Date: Wed, 4 Nov 2020 16:56:07 +0000 (UTC) From: Paul Pathiakis <pathiaki2@yahoo.com> To: "freebsd-virtualization@freebsd.org" <freebsd-virtualization@freebsd.org>, Thomas Laus <lausts@acm.org> Subject: Re: Using OpenBSD guest as PF firewall Message-ID: <974524126.1643642.1604508967098@mail.yahoo.com> In-Reply-To: <01000175941a2783-79804ed8-eafa-4f80-92d4-3f500e9d7993-000000@email.amazonses.com> References: <01000175941a2783-79804ed8-eafa-4f80-92d4-3f500e9d7993-000000@email.amazonses.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi,
Is there a reason you would want to use OpenBSD versus FreeBSD?=C2=A0 FreeB=
SD has pf and I use it on my server at home.=C2=A0=20
Are you exploring OpenBSD?=C2=A0 Did you not know that pf is an available f=
irewall on FreeBSD?
Paul
On Wednesday, November 4, 2020, 11:32:33 AM EST, Thomas Laus <lausts@ac=
m.org> wrote: =20
=20
Is there a How-To or a Handbook article for using an OpenBSD guest as a
firewall for a FreeBSD host?=C2=A0 I have enabled pci-passthru and the
OpenBSD guest can use the functional FreeBSD NIC hardware and has a
hostname.vio0 configured with an IP address and netmask.=C2=A0 I have creat=
ed
a public switch on the FreeBSD side and have added tap0.=C2=A0 I can connec=
t
both from and to the OpenBSD / FreeBSD host by their respective IP
addresses.=C2=A0 These addresses both use the same subnet.=C2=A0 I can't co=
nnect
anywhere else from the FreeBSD host.=C2=A0 The OpenBSD guest has an open
pf.conf file to pass all packets to from vio0 to my re0 NIC.
The OpenBSD system is version 6.8 and the FreeBSD is Current r367054.
It looks like I need to create a bridge somewhere, but can't find the
proper commands to make one.=C2=A0 I have read a few instructions, but none
of them use commands from the vm-bhyve port.=C2=A0 I found that is always a
good idea to not 'mix and match' these methods.
Tom
--=20
Public Keys:
PGP KeyID =3D 0x5F22FDC1
GnuPG KeyID =3D 0x620836CF
_______________________________________________
freebsd-virtualization@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-virtualization
To unsubscribe, send any mail to "freebsd-virtualization-unsubscribe@freebs=
d.org"
=20
From owner-freebsd-virtualization@freebsd.org Wed Nov 4 17:14:23 2020
Return-Path: <owner-freebsd-virtualization@freebsd.org>
Delivered-To: freebsd-virtualization@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mailman.nyi.freebsd.org (Postfix) with ESMTP id 376BC462377
for <freebsd-virtualization@mailman.nyi.freebsd.org>;
Wed, 4 Nov 2020 17:14:23 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3])
by mx1.freebsd.org (Postfix) with ESMTP id 4CRCtl0mcJz426s
for <freebsd-virtualization@freebsd.org>; Wed, 4 Nov 2020 17:14:23 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: by mailman.nyi.freebsd.org (Postfix)
id 18AEC461D79; Wed, 4 Nov 2020 17:14:23 +0000 (UTC)
Delivered-To: virtualization@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
by mailman.nyi.freebsd.org (Postfix) with ESMTP id 18755461D78
for <virtualization@mailman.nyi.freebsd.org>;
Wed, 4 Nov 2020 17:14:23 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
[IPv6:2610:1c1:1:606c::19:3])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
client-signature RSA-PSS (4096 bits) client-digest SHA256)
(Client CN "mxrelay.nyi.freebsd.org",
Issuer "Let's Encrypt Authority X3" (verified OK))
by mx1.freebsd.org (Postfix) with ESMTPS id 4CRCtk6yNdz426r
for <virtualization@FreeBSD.org>; Wed, 4 Nov 2020 17:14:22 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org
[IPv6:2610:1c1:1:606c::50:1d])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
(Client did not present a certificate)
by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id CE24810CCF
for <virtualization@FreeBSD.org>; Wed, 4 Nov 2020 17:14:22 +0000 (UTC)
(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 0A4HEMON047623
for <virtualization@FreeBSD.org>; Wed, 4 Nov 2020 17:14:22 GMT
(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 0A4HEMnC047622
for virtualization@FreeBSD.org; Wed, 4 Nov 2020 17:14:22 GMT
(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to
bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: virtualization@FreeBSD.org
Subject: [Bug 250865] Usage of recent windows virtio-blk driver crashes the
bhyve VM
Date: Wed, 04 Nov 2020 17:14:23 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: bhyve
X-Bugzilla-Version: 12.2-STABLE
X-Bugzilla-Keywords:
X-Bugzilla-Severity: Affects Only Me
X-Bugzilla-Who: mr@FreeBSD.org
X-Bugzilla-Status: New
X-Bugzilla-Resolution:
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: virtualization@FreeBSD.org
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields:
Message-ID: <bug-250865-27103-Q0OjK8MUp5@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-250865-27103@https.bugs.freebsd.org/bugzilla/>
References: <bug-250865-27103@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-BeenThere: freebsd-virtualization@freebsd.org
X-Mailman-Version: 2.1.33
Precedence: list
List-Id: "Discussion of various virtualization techniques FreeBSD supports."
<freebsd-virtualization.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-virtualization>,
<mailto:freebsd-virtualization-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-virtualization/>;
List-Post: <mailto:freebsd-virtualization@freebsd.org>
List-Help: <mailto:freebsd-virtualization-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-virtualization>,
<mailto:freebsd-virtualization-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Nov 2020 17:14:23 -0000
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D250865
--- Comment #2 from Michael Reifenberger <mr@FreeBSD.org> ---
Hi,
many thanks for the hint.
Yes, this version is working fine (for some time).
Unfortunately I get a bluescreen in Windows and:
...
pid 39852 (bhyve), jid 0, uid 0: exited on signal 6
...
when running a CrystalDiskMark benchmark on this disk :-(
So at least its not finally stable somewhere.
Could you try to stress the virtio-blk disks a bit.
BTW if its relevant:=20
I put the virtio-blk disk on a ZFS vol with 4k blocksize.
--=20
You are receiving this mail because:
You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?974524126.1643642.1604508967098>