Added by Jan Koester almost 12 years ago. Updated almost 9 years ago.
0%
Description
It's possible to include the xen DomU driver in pfsense 2.1 ?
Updated by JD - over 11 years ago
It doesn't make any sense to have your routing and firewall platform being run on a virtualized layer especially in a production environment. This is not just about performance but security matters as well. If you want to virtualize testing machines for instance try using KVM instead. It works by far smoother and is well integrated into the linux kernel.
Also virtio drivers have been around for quite some time now but I haven't tested them yet in connection with pfSense in general.
For more information refer to the following sites:
http://svnweb.freebsd.org/base?view=revision&revision=225710
http://viktorpetersson.com/2011/10/20/how-to-use-virtio-on-freebsd-8-2/
Anyhow, having pfSense 2.2 shipped with these drivers being aboard would be totally gorgeous (virtio_blk, virtio_net, virtio_bus). Perhaps this way testing snapshot images would be way more fun ;)
Updated by Jim Pingle over 11 years ago
Plenty of good reasons to run a virutalized firewall - that debate doesn't belong on this ticket though.
The virtio drivers are already in 2.1, also not really relevant to this ticket.
Updated by JD - over 11 years ago
Jim P wrote:
Plenty of good reasons to run a virutalized firewall - that debate doesn't belong on this ticket though.
Yepp, you're right. Sorry.
The virtio drivers are already in 2.1, also not really relevant to this ticket.
Indeed, but somehow the virtio_net driver seems to be missing. Though, no virtio powered block device can be used during isntall but maybe that's a because of the installer (?). I'll have a look at it and if necessary open a fresh ticket.
Updated by Jupiter Vuorikoski about 11 years ago
Has anyone looked into this yet? I would imagine it wouldn't be too much trouble to include the xenhvm drivers to at least the amd64 release kernel compilation since freebsd 8.3 has pretty solid support for xen hvm pv on that. This would enable pfsense as a far more viable platform on xen without manual patching of the kernel for every deployment. I am willing to test the build on xen 4.1 and 4.2.
I would imagine adding the drivers does not require a significant amount of additional disk space or memory from the system. If considered that the added load is unacceptable by default, then this could be only included in the full release and memstick installation images and with them as an optional kernel like the embedded no vga one if deemed necessary.
Updated by Alex Alex over 10 years ago
+10000 for XENSERVER PV driver support. freebsd 10 is supporting it already.
Updated by Chris Buechler almost 9 years ago
this came along with the FreeBSD 10.1 base OS in 2.2.x versions