pfSense KVM Virtualization

So, I’ve been wanting to build a pfSense router solution into my home network for a while. Seeing as I had an old Core 2 Quad Q6600 laying around, I decided to give it a try. One thing I didn’t want to do though was to simply install pfSense bare metal and then call it a day – this seems like it was wasting a lot of CPU and memory for no reason.

With this in mind, I grab the latest version of CentOS 7 and installed it onto the machine. I then started grabbing and configuring KVM on the fresh install. I found a video doing it under Ubuntu on YouTube (https://www.youtube.com/watch?v=B-DwU6fJvPk). There were several other sites here and there I grabbed to make sure that I was doing everything correctly for CentOS rather than Ubuntu.

Because I don’t have any desktops that were linux based, and I didn’t want to install X Window System onto the server for no reason, I had to spin up a VM on my main desktop to be able to use the virt-manager to configure everything graphically. I didn’t really want to do it via the command line (lots of copying and pasting between the internet and the ssh session). And sometimes it’s nice to use the simply UI. In the end, this was a good decision because it allowed me to also do some testing via iperf when the performance was a problem.

By default, the NIC device model was the e1000, which turned out to be a problem. After lots of research and troubleshooting, I finally moved to the virtio and disabled the hardware checksum offload (https://docs.netgate.com/pfsense/en/latest/virtualization/virtio-driver-support.html). This allows me to go from ~350 Mbits/sec to 909 Mbits/sec (on a 1000 Mbits/sec LAN connection). Turns out, it wasn’t that bad after all.

Leave a Reply