with the demise of ESXi, I am looking for alternatives. Currently I have PfSense virtualized on four physical NICs, a bunch of virtual ones, and it works great. Does Proxmox do this with anything like the ease of ESXi? Any other ideas?
Tossing in my vote for Proxmox. I’m running OPNsense as a VM without any issues. I did originally try pfSense, but didn’t like it for some reason (I genuinely can’t recall what it was).
Either way, Proxmox virtual networking has been relatively easy to learn.
pfSense, but didn’t like it for some reason
Probably the shitbirds at Netgate put you off it, understandably.
No problem using multiple physical and virtual ports for a pfsense in proxmox
Admittedly I have not dug too deeply into Proxmox but its learning curve appears kinda steep.
There’s multiple guides on virtualizing pfsense in proxmox, but the easiest is to simply pci passthrough the nics you wanna use.
I do recommend you leave a physical nic for proxmox itself to maintain LAN access to it if your pfsense is down.There could be driver issues doing this. I had a bad experience with Emulex NICs under OPNsense, Intel OTOH worked flawlessly. Switched back to virtual interfaces tho, as it works about as good as a physical NIC
its not too bad. i switched from esxi to proxmox about 2 years ago.
i run a virtualized opnsense with 2 nic’s passed through and another 2 virt, so it can be done
Hey! I have been using ESXi about three year now. I have two identical NIC I bought. One for WAN and one for LAN. I also discovered I had to use the onboard LAN port (3rd port!) just to be able to access the web control. (Is that normal?)
Anyway, I want to move to Proxmox, and then virtualize my OPNSense like I have on ESXi.
I get so confused by how the adapters should be. Ideally I would love to have the LAN connect to a (dumb) switch, and provide Wi-Fi. But one thing I never tried before is a VLAN to protect the LAN from the Wi-Fi traffic, but still allowing some systems to still work like streaming data from the wired PC on the LAN to the NVIDIA Shield Pro. But then keeping the Alexa/Echo system on a more restricted WiFi.
Can I do all this? I’m thinking I can, but. The hurdle of learning vlans and configuring the new Proxmox (which I’m pretty damn new to) is a daunting challenge.
I’m ready to try this though. I have a 4G wireless plus WiFi system to keep the other half happy while I tinker to get it all working.
Thoughts/Tips? Anyone?
All doable, you might need a managed or smart switch though
I have 4 bland at home plus untagged all through proxmox and a smart switch
- one for wan
- one for web facing servers
- one for iot
- one for guest wifi
- rest of lab is untagged
Notes about the switch. What is tagging? The purpose and where?
And in about 2 years you’ll switch to LXD/Incus. :P
I’m currently off work with a broken shoulder, have you just given me a project?
Ahahaha that’s up to you. All best for your shoulder!
Incus looks cool. Have you virtualised a firewall on it? Is it as flexible as proxmox in terms of hardware passthrough options?
I find zero mentions online of opnsense on incus. 🤔
Yes it does run, but BSD-based VMs running on Linux have their details as usual. This might be what you’re looking for: https://discuss.linuxcontainers.org/t/run-freebsd-13-1-opnsense-22-7-pfsense-2-7-0-and-newer-under-lxd-vm/15799
Since you want to run a firewall/router you can ignore LXD’s networking configuration and use your opnsense to assign addresses and whatnot to your other containers. You can created whatever bridges / vlan-based interface on your base system and them assign them to profiles/containers/VMs. For eg. create a
cbr0
network bridge usingsystemd-network
and then runlxc profile device add default eth0 nic nictype=bridged parent=cbr0 name=eth0
this will usecbr0
as the default bridge for all machines and LXD won’t provide any addressing or touch the network, it will just create aneth0
interface on those machines attached to the bridge. Then your opnsense can be on the same bridge and do DHCP, routing etc. Obviously you can passthrough entire PCI devices to VMs and containers if required as well.When you’re searching around for help, instead of “Incus” you can search for “LXD” as it tend to give you better results. Not sure if you’re aware but LXD was the original project run by Canonical, recently it was forked into Incus (and maintained by the same people who created LXD at Canonical) to keep the project open under the Linux Containers initiative.
It’s not too different from ESXi, things are just named differently in the webUI.
Proxmox is quite simple. As a former VCP, I find Proxmox more intuitive to use.
If you need specific help with Proxmox and/or ZFS, you might also look at posting on https://www.practicalzfs.com
And +1 for using OPNsense
From my understanding is that Proxmox is one of the more easy platforms to learn. I must say iI never used it personally.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters ESXi VMWare virtual machine hypervisor VPN Virtual Private Network ZFS Solaris/Linux filesystem focusing on data integrity
3 acronyms in this thread; the most compressed thread commented on today has 15 acronyms.
[Thread #508 for this sub, first seen 13th Feb 2024, 06:05] [FAQ] [Full list] [Contact] [Source code]
Nothing can beat bhyve for PFSence.
New Lemmy Post: virtualizing PFSense. What else works besides ESXi for virtual networking? (https://lemmy.world/post/11877676)
Tagging: #SelfHosted(Replying in the OP of this thread (NOT THIS BOT!) will appear as a comment in the lemmy discussion.)
I am a FOSS bot. Check my README: https://github.com/db0/lemmy-tagginator/blob/main/README.md
I ran it on Hyper-V for many years. Still running OPNsense that way. It manages 4 VLANS, RDNSBL, a metric ass ton of firewall rules, and several VPN clients and gateways, with just 2GB of ram and 4 virtual procs. It works and doesn’t even breathe hard.
We’ve been running KVM on CentOS/Rocky hosts for our VM platforms; seems to work fine for our needs.
I’m not sure how ESXi would differ as I’ve never used it, but may be an option if you want to roll your own vs proxmox.