Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
15.7 Legacy Series
»
[SOLVED] KVM (oVirt) | Can ping public hostnames but can't browse
« previous
next »
Print
Pages: [
1
]
Author
Topic: [SOLVED] KVM (oVirt) | Can ping public hostnames but can't browse (Read 8915 times)
aareya
Newbie
Posts: 2
Karma: 0
[SOLVED] KVM (oVirt) | Can ping public hostnames but can't browse
«
on:
August 20, 2015, 11:35:26 pm »
Hello all.
I'm very new to OPNsense. Have a weird issue with default install.
I have an oVirt (ovirt.org) server hosted in a datacenter. I'm trying to setup OPNsense as a "cloud" firewall.
my OPNsense virtual machine is configured with two nics WAN + LAN.
My WAN is configured with a Public IP.
My LAN is configured as 10.0.255.254/16
I have a few other virtual machines configured with one NIC on each which resides on the LAN network.
As stated with the default install of OPNsense with Outbound NAT set to auto I can ping public hostnames such as google.com or yahoo.com but when using a web browser on the LAN VMs I cannot access the internet.
From LAN VMs
using command line
ping google.com > success
ping yahoo.com > success
ping 8.8.8.8 > success
ping 209.244.0.3 > success
telnet google.com 80 > network not reachable
using web browser
URL google.com > page not found
URL 10.0.255.254 > OPNsense web page
From OPNsense
using shell
ping google.com > success
ping yahoo.com > success
ping 8.8.8.8 > success
ping 209.244.0.3 > success
telnet google.com 80 > connected
Am I missing a setting? I not sure why addresses can resolve via command line but are not actually reachable with a browser or telnet.
Any suggestions would be much appreciated.
«
Last Edit: February 02, 2018, 11:27:55 am by franco
»
Logged
aareya
Newbie
Posts: 2
Karma: 0
Re: KVM (oVirt) | Can ping public hostnames but can't browse
«
Reply #1 on:
August 21, 2015, 01:21:55 am »
Hello all again. Just figured out the issue. There are some compatibility issues with KVM's VirtIO nic and OPNsense, PFsense, and FreeBSD in general. When setting up nics in oVirt and any other KVM virtualization use nic type e1000 which is Intel's Generic Gigabit profile.
Don't forget to check out oVirt (ovirt.org) if you're looking for a fully open source alternative to ESXi, vSphere, & vCenter.
Logged
franco
Administrator
Hero Member
Posts: 17665
Karma: 1611
Re: [SOVLED] KVM (oVirt) | Can ping public hostnames but can't browse
«
Reply #2 on:
August 21, 2015, 11:02:30 am »
Hi there aareya,
glad that was solved so quickly. If you have any other trouble let us know.
Cheers,
Franco
Logged
KlaasT
Newbie
Posts: 1
Karma: 0
Re: [SOVLED] KVM (oVirt) | Can ping public hostnames but can't browse
«
Reply #3 on:
August 28, 2015, 12:48:10 pm »
Hi,
I had a similar issue. However I could keep using VirtIO when I disabled hardware checksum offloading and hardware TCP segmentation offloading.
As I read somewhere on the FreeBSD mailinglists there is currently an issue using a virtual FreeBSD with VirtIO and hardware checksum offloading on KVM.
Until I read this I was using Intel e1000 as a virtual NIC however these are really slow.
Maybe this works for you.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
15.7 Legacy Series
»
[SOLVED] KVM (oVirt) | Can ping public hostnames but can't browse