Post-Install: Virtualization
What this category covers
Install relevant guest agent
Detects the virtualization environment the Proxmox host is running on (using systemd-detect-virt and dmidecode) and installs the matching guest-tools package so the outer hypervisor can communicate with Proxmox cleanly (graceful shutdown, clock sync, IP reporting, etc.).
| Detected host | Package installed |
|---|---|
| QEMU / KVM | qemu-guest-agent |
| VMware (ESXi, Workstation) | open-vm-tools |
| VirtualBox | virtualbox-guest-utils |
| Bare metal (none) | — no-op, nothing installed |
Skip this on bare-metal Proxmox
none and the script exits without changes. The option only matters for the minority of setups that run Proxmox as a guest for testing or labs.Enable VFIO IOMMU support
Turns on IOMMU on the host and loads the kernel modules that make PCI passthrough possible (vfio, vfio_iommu_type1, vfio_pci). With this enabled, you can bind a physical device to a VM and the guest gets direct, near-bare-metal access to it.
Who needs this
- You want to pass a GPU to a Windows gaming VM or a macOS VM.
- You have a dedicated 10G NIC for a firewall/router VM (OPNsense, pfSense).
- You want to pass an HBA directly to a TrueNAS/Unraid VM for ZFS on bare disks.
- You're planning to use Coral TPU, a capture card, or an SDR dongle in a VM.
If none of those apply, you can safely skip this option. For passthrough to an LXC (not a VM), IOMMU is not required.
What ProxMenux does
The function is boot-loader aware: it detects whether Proxmox is on ZFS (systemd-boot) or LVM/ext4 (GRUB) and writes to the right file. It's also idempotent — if the parameters are already present, nothing is added.
| Boot type | File touched | Post-update step |
|---|---|---|
| systemd-boot (ZFS) | /etc/kernel/cmdline | proxmox-boot-tool refresh |
| GRUB (LVM/ext4) | /etc/default/grub | update-grub |
Kernel parameters added:
# Intel CPU → intel_iommu=on
# AMD CPU → amd_iommu=on
# Plus these in both cases:
iommu=pt
pcie_acs_override=downstream,multifunctionKernel modules added to /etc/modules:
vfio
vfio_iommu_type1
vfio_pci
vfio_virqfd # only on kernels < 6.2 (merged into vfio in 6.2+)Conflicting drivers blacklisted in /etc/modprobe.d/blacklist.conf:
nouveau
lbm-nouveau
radeon
nvidia
nvidiafb
options nouveau modeset=0Blacklisting GPU drivers conflicts with host-side GPU usage
- GPU → VM: enable VFIO/IOMMU here, leave the GPU drivers blacklisted.
- GPU → LXC (or host): skip this option, use the NVIDIA host install, do not blacklist nvidia/nouveau.
- Two GPUs: one can go to a VM and the other to an LXC, but you'll need finer-grained configuration (bind only one card to
vfio-pciby PCI ID). Default blacklist is too broad for this case — editblacklist.confafterwards.
Reboot required
update-initramfs -u -k all and the boot-loader refresh, and sets the "reboot required" flag so Customizable prompts you at the end.Verification after reboot
# IOMMU is actually on
dmesg | grep -E "DMAR|IOMMU" | head
# Expect lines like "IOMMU enabled" / "DMAR: IOMMU enabled"
# VFIO modules loaded
lsmod | grep vfio
# See your IOMMU groups — each "Group N" can be passed independently
for d in /sys/kernel/iommu_groups/*/devices/*; do
n=${d#*/iommu_groups/*}; n=${n%%/*}
printf 'Group %s ' "$n"; lspci -nns "${d##*/}"
done | sort -VReversible from the Uninstall menu
/etc/kernel/cmdline or GRUB, removes the VFIO modules from /etc/modules, removes the driver blacklist entries, and rebuilds initramfs. A reboot is required to actually apply the reversion.Related
- Add GPU to VM (Passthrough) — natural next step once IOMMU + VFIO are enabled.
- Add Controller or NVMe to VM — same passthrough infrastructure for storage controllers.
- GPU Passthrough commands — IOMMU verification reference.
- Uninstall Optimizations — back IOMMU / VFIO out cleanly.
- Customizable Post-Install — back to the parent menu.