Messages

Здравствуй! Не выяснил часом в чем проблема может быть? Я уже не знаю куда смотреть
Ты не мог бы скинуть свой конфиг по железу и настройкам?

Вот моя ветка на англоязычном форуме https://forum.opnsense.org/index.php?topic=10816.15

Maybe problem with timeconters :( Need to try need add sysctl kern.timecounter=ACPI-fast in tunables who know?

I finde the topic with same problem on netgate forum https://forum.netgate.com/topic/130467/solved-pfsense-2-4-3-halts-with-calcru-messages-in-console
Its conflict of NTP how to set local NTP in the gate?
I steel cant resolve the problem ***sense works but cli canot work wihout pause/stop vm if hours no traffic router get down.
After pause stop vm have calcru error in console.

How to watch this logs in bsd systems or you means proxmox logs?
with e1000 drivers i have cathch te same error

I think the best way install OPNsense on baremetal server 1/2U with directed hardware nics 1 or 10 Gbe

I'm really disappointed that error come back again at night in standby mode.

1. Need to try e1000
2. Need to try disable speed step technology

Need to create a topic Proxmox + OPNsense success stories + config share.
There is a similar thread on the Natgate forum.

I will continue to try to change the settings of cpu qemu64 / kvm64 / default kvm64 + I will try to run on e1000 + disable memory balooning. I also requested the config from a forum member who successfully works with OPNsense in Proxmox.

The problem is that this error has to wait, it is not clear until the end that causes an error.
I have several old Proliant G7 servers in the Proxmox cluster. I consider in my case it too overhead to allocate the Gate a whole baremetal server.

Need to try this manual for OPNsense https://www.netgate.com/docs/pfsense/virtualization/virtualizing-pfsense-with-proxmox.html (kvm64 cpu recomended)

I tryed e1000 nics but its can detect it! maybe need assing interfaces or reinstall OPNsense.
In my case OPNsense needs in gate role + reverse proxy  for 2-3 webservers VMs in PVE cluster
vith virtio i have 10Gbit virtual buss interface but e1000 not bad variant in my case.

You recomended e1000 if use IDS/IPS pakages like Suricata or you means IPs Guest agent?

For production hi load scenario with IDS + Geoip + SYN-flood protection needed dedicated 2 soket baremetal server instance

Hi

Allready set up CPU and OS type also set a time zone in web interface.

Thanks! Now its more stable! But sometimes bug relapse (when install modules/updates or without load trafic) not Unfortunately this is not suitable for production scenario. Temporarily install VyOS or Simplewall until I solve the problem.

I found interesting topic https://forum.proxmox.com/threads/anyone-successfully-running-pfsense.45079/

Maybe best way switch to model (Baremetal + OPNsense) or (Baremetal + vSphere + OPNsense appliance)

l26  Linux 2.6/3.X Kernel
Ok need to try
change OS type
set the virtualized cpu type
set e1000
but this reduce performance

Q35 is this chipset mode? Where i can set this option in PVE?

Thanks for the reply! Need to try some variations.
I have never tried before run bsd based disros on kvm. I think my problem can be  nearly ntp server synchro clock settings on PVE or OPNsense

Nothing effect its problem with NTP

Regrettable
probably will have to switch to another gate  :-[

Hi there is config.
How to find a way to beat this problem?

agent: 1
bootdisk: virtio0
cores: 1
cpu: host,flags=+pcid;+spec-ctrl
cpuunits: 100
ide2: none,media=cdrom
memory: 2048
name: VPS-X100
net0: virtio=A2:6A:85:EA:12:9A,bridge=vmbr1
net1: virtio=CE:9B:27:A8:87:50,bridge=vmbr2
numa: 1
onboot: 1
ostype: l26
parent: dec_25_18
protection: 1
scsihw: virtio-scsi-pci
smbios1: uuid=dcff8f45-afff-4630-bc6d-52b1e65db11b
sockets: 2
unused0: data-x0:vm-100-disk-0
vcpus: 2
virtio0: data-x0:vm-100-disk-1,cache=writethrough,iothread=1,size=5G
vmgenid: 5685a1e8-890e-4601-8452-c2ff166b19dc

[dec_25_18]
agent: 1
bootdisk: virtio0
cores: 1
cpu: host,flags=+pcid;+spec-ctrl
cpuunits: 100
ide2: none,media=cdrom
memory: 2048
name: VPS-X100
net0: virtio=A2:6A:85:EA:12:9A,bridge=vmbr1
net1: virtio=CE:9B:27:A8:87:50,bridge=vmbr2
numa: 1
onboot: 1
ostype: l26
protection: 1
runningmachine: pc-i440fx-2.12
scsihw: virtio-scsi-pci
smbios1: uuid=dcff8f45-afff-4630-bc6d-52b1e65db11b
snaptime: 1546018922
sockets: 2
vcpus: 2
virtio0: data-x0:vm-100-disk-1,cache=writethrough,iothread=1,size=5G
vmgenid: 5685a1e8-890e-4601-8452-c2ff166b19dc
vmstate: data-x0:vm-100-state-dec_25_18

День Добрый!

Есть проблема с Opensense.
Cвежая инсталяция Opensense на гипервизоре kvm, работает нестабильно, неожиданно зависает.
Маршрутизатор установлен на Proxmox ноде доп плагины не установлены. 2 интерфейсами WAN / LAN
и отключенным IDS.
2 вирт ядра 2048мб оперативной памяти. Ресурсы потребляются не более чем на 30%

OPNsense, настроен в режиме DCHP с 1 статическим ip. Основной DNS на шлюзе 1.1.1.1 - 1.0.0.1/
LAN-порт подключен к WAN-порту моего домашнего аппаратного маршрутизатора linksys с dhcp в автоматическом режиме по адресу 192.168.2.1.
Rогда нода с шлюзом загружается, все стабильно работает через некоторое время интернет-соединение внезапно падает, невозможно получить доступ к веб-интерфейсу маршрутизатора. Консоль работает и показывает filterlog сообщения. Перезагрузка помогает на некоторое время, заметил что проблема появляется когда шлюз долго без нагрузки.

Обсуждение проблемы на Github https://github.com/opnsense/core/issues/29

Иногда у меня есть ошибка calcru, может быть, это связано с тем, что технология speedstep включена для процессора на хосте (частота cpu в паростое сервера  до 1.6 ГГц) или проблема с синхронизацией NTP-сервера

Hi Guys!

Have a problem with Opensense.
Newly instaled virtual Opensense appliance on kvm hypervisor and its works not stable, sudenly hangs.
Router instaled on my hypervisor proxmox node with minimal plugins mode with two interfaces WAN/LAN
and disabled IDS.
2 virt cores 2048mb ram. System resours have reserv 70%

OPNsense set up in DCHP mode with 1 static ip. Primary DNS on gate 1.1.1.1 - 1.0.0.1/
LAN port conected to WAN port of my home phisycal linksys router with dhcp on 192.168.2.1 adress. Dns auto.
First time when node with gate boot up all work stable after some time internet connection sudenly falls, cant acces in router web GUI. Console works and shows filterlog messages with calcru runtime error!

Topic of this problem on Github - https://github.com/opnsense/core/issues/29

Sometimemes i have calcru error maybe that because speedstep tecnology enabled for cpu on host (when enable cpu threads downclock to 1.6 ghz in standby) or problem with NTP server sync