Holy guacamole...so XCP-ng would allow to configure VLANs the same way it is configured at a customers' and then test everything with PfSense on a VM...all there is to do after that is import the config in the bare metal production PfSense. Wonderful ! 😁 I'm trying to make a PfSense work with a solo NIC on an Intel NuC. The only thing that I still gotta achieve is making the ISP connection launch with ONT on port 1 and PfSense on port 2 of the customers' switch. Someone who already did that kind of config told me that it should work as long as those two ports are on the same VLAN, so far it's not working but I might be missing something of course. XCP-ng will certainly help figuring it out. Thanks Tom! 🙏 [EDIT] I hadn't seen the last two minutes of your video talking about defining VLANs inside of PfSense...as the video is four years old, I don't know if it is still relevant or if a feature was simply missing at that time, but I'll check the link you're talking about!
Do you know how to define a list of VLAN IDs for a specific VIF? I do not want VIF to be able to communicate with the all of VLAN IDs except a defined ones. I expect this should be possible with XCP-NG because it works for me with Xen OpenSource and openvswitch using a domU VM configuration below: "vif = ['mac=00:16:3e:1a:bc:de, bridge=xenbr0:15:16:17,18']" In this example VIF can communicate using VLAN IDs 15, 16, 17, and 18. Unfortunately I cannot figure out how to do the same on XCP-NG. I've searched for examples on using VLANs but couldn't find any settings which would limit VIF communication to the list of the defined VLAN IDs.
I have a dedicated server on cloud with only 1 public IP. I have installed XCP-ng there. Now, how can I create a private network with NAT(using that only public IP interface) to allocate to the VMs? I want the VMs to have internet access and also inter-private communication among them. I can easily do this on Proxmox by creating Linux bridges and NAT configurations. Wondering if there is a way to do it on XCP-ng?
@@LAWRENCESYSTEMS Thanks for your response. How to create a bridge network for both VM to VM communication and Host to VM communication & vice versa? Problem here is cloud provider is providing only one physical NIC with 1 public IP (and it won't have DHCP). So I need a internal networking between VM and Host along with internet working. (without purchasing a lot of public IP/subnet from cloud provider)
Hi Tom great vid , yes you have to change the code in pfsense as per the instructions to BS the VM to enable VLAN to work properly - I managed to get that to work : 1. offloading disabled , 2. 1504 mtu value set , and 3. modify /etc/inc/interfaces.inc file and vola like magic :-) , gre tunneling is interesting - the security and speed benefits would defiantly be cool to look at :-) have a great one and keep smiling Tom .... best regards Lance
I alway love your videos and appreciate everything you do. I have noticed though that in your last two videos, your audio level seems to be lower then normal.
i confirm this. My audio is usually at 50% on windows settings and have to boost to 100% to have a good level for Tom Videos. Glad to read he's gonna look at it.
LOL, thanks guys. I'll be migrating over to it next week from Hyper-v. I'll be trying a securityonion vm, which will require a mirrored port from the physical pfSense machine. Wish me luck.
Hi, i have a vlan with id 91 defined in my switch and would like to use a pfsense vm as dhcp server for this vlan. So i created the vlan network in xcp-ng server, then assigned it to the pfsense vm interface (xn1). But once in pfsense, if i set the xn1 interface ip config as dhcp it retrieve a ip of the vlan91 without i need to set vlan on this interface! but if i create the vlan interface with id 91 this interface doesn't retrieve ip, even if i set mtu 1504 on parent interfaces in xcp-ng and pfsense. so i'm a little bit lost.... should i ignore vlan settings in pfsense side? does machines plugged on the switch will retrieve an ip from the pfsense dhcp servrer even if the pfsense interface used by the dhcp doesn't have vlan id defined?
Holy guacamole...so XCP-ng would allow to configure VLANs the same way it is configured at a customers' and then test everything with PfSense on a VM...all there is to do after that is import the config in the bare metal production PfSense. Wonderful ! 😁
I'm trying to make a PfSense work with a solo NIC on an Intel NuC. The only thing that I still gotta achieve is making the ISP connection launch with ONT on port 1 and PfSense on port 2 of the customers' switch.
Someone who already did that kind of config told me that it should work as long as those two ports are on the same VLAN, so far it's not working but I might be missing something of course. XCP-ng will certainly help figuring it out. Thanks Tom! 🙏
[EDIT] I hadn't seen the last two minutes of your video talking about defining VLANs inside of PfSense...as the video is four years old, I don't know if it is still relevant or if a feature was simply missing at that time, but I'll check the link you're talking about!
Tom, if one were to virtualize a pfsense box, would you have pfsense create the vlan interfaces or the hypervisor?
The hypervisor is the easier way to do it.
Do you know how to define a list of VLAN IDs for a specific VIF? I do not want VIF to be able to communicate with the all of VLAN IDs except a defined ones. I expect this should be possible with XCP-NG because it works for me with Xen OpenSource and openvswitch using a domU VM configuration below:
"vif = ['mac=00:16:3e:1a:bc:de, bridge=xenbr0:15:16:17,18']"
In this example VIF can communicate using VLAN IDs 15, 16, 17, and 18. Unfortunately I cannot figure out how to do the same on XCP-NG. I've searched for examples on using VLANs but couldn't find any settings which would limit VIF communication to the list of the defined VLAN IDs.
I have a dedicated server on cloud with only 1 public IP. I have installed XCP-ng there. Now, how can I create a private network with NAT(using that only public IP interface) to allocate to the VMs? I want the VMs to have internet access and also inter-private communication among them.
I can easily do this on Proxmox by creating Linux bridges and NAT configurations. Wondering if there is a way to do it on XCP-ng?
XEN has both private network and VXLAN options.
@@LAWRENCESYSTEMS Thanks for your response. How to create a bridge network for both VM to VM communication and Host to VM communication & vice versa?
Problem here is cloud provider is providing only one physical NIC with 1 public IP (and it won't have DHCP). So I need a internal networking between VM and Host along with internet working. (without purchasing a lot of public IP/subnet from cloud provider)
I created a vlan but I get an routable ip: 169.254.215.xx... what to do from there? any video?
Hi Tom great vid , yes you have to change the code in pfsense as per the instructions to BS the VM to enable VLAN to work properly - I managed to get that to work : 1. offloading disabled , 2. 1504 mtu value set , and 3. modify /etc/inc/interfaces.inc file and vola like magic :-) , gre tunneling is interesting - the security and speed benefits would defiantly be cool to look at :-) have a great one and keep smiling Tom .... best regards Lance
I alway love your videos and appreciate everything you do. I have noticed though that in your last two videos, your audio level seems to be lower then normal.
Yes, sometimes after an update it causes a weird issue like that. I have to go through the settings and see what might have changed.
i confirm this. My audio is usually at 50% on windows settings and have to boost to 100% to have a good level for Tom Videos. Glad to read he's gonna look at it.
LOL, thanks guys. I'll be migrating over to it next week from Hyper-v. I'll be trying a securityonion vm, which will require a mirrored port from the physical pfSense machine. Wish me luck.
Thanks!
Hi, i have a vlan with id 91 defined in my switch and would like to use a pfsense vm as dhcp server for this vlan. So i created the vlan network in xcp-ng server, then assigned it to the pfsense vm interface (xn1).
But once in pfsense, if i set the xn1 interface ip config as dhcp it retrieve a ip of the vlan91 without i need to set vlan on this interface! but if i create the vlan interface with id 91 this interface doesn't retrieve ip, even if i set mtu 1504 on parent interfaces in xcp-ng and pfsense. so i'm a little bit lost.... should i ignore vlan settings in pfsense side? does machines plugged on the switch will retrieve an ip from the pfsense dhcp servrer even if the pfsense interface used by the dhcp doesn't have vlan id defined?
Nice !!!!!!!