice to do so, but because updating/servicing the system is a major pain in the neck because the network goes down while I'm rebooting the host and I usually have to cross my fingers and hope the upgrade didn't bork something. It's why I'm not upgrading to Proxmox 8 yet and probably will procrastinate on it for at least a few more months.
visamp
Dabbler
- Joined
- Aug 24, 2023
- Messages
- 11
I decided on turning this little beauty (after an enormous amount of hemming and hawing, reading and rereading these posts) into my 10 Gbps capable firewall appliance for two reasons:
I did ping the YouTuber who I found when I was searching how to set this up in the first place to see if he wanted to share his success/failures. I believe he will be porting over into a new system soon so it might be cool to watch him from the sidelines.
Thank you all for the support and interest - there are actually other people out there who think this stuff is actually awesome like I do...
Matt
- I will now have a chance to play and build another toy.
- I stood at the edge of the cliff and wasn't certain I knew what I didn't know.
I did ping the YouTuber who I found when I was searching how to set this up in the first place to see if he wanted to share his success/failures. I believe he will be porting over into a new system soon so it might be cool to watch him from the sidelines.
Thank you all for the support and interest - there are actually other people out there who think this stuff is actually awesome like I do...
Matt
MrGuvernment
Patron
- Joined
- Jun 15, 2017
- Messages
- 268
Some days, or maybe too many, my brain really does not function..lol talk about a brain fart! (I should of known that.)KVM is only on Linux, so that's why it's only on SCALE.
