I did run into those “odd issues” and posted about it here:
TL;DR If you disable “hardware checksum offloading” in the pfSense GUI, the virtio driver works fine.
I have no issues putting pfsense in a VM. Just be sure to dedicate a physical NIC to it, and keep the hypervisor AND pfsense up to date.
Our enterprise, gigabit WAN connection is running off a pair of virtualised palo alto firewalls (provided/hosted by the ISP) - running a firewall inside a VM is fine IMHO, so long as you take the relevant precautions.
I’m also running pfsense for my work-lab, acting as a NAT gateway and network segment router within VMware workstation. I use it to simulate bandwidth, latency, etc. for simulated WAN links between multiple virtual networks.
It’s what you should do, but we don’t, because we can.
Nope.
I have storage on a dedicated FreeNAS box. Compute is on other stuff 
1 Like