Friday, June 10, 2016

PFsense on Xenserver 6.5



PFsense has a few issues with XenServer. First the nic offloading on FreeBSD is not compatible with the virtual nics on XenServer. This causes very slow throughput on the virtual nics. Second PFsense doesn't see the xn nics as supporting Vlans even though they do.  And last XenServer tools needs to be installed.



So first disable the offloading on the nics.  

1.
First find the UUID of the virtual interfaces for the VM running PFsense, type the following in the XenServer console: 

xe vm-vif-list uuid=VMUUID


Then using each of those UUIDs

2.
xe vif-param-set uuid=VIFUUID other-config:ethtool-tx="off"
xe vif-param-set uuid=VIFUUID other-config:ethtool-rx="off"



http://think-brick.blogspot.com/2016/02/pfsense-on-xenserver-enable-vlan.html
Next you must trick PFSense into allowing vlans on the xen nic.
This needs to be done in the PFSense webpage

1.
Go to Diagnostic -> Edit File

2.
Load file /etc/inc/interfaces.inc

3.
Add the "//hack for XenServer" to the file after the "//hack for some lagg modes", and before the "return false;":
// hack for some lagg modes missing vlanmtu, but work fine w/VLANs
if (substr($iface, 0, 4) == "lagg")
return true;

 // hack for XenServer xn interfaces
if (substr($iface, 0, 2) == "xn")
return true;

return false;




Last install XenServer tools

1. 
pkg install xe-guest-utilities

2.
echo "xenguest_enable=\"YES\"" >> /etc/rc.conf.local
ln -s /usr/local/etc/rc.d/xenguest /usr/local/etc/rc.d/xenguest.sh

3.
service xenguest start



That's it!  Your done...  BUT WARNING!!! If you upgrade to a newer version that overwrites interfaces.inc PFsense may not boot.  At this point I plan on Backing up my config and taking a snapshot each time I test an upgrade.  If the upgrade breaks things then i'll install from scratch and run the above fixes then restore my config.  Not fun, no... But until they start better supporting XenServer we don't have much of an option.


References:

Disable nic offloading
https://forum.pfsense.org/index.php?topic=85797.0

Enable vlans
http://think-brick.blogspot.com/2016/02/pfsense-on-xenserver-enable-vlan.html

Install XenServer tools
https://blog.feld.me/posts/2014/07/pfsense-on-citrix-xenserver/



Posted by at 1 comment:
Labels: , ,

Monday, March 21, 2016

Install issues with XenServer 6.5 on a HP DL380 G5 or Cisco MCS7800

After having to install XenServer 6.5 on a Cisco MCS7800, which is just a re-branded HP DL380 G5, I wanted to list post install steps that must be taken.

1.  For some reason a local storage area is never created during install.  So step one is to create it.
xe sr-create content-type=user type=ext device-config:device=/dev/cciss/c0d0p3 shared=false name-label="Local storage"
2.  Make it default by right clicking on Local storage and choosing default using XenServer manager GUI.

3.  And finally, because the local storage was never created an import template was never generated
cd /opt/xensource/packages/files/transfer-vm./install-transfer-vm.sh

That should fix the issues of not having local storage, not having default storage, and not having an import template.  If I come across other tweaks that are needed with this system i'll add them to the list.

http://discussions.citrix.com/topic/362083-populating-local-storage-on-xenserver-65/page-3

Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)