KVM Virtualisation and a pfSense firewall

Recently I decided to stop breaking stuff on my web server, dns server and other internal infrastructure. It simply takes too much time to fix again so, “if it ain’t broke, don’t try to fix it”. But in order to test new stuff, without breaking things, I did want to have a testing environment so I set that up. An exact replica of what I have running at home. On some lower-end hardware, with full network separation using a pfSense firewall (virtual).

Thats when the (time-consuming) problems began. For some reason the outside world could be pinged. However, no other traffic was possible. SSH, HTTP, FTP, hell, even Telnet… nothing worked. And I could not yet find why. After some hours fiddling with the pfSense setup and KVM configuration. More hours of googling and searching, I finally found what was wrong. The network driver… It appeared that, for some reason, when using pfSense, using a fully virtualised driver (virtio) does not work according to this post on the pfSense forum.

After switching to either the e1000 or Realtek driver, everything worked like a charm. Now that I have a fully functional testing environment, I can start learning more new stuff again! Some of the things that are on my wish-list:

  • Ansible, automating everything
  • Network Monitoring, using Alienvault OSSIM and some other stuff
  • Log analysis, using ELK stack
  • and more…