Hi.
Currently, I am running OPNsense in a virtual machine on top of Proxmox. The NIC for the WAN interface is used exclusively and I configured PCI-passthrough. The NIC for the inward facing interfaces (multiple vLANs) are attached to a Proxmox Bridge device.
This setup worked well for the past 8 months, but the HW is not capable to handle further VMs/Containers. I have now purchase new hardware for Proxmox, and I will start moving all the services, except OPNsense, out.
At the end, I will only have OPNsense running in its VM, and nothing else.
Now, I am at this point to make a decision whether this will stay as is or Proxmox would be wiped and OPNsense run exclusively on the bare-metal HW.
I am wondering:
- Will the virtualization cause extra trouble that I can avoid with OPNsense directly running on the hardware?
- OTOH, it might be nice to for testing as is: spin up a cloned OPNsense, test the upgrade procedure etc, with a fallback only one reboot away?
Which further arguments should be considered?
Thanks and kind regards,
Marcus
I run OPNsense on ESXi because:
- I can snapshot the VM before upgrades
- it is easy to migrate to different hosts
- the virtualised hardware is compatible
- the hypervisor gives performance metrics
As always; YMMV & GLHF ;)
Bart...
I gues, this is what I meant, Bart.
Thanks for confirmation.
I would have a lot of work to set things up again on HW when the interface had different names.
Just keeping things as they are seems to make more sense, plus I do have the extra benefit of the test environment etc.
Hi
I'd agree with Bart and I also use ESXi and I've been using that for years without problems. Any reason you use Proxmox rather than the free edition of ESXi?