DynFi Manager and Firewall Forums

hi, former untangle user here, have a few questions regarding DynFi Firewall.

DynFi Firewall is designed to be deployed on a virtualized platform like Proxmox

I'm looking to switch off baremetal and install proxmox > dynfi, is there some kind of performance hit or is it so negligible it doesn't matter?

secondly, does DynFi have any sort of SQM such as fq_codel or cake or something similar?

hi, former untangle user here, have a few questions regarding DynFi Firewall.

DynFi Firewall is designed to be deployed on a virtualized platform like Proxmox

I'm looking to switch off baremetal and install proxmox > dynfi, is there some kind of performance hit or is it so negligible it doesn't matter?

secondly, does DynFi have any sort of SQM such as fq_codel or cake or something similar?

Performance hit when using DynFi Firewall as a virtualized solution is negligible.
It will mostly depend on the quality of your interfaces and the network driver you are using (virtio is a good candidate).

There is no SQM or fq_codel in DynFi Firewall, but there is the possibility to use some QoS mechanism and probably do some tuning on the interfaces settings (not sure it will add a lot of benefit though)… 

Important thing to remember is to use a "raw" disk and NOT "qcow2".
After successful install you can enable the qemu-guest-agent in DynFi Firewall in order to get a better communication between hypervisor and VM (will need to be started manually for the time being)

In order for qemu-guest-agent to auto-start you will need to edit (or create) the file /etc/rc.conf.d/qemu_guest_agent and add the following into it:
You might also need to "touch /var/log/qemu-ga.log"

This should allow you to auto-start qemu-guest-agent on your DynFi Firewall.
Of course on the PVE, you need to enable the qemu-guest-agent also.

Hope this helps.