Messages

1

General Discussion / Re: Bhyve on OPNsense for virtualization in 2023

« on: December 18, 2023, 03:57:10 am »

Update: I found out what I needed to do to be able to assign the tap interface in the UI, or at least why I couldn't initially. It seems that opnsense filters out some interfaces from appearing in the assignment list, as per https://www.jafdip.com/renaming-ethernet-interfaces-under-freebsd/ I renamed tap0 to something else and I was then able to assign it via the UI, then add firewall rules and get traffic routing working.

to rename in the current running session:

Code: [Select]

ifconfig tap0 name hyve0

then to make it permanent add it to /etc/rc.conf:

Code: [Select]

ifconfig_tap0_name=”hyve0″


2

General Discussion / Re: Bhyve on OPNsense for virtualization in 2023

« on: December 12, 2023, 11:48:43 am »

@pinako and @slipperyduck thanks for the guides you have each written. I've had some success in following it, but not 100%, hoping you might have some insight as to where I have gone wrong.

I've been able to configure interfaces, create a VM, confirm that it receives an IP via DHCP, but the default firewall rules are kicking in and blocking traffic such as ICMP.

Looking at the firewall log I can see traffic being blocked which is originating from my VM's IP, on the tap0 interface. The first guide states:

Once it's back up we need to go to OPNSense web interface and commision the tap interface:

[opnsense] [Interfaces] [Assignments]
Look for tap0 on the dropdown and click [+ADD]
  now click [SAVE]

And this is the only part I haven't had success in, because when I look at the Assignments page I don't have an option of selecting tap0, which in turn means I can't create firewall rules against it, and so on.

I have the tap0 interface, have used /usr/local/etc/rc.syshook.d/start/50-tapstart to add tap0 to bridge0 and so on, but can't get to the point where I would create an assignment for tap0.

This is on OPNsense 23.7.9-amd64.

thanks!

Code: [Select]

root@OPNsense: # ifconfig bridge0
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: bridge0 (opt2)
ether 58:9c:fc:10:ff:81
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
member: tap0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
        ifmaxaddr 0 port 13 priority 128 path cost 2000000
member: igb2 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
        ifmaxaddr 0 port 3 priority 128 path cost 55
groups: bridge vm-switch viid-4c918@
nd6 options=9<PERFORMNUD,IFDISABLED>

root@OPNsense:# ifconfig tap0
tap0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: vmnet/windows2022/0/public
options=80000<LINKSTATE>
ether 58:9c:fc:10:ff:ad
inet6 fe80::5a9c:fcff:fe10:ffad%tap0 prefixlen 64 scopeid 0xd
groups: tap vm-port
media: Ethernet autoselect
status: active
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
Opened by PID 88991