OPNsense Forum
Archive => 16.1 Legacy Series => Topic started by: DirtySpiv on January 30, 2016, 05:55:11 pm
-
How do i boot OPNsense 16.1 on Hyper-V VM Generation 2?
I'm getting error "Boot Failed. No Operating System was Loaded."
-
Are you trying to boot from a SCSI disk? That won't work afaik.
FreeBSD does not have support for Gen 2 VM's at all.
-
There is a tweet on OPNsense (https://twitter.com/opnsense/status/569396467636576256) with link to post on Reddit:
So I read about monowall recommending OPNsense and decided to give it a try - after installing (without reading much ahead) I realised it supports the Hyper-V network interfaces by default.
Man says that OPNsense supports Synthetic Network Adapters. You need to run a gen2 VM to use them.
-
Opps, I was wrong - you can use non-legacy network adapter on gen1.
-
Yes, indeed. I've been running like that for over a year now :-)
FreeBSD has drivers for most things we need for running OPNsense in a Hyper-V VM.
Even de AES-NI is detected.
-
How do I ensure my network adapters are synthetic?
-
Select "Network adapter". Unlike previous versions, it doesn't show synthetic anymore.
The Legacy is a emulated Digital Fast Ethernet. Which in, at least, 16.1 doesn't seem to work at all.
WAN can't get a DHCP lease from the ISP, and LAN can't be connected to it seems.
Keep in mind that 16.1 will most likely not work on Hyper-V 2012 R2.
Haven't tested older versions, or TP4 of 2016.
You can ping using the VM as DNS server, but any other traffic is not passed through.
I have a feeling it's related to FreeBSD 10.2 in some way. I've been testing with Fitch for some time now, but cant find a workaround as of yet.
-
WEB UI doesn't show link speed for network adapter, neither do ifconfig (no media info).
I've checked pfSense - with legacy adapter it will show 100TX, for non-legacy show no link speed (like OPNsense).
Keep in mind that 16.1 will most likely not work on Hyper-V 2012 R2.
I don't get you. Mine is almost working, except port forwarding (haven't configured rules yet).
-
Same here. Never noticed that. It should say 10G I guess (like Windows).
You run Hyper-V 2012 R Free or normal (Standard/Datacenter), or another Hyper-V version?
I'm running Hyper-V 2012 R2 Free and I can't get it working with any 10.2 kernel or 11 from the Hardened BSD test builds. Only 15.x works here.
Have you enabled the Integration Tools for the VM? And if so, which options are enabled?
For me, after either upgrading the kernel in 15.x to FreeBSD 10.2, or installing 16.1 means I can resolve only using the OPNsense VM as DNS server. But clients can only ping, not download any web page data.
Plus my internal DNS servers can't resolve at all.
Really wonder what your setup is like, and the settings for the VM.
-
I'm on Server 2012 R2 Datacenter. I do not install Integration Tools on VMs.
- Barebone with 1 NIC connected to ISP (static IP + 1 Failover IP on different subnet);
- vSwitch has two virtual networks: External (WAN) (connected to NIC, shared with management OS) and Internal (LAN);
- VM has both virtual networks, MAC address spoofing is enabled on LAN.
-
You don't install the Integration Tools for any VM, or just this one?
You use VLANs then? Don't have that set up.
Can't imagine that being the culprit for me.
-
I don't install Integration Tools on linux machines and I don't use VLANs.
Btw, I have reinstalled OPNsense and on initial config it says that my network adapters are Synthetic, but I can't make port forwarding to work. I want to publish DNS server on VM with Windows Server 2012 R2 - no success. Looks like I will fallback to pfSense :{
-
This is based on FreeBSD, not Linux. But why do you not install the tools?
You have one physical NIC which you use as a uplink for a VMswitch.
There is no way to have a VMswitch with two virtual networks unless you use VLANs.
I doubt pfsense can do what you describe. It just doesn't make any sense based on what you describe.
-
This is based on FreeBSD, not Linux. But why do you not install the tools?
For newer FreeBSD releases, BIS is built in to the FreeBSD operating system, and no separate download or installation is required except for a KVP ports download that is needed for FreeBSD 10.0.
Latest pfSense is 10.1, OPNsesne 10.2 - why would I bother installing something?
You have one physical NIC which you use as a uplink for a VMswitch.
There is no way to have a VMswitch with two virtual networks unless you use VLANs.
I doubt pfsense can do what you describe. It just doesn't make any sense based on what you describe.
Would you clarify this statement? Because my setup is working right now with pfSense.
-
Weust seem to have a pretty unique issue we are trying to pin down. It's a little difficult since Hyper-V seems to work for others. There have been reports like:
https://lists.freebsd.org/pipermail/freebsd-questions/2015-September/268138.html
but they ought to be fixed in 10.2-RELEASE already.
So just to be clear, DirtySpiv, you don't experience issues with Hyper-V on FreeBSD 10.2/OPNsense 16.1?
-
@DirtySpiv, Because FreeBSD can make use of options offered by the Integration Tools.
Maybe you don't need all of them, but for automation they can come in handy. Like the save state/pause/shutdown of the VM when shutting down the host server.
FreeBSD may have support for some virtual hardware offered by Hyper-V, but the Hyper-V cannot control the VM.
The Hyper-V VMSwitch is a Layer 2 switch. You cannot create multiple VMSwitches using the same physical (or teamed) network adapter. You even get a message saying you can't because the adapter is already bound to another VMSwitch.
So if you want to use multiple networks you would need to setup VLANs on your physical switch, and use VLAN tagging on the vNIC or inside the guest OS to be able to work with multiple networks.
If you did something else, you're not explaining it well.
-
franco, there are no issues on FreeBSD 10.1/pfSense, but with FreeBSD 10.2/OPNsense port forwarding is not working and my routing table being reset after any config change from the web UI (i'm setting upstream gateway for wan interface manually).
weust, this functionality comes with FreeBSD from the box, you don't need to install additional software, except KVP daemon, as stated on FreeBSD wiki. So I can control my VM from hypervisor.
You cannot create multiple VMSwitches using the same physical (or teamed) network adapter. You even get a message saying you can't because the adapter is already bound to another VMSwitch.
So if you want to use multiple networks you would need to setup VLANs on your physical switch, and use VLAN tagging on the vNIC or inside the guest OS to be able to work with multiple networks.
Are you talking about two External virtual switches binded to the same NIC? I have only one External, and one Internal, and can create as many Internal virtual switches as I want. There is some misunderstanding between us. Keep in mind that I'm not a nix guru or professional sysadmin. I can provide screenshot of my setup, just say what you are actually interested in.
-
Internal and Private VMSwitches are fine. Now I get you.
Though that means you can only use VM's on the same Hyper-V host to connect to and through the OPNsense VM for internet connectivity.
I never disable the Integration Tools, and when I forget to enable some options upon enabling them the console will detect them.
I will check the wiki page later.
-
Though that means you can only use VM's on the same Hyper-V host to connect to and through the OPNsense VM for internet connectivity.
It depends how much additional IPs do you have. If you have enough - just bind them on guest OS network interface and expose it to internet without routing.
-
franco, there are no issues on FreeBSD 10.1/pfSense, but with FreeBSD 10.2/OPNsense port forwarding is not working and my routing table being reset after any config change from the web UI (i'm setting upstream gateway for wan interface manually).
That may be the issue that weust is having in a different wrapping. We've had no such issues in 15.7 with 10.1, 10-STABLE works again according to weust.
When you install 15.7.18 (images are still up on the mirrors), one can safely upgrade to 15.7.25 with one update. It should be relatively easy to verify this with a snapshot + ISO installer config import/quick install if you find the time.
Meanwhile, we are working on pinning down with patch is missing here on 10.2.
-
Just a short info:
I updated to 16.1 via opnsense-update. Besides it didn't boot anymore because I did set up the VM with /dev/ada and changing it to /dev/da... (thanks to weust for confirming my change) -> network is dead here, too. See here for details:
https://forum.opnsense.org/index.php?topic=2114.0
I'm running Hyper-V Server 2012 R2 (free edition) on a HP ProLiant ML370 G5. I didn't install integration services manually.
So it seems to be a general issue when using Hyper-V Server 2012 R2.