for reference re multiple network interfaces connecting to bridges http://libvirt.org/formatdomain.html#elementsNICSVirtual
Do you by chance have an instruction list for how to install and set it up to work properly please?
Or is it just the generic with alteration for the vNIC?
Whenever I perform an install, I always get "No-link-up conencted" when it tries to find the current WAN device and I've got it connected to the firewall instead of a physical device.
I attach a physical device...
"bge0: watchdog timeout -- resetting"
"bge0: firmware handshake timed out, found 0x58000000"
"bge0: firmware handshake timed out, found 0x58000000"
Then a few minutes later it does it again.
How did you get around this?
It is not a wifi card. It's a generic NIC.
I have a Realtek and a Broadcom.
They both do the same thing.
I have not even tried using my TP-Link WiFi card.
My Realtek works in version > 2.2, it's < 2.2 that it has the issue.
My Broadcom has the issue with the timeouts, the RealTek doesn't.
Is there some issue with the responses not being passed to and from correctly?
But I still don't know how to get the connection to be working for hot-add of NIC's to PFSense when a new guest is added.
I can't add the details to PFSense when there is ONLY the WAN port, it doesn't like it.
How does one get around this?
How did you get yours set up Connor?
This may be not optimal as bridges consume cpu cycles and irq processing. On the other hand Qubes currently doesn't support HVM netvms so until v4.0 that's the only solution I see. I'll keep playing with it but I suspect virtualised pfSense is not a good idea for real life use.
So PFSense is NOT the first line of defense then?
It is behind another guest?
I create HVM, then convert it to NetVM/TemplateVM from TemplateHVM.
That normally works for me.
But the thing is it's difficult if you odn't have the right things there to allow the connection to be created automatically. so that's where I come unstuck.
Even if it's the external, then you have multiple internals, that are statics, after that you have the guests behind them, then that would work?
How do you set up multiple NICs for it though?
It was the first line of defense from Internet threats. But at the same time it was connected to bridges in Fedora netvms that themselves were only connected or to be more precise provided bridging and routing services to an external NIC (for LAN) and internal VMs (some bridged, some routed). The netvms were not connected to the Internet.
> How do you set up multiple NICs for it though?
Somehow pfSense didn't recognise one of two identical NICs that I delegated to it. So in the end it had only 3 interfaces: one external physical and two internal xen devices to LAN and DMZ. Routing and filtering worked fine in pfSense in this setup. I could have possibly created another bridge vm with the NIC that didn't work but I thought that would be a waste of resources.
I didn't have much time to spend on this as the server had to be restored back. I think it's too early now. We should wait for or help implementing HVM netvms in R4.0. Should be trivial then.
Why wait when they are already in version 2? (If set up correctly).