Hi there,
Le 31 mai 2010 à 15:40, Jonathan Tripathy a écrit :
> Hi Everyone,
>
> I'm having some problems installing pfSense on Xen.
>
> I installed CentOS with the "Virtualisation" option.
>
> I then tried to install pfSense as a DomU, but it won't boot. It says "BTX
> Halted"
Big problem with pfSense is that it is based on FreeBSD, that doesn't like too
mutch Xen unfortunatly...
I am a big fan of FreeBSD... but... really even with hvm it doesn't seems to
work on Xen...
Xavier
> Any ideas?
>
> Thanks
> On 29/05/10 11:45, Jonathan Tripathy wrote:
>>
>>> if you passthrough your NIC, then you are right. no access from dom0 to
>>> physical NIC.
>>>
>>> if you just setup a bridge on the WAN NIC and put the pfsense domU with one
>>> foot on that NIC, you have the possibility to setup another domU to be
>>> accessible outside, and you can setup emergency access to dom0 on that
>>> bridge, too. if you don't need dom0 for an external access, you can leave
>>> the bridge interface without an ip address, like i wrote above. I don't
>>> know, if someone can gain access to your dom0, when this dom0 has an
>>> unconfigured bridge listening on your WAN port.
>>>
>>> you have to decide, how secure your setup shall be and what will you have
>>> to do, if your pfsense crashes.
>>>
>>> if your co-lo doesn't allow you to have several MAC addresses on that port,
>>> you won't be able to use that kind of setup either.
>>>
>>> in that case the only possible solution for you will be passthrough one of
>>> your two NICs to pfsense and hardwire the other one to your dom0 for
>>> emergency access.
>>>
>>> PCI Passthrough is possible for your hardware, right? If not, you are still
>>> able to use the bridged setup as long as just one MAC shows up on that port.
>>>
>> Hi Nicolas,
>>
>> Yep, PCI Passthrough is possible on the server which I've ordered. It's a
>> Dell R210 with a Xeon 3430 (2.4Ghz x 4, 8Mb cache) with 4GB of RAM. In
>> Dell's marketing document, it specifically mentioned that it's Vt-d
>> compatible.
>>
>> If I were to use PCI Passthrough, then the 100Mbit wouldn't be an issue,
>> correct?
>>
>> And as for the "DMZ" side of of pfsense, if I follow Mike's instructions to
>> enable the e1000 emulated adapter (which would be connect to a bridge), then
>> that should also be ok for 100Mbit, correct?
>>
>> Thanks
>>
>> _______________________________________________
>> Xen-users mailing list
>> Xen-users@xxxxxxxxxxxxxxxxxxx
>> http://lists.xensource.com/xen-users
>
> _______________________________________________
> Xen-users mailing list
> Xen-users@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-users
--
Xavier Beaudouin - xb@xxxxxxxxxxx - http://www.soprive.net/
So Privé - Le premier acteur dédié au cloud computing en France
GPG Fingerprints : A6B2 D563 F93B A3AF C08A CBAC 6BC6 79EB DCC9 9867
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
Home