The following BIOS settings are recommended for Intel NUC Systems running VMware ESXi. The list was created based on the latest 10th Gen Frost Canyon. Available options may differ with older NUCs.
To enter the BIOS, press F2 after powering on the system.
Onboard Devices
It's a good practice to disable all unused devices. I recommend disabling everything except the onboard NIC and Thunderbolt support.
- Advanced > Onboard Devices > HD Audio: Disabled
- Advanced > Onboard Devices > Digital Microphone: Disabled
- Advanced > Onboard Devices > LAN: Enabled*
- Advanced > Onboard Devices > Thunderbolt Support: Enabled*
- Advanced > Onboard Devices > WLAN: Disabled
- Advanced > Onboard Devices > Bluetooth: Disabled
Advanced > Onboard Devices > SDCard 3.0 Controller: Disabled- Advanced > Onboard Devices > Enhanced Consumer IR: Disabled
- Advanced > Onboard Devices > HDMI CEC Control: Disabled
Note: While the SD Card Controller does not work with ESXi, disabling it might result in problems with the network adapter.
Cooling
The cooling configuration depends on your situation. If you need the NUC to be as silent as possible, configure the Fan Control Mode to "Silent". When noise is not a problem configure it to "cool", which is the best mode for reliability.
- Cooling > Fan Control Mode: Cool
Performance
For maximal performance, make sure that HT, Turbo Boost and all cores are enabled.
- Performance > Prozessor > Hyper-Threading: Enabled*
- Performance > Prozessor > Intel Turbo Boost Technology: Enabled*
- Performance > Prozessor > Active Processor Cores: All*
Security
Activate both virtualization features VT-x and VT-d. To get rid of TPM 2.0 error mesages ("TPM 2.0 device detected but a connection cannot be established.") disable Intel PTT.
- Security > Security Features: Intel Virtualization Technology: Enabled*
- Security > Security Features: Intel VT for Directed I/O (VT-d): Enabled*
- Security > Security Features: Intel Platform Trust Technology: Disabled
Power
Do not change power policies, they can be configured from the ESXi itself, which is much more comfortable and possible without a reboot. Wake on LAN allows you to power on the nuc remotely, which is also very helpful.
- Power > Max Performance Enabled: Enabled*
- Power > Intel Dynamic Power Technology: Energy Efficient Perform*
- Power > Processor Power Efficiency Policy: High Performance*
- Power > Secondary Power Settings > After Power Failure: Last State
- Power > Secondary Power Settings > Wake on LAN from S4/S5: Power On/Normal Boot
Boot
- Boot > Secure Boot > Secure Boot: Disabled
* Default Setting
Howdy! Is there anyone having the issue with the TPM message on NUC10i7FNH with ESXI6.7u3 and vCenter (TPM 2.0 device detected but a connection cannot be established.)? I already disabled the tpm function from bios and message is still appearing. Thanks, GD
Hello.
Yes, many people are having problems with the TPM Message. Sometimes disabling Secure Boot and PTT works, sometimes not. I've not figured out how to get rid of the error completely.
A bios upgrade can help, the warning disappeared after my last upgrade cycle.
I'm getting (TPM 2.0 device detected but a connection cannot be established.) in my vCenter 6.7 running on NUC7i7BNH. I upgraded the BIOS to BNKBL357.86A
Version: 0081 (Latest) Date: 1/14/2020 and I still the the error.
Awesome! Thanks for the advice. ESXi 7.0 is working great on my NUC i7 10th Gen.
> configure the Fan Control Mode to "Silent".
Does not change fan rpm on my NUC8I5, stays at 3800rpm.
newest BIOS (version 83) is installed.
brand new bios 85 out, fan now always at 2200rpm sitting idle in bios, using "balanced" or "quiet" or even "fanless".
> "Boot > Secure Boot > Secure Boot: Disabled"
maybe this prevents booting from M.2/NVMe
Please remove the recommend setting:
Advanced > Onboard Devices > SDCard 3.0 Controller: Disabled
It breaks Nuc gen 8 network controller on all linux operation system for now, even today on the newest bios!.
Symptons: ESXI perform very worse.
Source: https://community.intel.com/t5/Intel-NUCs/Really-weird-problem-in-ethernet-adapter-in-NUC8i5BEH-Help/td-p/653641/page/2
I can confirm that disabling the SD card breaks the network access. NUC 8i5BEH ESXi 7.0.1d with the old intel network driver.
Another confirmation to bad I didn't see these comments, following this article I disabled the SD Card and it caused a lot of confusion and troubleshooting before I found the Intel article as mentioned above:
https://community.intel.com/t5/Intel-NUCs/Really-weird-problem-in-ethernet-adapter-in-NUC8i5BEH-Help/td-p/653641/page/2