[guide] pfsense VM on QNAP in 2020

Introduce yourself to us and other members here, or share your own product reviews, suggestions, and tips and tricks of using QNAP products.
Locked
Yippym
Starting out
Posts: 46
Joined: Wed Apr 11, 2018 5:49 am

Re: [guide] pfsense VM on QNAP in 2020

Post by Yippym »

Moogle Stiltzkin wrote: Fri Jul 10, 2020 4:29 am
Here is the CPU usage history, ever since the ntopng package been turned on. At first I didn't noticed, but I have home assistant to log everything, to CPU load, CPU temperature. But yeah there is a paid version, but then you be storing even more information on top.
Image
User avatar
Moogle Stiltzkin
Guru
Posts: 11448
Joined: Thu Dec 04, 2008 12:21 am
Location: Around the world....
Contact:

Re: [guide] pfsense VM on QNAP in 2020

Post by Moogle Stiltzkin »

Yippym wrote: Fri Jul 10, 2020 9:19 am ..
i was only looking at the real time stats for the cpu and ram. i don't know where the historical logs are for this like in your example :' but yes i see how that could be useful for analysis, but i'm not sure how to get that info.
NAS
[Main Server] QNAP TS-877 (QTS) w. 4tb [ 3x HGST Deskstar NAS & 1x WD RED NAS ] EXT4 Raid5 & 2 x m.2 SATA Samsung 850 Evo raid1 +16gb ddr4 Crucial+ QWA-AC2600 wireless+QXP PCIE
[Backup] QNAP TS-653A (Truenas Core) w. 4x 2TB Samsung F3 (HD203WI) RaidZ1 ZFS + 8gb ddr3 Crucial
[^] QNAP TL-D400S 2x 4TB WD Red Nas (WD40EFRX) 2x 4TB Seagate Ironwolf, Raid5
[^] QNAP TS-509 Pro w. 4x 1TB WD RE3 (WD1002FBYS) EXT4 Raid5
[^] QNAP TS-253D (Truenas Scale)
[Mobile NAS] TBS-453DX w. 2x Crucial MX500 500gb EXT4 raid1

Network
Qotom Pfsense|100mbps FTTH | Win11, Ryzen 5600X Desktop (1x2tb Crucial P50 Plus M.2 SSD, 1x 8tb seagate Ironwolf,1x 4tb HGST Ultrastar 7K4000)


Resources
[Review] Moogle's QNAP experience
[Review] Moogle's TS-877 review
https://www.patreon.com/mooglestiltzkin
Yippym
Starting out
Posts: 46
Joined: Wed Apr 11, 2018 5:49 am

Re: [guide] pfsense VM on QNAP in 2020

Post by Yippym »

Moogle Stiltzkin wrote: Fri Jul 10, 2020 10:05 am
There you go, I've made a guide to how to use HomeAssistant with QNAP, I use this to check the history of everything.
viewtopic.php?f=45&t=155886
User avatar
Moogle Stiltzkin
Guru
Posts: 11448
Joined: Thu Dec 04, 2008 12:21 am
Location: Around the world....
Contact:

Re: [guide] pfsense VM on QNAP in 2020

Post by Moogle Stiltzkin »

Yippym wrote: Sat Jul 11, 2020 1:10 am ...
wow kewl ty :D

By the way you know you can ask vortax by pm to add your guide link to the megathread
https://www.reddit.com/r/qnap/comments/ ... teresting/

easier then for others to find it :wink:


Just read your guide, it's really well thought out. you offer the appropriate step by steps for docker newbs like myself, easy to follow, with explanations what it is, what it can do, and even some very important tips during config that i would have no idea about had you not explained it. kudos :mrgreen:

what i am unsure of is, how many cpu threads, ram and ssd space do you recommend i allot for this docker app?

i'm guessing 1 cpu thread, 1gb ram, 20gb ssd? :'
NAS
[Main Server] QNAP TS-877 (QTS) w. 4tb [ 3x HGST Deskstar NAS & 1x WD RED NAS ] EXT4 Raid5 & 2 x m.2 SATA Samsung 850 Evo raid1 +16gb ddr4 Crucial+ QWA-AC2600 wireless+QXP PCIE
[Backup] QNAP TS-653A (Truenas Core) w. 4x 2TB Samsung F3 (HD203WI) RaidZ1 ZFS + 8gb ddr3 Crucial
[^] QNAP TL-D400S 2x 4TB WD Red Nas (WD40EFRX) 2x 4TB Seagate Ironwolf, Raid5
[^] QNAP TS-509 Pro w. 4x 1TB WD RE3 (WD1002FBYS) EXT4 Raid5
[^] QNAP TS-253D (Truenas Scale)
[Mobile NAS] TBS-453DX w. 2x Crucial MX500 500gb EXT4 raid1

Network
Qotom Pfsense|100mbps FTTH | Win11, Ryzen 5600X Desktop (1x2tb Crucial P50 Plus M.2 SSD, 1x 8tb seagate Ironwolf,1x 4tb HGST Ultrastar 7K4000)


Resources
[Review] Moogle's QNAP experience
[Review] Moogle's TS-877 review
https://www.patreon.com/mooglestiltzkin
Yippym
Starting out
Posts: 46
Joined: Wed Apr 11, 2018 5:49 am

Re: [guide] pfsense VM on QNAP in 2020

Post by Yippym »

Moogle Stiltzkin wrote: Sat Jul 11, 2020 4:18 am
I'm just going to make guides here and there, if it's best in a megathread I don't mind it being added in.

Hmm it shouldn't take that much resources to handle polling the QNAP, though I got lots of things hooked to HomeAssistant and I generate 1.3GB of data a month.

I just tried softflowd package for pfSense check it out here viewtopic.php?f=45&t=154885#p758739, I think it's too much data. Just encase someone wants to load this NetFlow solution there is a guide to help.
MikeLagit
Easy as a breeze
Posts: 332
Joined: Fri Mar 22, 2013 11:40 pm

Re: [guide] pfsense VM on QNAP in 2020

Post by MikeLagit »

Speaking of nut, what are the pros and cons of pfSense controlling the UPS vs just leaving it being controlled by QTS?
Model: TVS-872XT 16GB
Model: TS-877-1700 16GB
Yippym
Starting out
Posts: 46
Joined: Wed Apr 11, 2018 5:49 am

Re: [guide] pfsense VM on QNAP in 2020

Post by Yippym »

MikeLagit wrote: Mon Jul 13, 2020 4:38 am Speaking of nut, what are the pros and cons of pfSense controlling the UPS vs just leaving it being controlled by QTS?
If your UPS don't have a network card, and you need to physically plug in the USB to the host you probably want to leave it on the QNAP. Otherwise you need pfSense with NUT to broadcast the UPS data to your QNAP for it to handle the power outage correctly.

What's your use case to have the UPS monitoring on the pfSense? If you got pfSense running as VM on QNAP, you don't want the VM of pfSense to relay that data to your QNAP if it's shutdown first.
MikeLagit
Easy as a breeze
Posts: 332
Joined: Fri Mar 22, 2013 11:40 pm

Re: [guide] pfsense VM on QNAP in 2020

Post by MikeLagit »

Makes sense. I just saw the screenshot of nut running in pfSense, and to me it should be on QTS if on a USB cable. Nut in PfSense would just shut the VM down, not the whole NAS.
Model: TVS-872XT 16GB
Model: TS-877-1700 16GB
User avatar
Moogle Stiltzkin
Guru
Posts: 11448
Joined: Thu Dec 04, 2008 12:21 am
Location: Around the world....
Contact:

Re: [guide] pfsense VM on QNAP in 2020

Post by Moogle Stiltzkin »

when updating QTS on the pfsense router vm on a QNAP via virtual station, there is a few things i want to point out

1. probably a better idea to download the firmware and install it manually, rather than doing it live
2. shutdown your pfsense before updating.
3. you MAY have issues in virtual switches, as WAN IP may not show for the QNAP (effectively meaning that your QNAP NAS says it has no internet so you can't update in appcenter because it can't contact the qnap appcenter server), but it works for your pcs. To fix this problem, go to the pfsense vm shell via virtual station, then do "5" normal reboot. After it fully reboots the vm, check in virtual switches, and it should be fixed.
4. in appcenter disable auto updates for qpkgs. i recommend doing this manually, because if you auto update virtual station, this may cause bugs or interference. Best do it manually doing off hours when nobody is expecting to use the internet.
5. since your qnap pfsense is a critical equipment for your internet connectivity, it's best to wait before updating qts and virtual station, just to be sure they actually work. You don't want to be stuck in a situation where it may not work, ... then you have no internet :' So check the forum first see what others are saying, if it's stable or not, before updating.


And when updating pfsense itself

1. DO NOT update packages, until AFTER you first update pfsense. It's even mentioned by pfsense :'
2. You may want to create a snapshot (via virtual station) BEFORE updating. And also keep a backup of the pfsense settings via pfsense, just in case you need to downgrade back if the new pfsense is dodgy.
NAS
[Main Server] QNAP TS-877 (QTS) w. 4tb [ 3x HGST Deskstar NAS & 1x WD RED NAS ] EXT4 Raid5 & 2 x m.2 SATA Samsung 850 Evo raid1 +16gb ddr4 Crucial+ QWA-AC2600 wireless+QXP PCIE
[Backup] QNAP TS-653A (Truenas Core) w. 4x 2TB Samsung F3 (HD203WI) RaidZ1 ZFS + 8gb ddr3 Crucial
[^] QNAP TL-D400S 2x 4TB WD Red Nas (WD40EFRX) 2x 4TB Seagate Ironwolf, Raid5
[^] QNAP TS-509 Pro w. 4x 1TB WD RE3 (WD1002FBYS) EXT4 Raid5
[^] QNAP TS-253D (Truenas Scale)
[Mobile NAS] TBS-453DX w. 2x Crucial MX500 500gb EXT4 raid1

Network
Qotom Pfsense|100mbps FTTH | Win11, Ryzen 5600X Desktop (1x2tb Crucial P50 Plus M.2 SSD, 1x 8tb seagate Ironwolf,1x 4tb HGST Ultrastar 7K4000)


Resources
[Review] Moogle's QNAP experience
[Review] Moogle's TS-877 review
https://www.patreon.com/mooglestiltzkin
fun__key
New here
Posts: 6
Joined: Sat Aug 01, 2020 2:35 pm

Re: [guide] pfsense VM on QNAP in 2020

Post by fun__key »

I did read most of your guide, and how on earth were you able to put the QNAP behind the pfsense?

I did follow the guide, and I have the exact same problems mentioned here viewtopic.php?t=143083 &, https://www.reddit.com/r/PFSENSE/commen ... qnap_cant/ & https://forum.netgate.com/post/815054

Frustration is strong with this one, has having a perfectly working router is pointless if the qnap can't use it. It completely defeat the purpose
You do not have the required permissions to view the files attached to this post.
User avatar
Moogle Stiltzkin
Guru
Posts: 11448
Joined: Thu Dec 04, 2008 12:21 am
Location: Around the world....
Contact:

Re: [guide] pfsense VM on QNAP in 2020

Post by Moogle Stiltzkin »

fun__key wrote: Sat Aug 01, 2020 2:45 pm ...
could you contact me in private message in reddit? may be better for helping you with this :'
https://www.reddit.com/user/MoogleStiltzkin/


WAN has a "do not assign ip". I based this on rlsteds guide somewhat.
-Setup your network on the "network and virtual switch" Application on the QNAP according to this picture.

https://imgur.com/a/xgv0Rt6

-Do not use any NAT or DHCP features from QNAP - all is done by pfsense. When configuring the QNAP vSwitches don't set an IP adress on the pfsene WAN side virtual switch since pfsene WAN NIC will pull an IP from Modem/Gateway DHCP. The pfsense LAN side should be configured as static IP inside the pfsense LAN network range. The QNAP Webinterface should be accessable through this IP.

-Connect your PC to the QNAP NIC Port 2 - you should also get an IP adress from pfsense DHCP Server.

-Set default gateway on QNAP to the Pfsense Internal Network Switch ((see picture).

-all done
https://www.reddit.com/r/qnap/comments/ ... s/ecclv89/

whereas the lan has a static lan ip setup. The lan default gateway should be your pfsense LAN static ip (this ip you setup in pfsense)

E.g. my QNAP static ip is 192.168.0.200 (this ip is setup in virtual switch for the qnap lan)

but the pfsense lan ip is 192.168.0.4

and in pfsense DHCP server i setup ranges 192.168.0.30 - 192.168.0.190



The wan port connects to your modem direct.


When setting up the virtual switches you have to follow the proper procedure. I'll double check what helpdesk told me if i recall.
Hi Moogle,

When you create a new virtual switch with "software-defined switch mode" this option to bundle NAS LAN adapter 1, you also need to set pfSense LAN adapter 1 into this software defined switch in pfSense VM OS network settings, see the screenshot as below.

mine looks like this for a working setup

Image



Also when you go to virtual station, pfsense vm, check the settings for the WAN and LAN port and make sure it's pointing to the correct ones. double check. After that check virtual switch, is it reflecting that? it should (refer to my screenshot).


If I use pfsense LAN ip as the gateway -> No internet
hm.... did you try going to pfsense VM shell and doing "5" normal reboot? :'


you have to make sure that the qnap nas and the pfsense router lan ip are both on the same range e.g.

if pfsense lan ip is 192.168.1.xxxxxxxxxx

then your qnap static lan ip should also be 192.168.1.xxxxxxxxxx

make sure the static ips for the qnap and router lan ip, are not within the DHCP range.

So DHCP server (in pfsense) would also be 192.168.1.xxxxxxxxxx 50-100 as an example.

But your QNAP and router lan ip would be either 1-49 or 101-255




most of the above is about virtual switches and somewhat touches on the ip ranges used.



but you later also need to ensure pfsense WAN and lan are properly configured :' In my case, my ISP had a special requirement for doing vlan tagging. Your ISP might not have that requirement. So you will need to configure that part depending on what your ISP requirements are. You can usually find out on your local tech community forums where i'm sure other users on the same isp have discussed about setup in pfsense to get the internet working :)
NAS
[Main Server] QNAP TS-877 (QTS) w. 4tb [ 3x HGST Deskstar NAS & 1x WD RED NAS ] EXT4 Raid5 & 2 x m.2 SATA Samsung 850 Evo raid1 +16gb ddr4 Crucial+ QWA-AC2600 wireless+QXP PCIE
[Backup] QNAP TS-653A (Truenas Core) w. 4x 2TB Samsung F3 (HD203WI) RaidZ1 ZFS + 8gb ddr3 Crucial
[^] QNAP TL-D400S 2x 4TB WD Red Nas (WD40EFRX) 2x 4TB Seagate Ironwolf, Raid5
[^] QNAP TS-509 Pro w. 4x 1TB WD RE3 (WD1002FBYS) EXT4 Raid5
[^] QNAP TS-253D (Truenas Scale)
[Mobile NAS] TBS-453DX w. 2x Crucial MX500 500gb EXT4 raid1

Network
Qotom Pfsense|100mbps FTTH | Win11, Ryzen 5600X Desktop (1x2tb Crucial P50 Plus M.2 SSD, 1x 8tb seagate Ironwolf,1x 4tb HGST Ultrastar 7K4000)


Resources
[Review] Moogle's QNAP experience
[Review] Moogle's TS-877 review
https://www.patreon.com/mooglestiltzkin
fun__key
New here
Posts: 6
Joined: Sat Aug 01, 2020 2:35 pm

Re: [guide] pfsense VM on QNAP in 2020

Post by fun__key »

Thank you for your answer.

Yes, I did double check - and everything should be as mentioned in your previous post.

I was able to get it working by manually replacing the default route with SSH, and then replace it in the interface. It works fine & survive a reboot; but I will have some more testing after my holidays; while it works it feels dirty.
MikeLagit
Easy as a breeze
Posts: 332
Joined: Fri Mar 22, 2013 11:40 pm

Re: [guide] pfsense VM on QNAP in 2020

Post by MikeLagit »

Can you explain the "dirty" route adjusting you did in detail? I didn't have any issues at all following the guide and it just worked right away after adding in the basic traffic allows.

Probably doesn't matter, but I noticed your interface map is backwards from what we've published in this help thread. Maybe that impacts something in the QNAP or pfsense for default routing.

ML
Model: TVS-872XT 16GB
Model: TS-877-1700 16GB
User avatar
Moogle Stiltzkin
Guru
Posts: 11448
Joined: Thu Dec 04, 2008 12:21 am
Location: Around the world....
Contact:

Re: [guide] pfsense VM on QNAP in 2020

Post by Moogle Stiltzkin »

okay here is an interesting situation.

had to shut off power, but forgot to properly shutdown the qnap. so a dirty shutdown.

so after booting up the tbs-453dx, i had no internet. also i could not connect to the nas.

i had to go to network adapter (on desktop pc), set it to a manual static ip within the same subnet. now i can access my qts for the qnap to check whats up.


so i did the check filesystem first. after that was done, i went to virtual station to restart the pfsense using "5" normal reboot. qnap has internet but not my desktop pc.

i updated virtual station first. then reboot.

then change the network adapter back to auto.

now i have internet again :)



the thing is, my desktop pc is getting a static dhcp from the pfsense. but as you can see, perhaps this was one of the downsides when the pfsense router goes down, then this happens. something to keep in mind.
NAS
[Main Server] QNAP TS-877 (QTS) w. 4tb [ 3x HGST Deskstar NAS & 1x WD RED NAS ] EXT4 Raid5 & 2 x m.2 SATA Samsung 850 Evo raid1 +16gb ddr4 Crucial+ QWA-AC2600 wireless+QXP PCIE
[Backup] QNAP TS-653A (Truenas Core) w. 4x 2TB Samsung F3 (HD203WI) RaidZ1 ZFS + 8gb ddr3 Crucial
[^] QNAP TL-D400S 2x 4TB WD Red Nas (WD40EFRX) 2x 4TB Seagate Ironwolf, Raid5
[^] QNAP TS-509 Pro w. 4x 1TB WD RE3 (WD1002FBYS) EXT4 Raid5
[^] QNAP TS-253D (Truenas Scale)
[Mobile NAS] TBS-453DX w. 2x Crucial MX500 500gb EXT4 raid1

Network
Qotom Pfsense|100mbps FTTH | Win11, Ryzen 5600X Desktop (1x2tb Crucial P50 Plus M.2 SSD, 1x 8tb seagate Ironwolf,1x 4tb HGST Ultrastar 7K4000)


Resources
[Review] Moogle's QNAP experience
[Review] Moogle's TS-877 review
https://www.patreon.com/mooglestiltzkin
MikeLagit
Easy as a breeze
Posts: 332
Joined: Fri Mar 22, 2013 11:40 pm

Re: [guide] pfsense VM on QNAP in 2020

Post by MikeLagit »

Makes complete sense since pfsense would be off, and isn't able to assign the desktop an IP on the network.
Model: TVS-872XT 16GB
Model: TS-877-1700 16GB
Locked

Return to “Users' Corner”