PFsense on Hyper-V

Allan74

Member
May 15, 2019
99
11
8
I almost feel dirty for asking this, but is anyone using Hyper-V for their home PFsense deployment and/or misc SDN or Security ?
Or Hyper-V on the edge for anything ?

I have a use case where my antiquated hardware is all Server 2016 friendly, dropped hardware support in ESXi and finicky in ProxMox.

thanks in advance,
Allan
 

cesmith9999

Well-Known Member
Mar 26, 2013
1,296
409
83
I have done this in the past. in my case there was no speed issues that I saw. I stopped doing it when my brother volunteered to send me a Watchguard router.

the biggest thing was WAF (Wife Acceptance Factor). I then had to do patching after hours... then the is asking when I am getting in bed...

Chris
 
  • Like
Reactions: dswartz

Allan74

Member
May 15, 2019
99
11
8
The wife said that I can get >1Gbit Internet if it doesn't require me to spend any cash on new parts.

It's either I make these couple of Realtek 2.5Gbit NICs that I already own, work, or I am stuck using the ISP's crappy modem/router/firewall combo that completely ties my hands.
 

cesmith9999

Well-Known Member
Mar 26, 2013
1,296
409
83
Are the your ports from your ISP bonded or are they using 2.5 GB ports on your modem? like the Arris S33 where it has a 2.5 GB port on the back as well as a 1 GB port.

I assume that you will be putting the ISP modem into Bridge mode. Good luck.

Chris
 
Feb 19, 2021
31
23
8
Please elaborate what hardware your referring to. This seems completely backwards. Usually no support on Microsoft and works fine on esxi/linux


"Server 2016 friendly, dropped hardware support in ESXi and finicky in ProxMox."
 

Allan74

Member
May 15, 2019
99
11
8
There is a single 2.5Gbit port on the back of their modem/router. I will be running it in bridge mode, yes.

Alternatively, my current TOR is a Netgear MS510TX, so even if forced to use the ISP hardware, I can still get the full speed out of the connection to the PCs in my home that need/want it, as it has 5 copper ports capable of 2.5Gbit in it's menagerie of ports. I use the single SFP+ as my main 10Gbit Server connection and daisy chain a couple others to the primary using Dual Port SFP+ cards in the limited servers that I have, as I only really have use for 2.5Gbit speeds anyway, as my array's writing speeds top out at that, so transferring data any faster would be pointless.....not to mention, I am the only writer, every other client is read only, as it's just an over complicated Plex setup in the end.
 

Allan74

Member
May 15, 2019
99
11
8
Please elaborate what hardware your referring to. This seems completely backwards. Usually no support on Microsoft and works fine on esxi/linux
"Server 2016 friendly, dropped hardware support in ESXi and finicky in ProxMox."
- Intel SR2612URR 2U 12x3.5" Bay Servers (Dual LGA1366, Intel S5520UR Motherboard)
- Onboard Intel Gbit nics are invisible to ESXi (I only have 3 PCIe slots in the server to add to, so these 2 onboard are important).
- Chelsio 10Gbit Dual SFP+ Offload NICs are flaky in Linux, BSD (S320e-CR)

I have a couple of these, with 1 currently up and running Server 2016 on metal with zero issues.

I tried installing Hypervisors on it's twin and have had nothing but problems.

For some strange reason, this trash likes Windows.
 

j_h_o

Active Member
Apr 21, 2015
545
135
43
California, US
Yes, I'm running pfSense in a VM, on Hyper-V.

I have the ATT residential gateway bypassed, plugged into my Brocade, and I'm using a ConnectX-3 in my Hyper-V host. I hot migrate the pfSenseVM to another Hyper-V host when I do host/hardware maintenance, to avoid downtime.

I've got some 10Gbps NICs you can have - if you pay for shipping :)
 

ca3y6

New Member
Apr 3, 2021
23
2
3
I actually run several pfsense at home in hyper-v to create multiple gateways (on different subnets but on the same switch) that VPN into different countries using a commercial VPN service.

The benefit is that I can switch the country for a device just by setting its IP to a different subnet, nothing to install on the device. Another benefit is that I can have a windows VM with two IPs (two subnets), but one gateway (pfsense gateway) so that it connects to the WAN through the VPN but is fully accessible locally from other machines that are not using the VPN, for instance for sharing folders or RDP.

It is working fine. The only trouble is that you need to set the configuration tightly in pfsense for it not to randomly fallback to non VPN connection regularly.
 

zer0sum

Active Member
Mar 8, 2013
527
228
43
Just stick to ESXi 6.7 and you should be fine.
Then you can run your windows server as a VM alongside OPNsense :)

6.7 is easy enough to get old hardware working, and there are hacks to make it recognize non-hcl nvme drives etc.
 

Allan74

Member
May 15, 2019
99
11
8
I've got some 10Gbps NICs you can have - if you pay for shipping
Normally I couldn't say no to such generosity, but the wife has put her foot down. ZERO new hardware in the house until I finish building my rack and deploying what I already have.....along with getting rid of a ton of stuff that I have been sitting on for far too long.

Honestly though, the only reason that I even have any 10Gb NICS is because they came in a tear down and the price was right. Even my main switch only has a single SFP+ port. I am the only one at home that transfers large enough files to even warrant better speeds and my arrays only write at a sustained 260-270MB/s locally, so 2.5Gb over a wire is enough for me. Thanks just the same.
 

Allan74

Member
May 15, 2019
99
11
8
Just stick to ESXi 6.7 and you should be fine.
Looks like I jumped the gun a bit, after being completely DENIED installation by ESXi v7.0.

After a bit of fighting with Hyper-V Server (during which time, completing a full Windows Server 2016 Standard installation the same hardwre/server in question, to prove to myself that I wasn't crazy) both 2016 Hyper-V Server and 2019 failed to proceed with even recognizing my drives/controller and seemed to be looking for drivers that I couldn't find, for hardware that I wasn't even sure of what was being asked, I threw in the towel and decided to give an older version of ESXi a try after reading your post.

I went back and grabbed 6.7 vanilla, installed it without hassles, other than the CPU warning for future releases (as I am running such old crap). Once it was up and running, I decided to go back and run the 6.7 update3 installer and VOILA ! Every piece of hardware is working and/or recognized.

Thanks to everyone for taking the time to respond.