As I digressed in my last post, virtualizing pfSense wasn’t as difficult as I expected. From what I’d read online I was afraid it would have some adverse affect on network performance, especially considering most of my “infrastructure” is reclaimed, second-hand, or otherwise cast-off from production use. It fully appears, however, that these fears were unfounded (standard Spectrum cable, don’t judge): Physical 32bit Xen Virtualized 64bit Barely noticeable, and honestly well within the standard variance of such types of throughput tests.

Update Jan 31, 2018 This is verified (by me, at least) to work on both the official XenServer 7.2, and with the experimental xcp-ng. I've also semi-automated the process with these Ansible bits for new hardware / pool upgrades. Don’t get me wrong, XenServer 7 is a huge improvement over previous versions, and still my product of choice for those that don’t want to pay a literal fortune for vmWare licensing.