Move OPNsense to different hardware?

[mzurhorst]

Hi.

Currently, I am running OPNsense in a virtual machine on top of Proxmox.  The NIC for the WAN interface is used exclusively and I configured PCI-passthrough.  The NIC for the inward facing interfaces (multiple vLANs) are attached to a Proxmox Bridge device.

This setup worked well for the past 8 months, but the HW is not capable to handle further VMs/Containers. I have now purchase new hardware for Proxmox, and I will start moving all the services, except OPNsense, out.

At the end, I will only have OPNsense running in its VM, and nothing else.
Now, I am at this point to make a decision whether this will stay as is or Proxmox would be wiped and OPNsense run exclusively on the bare-metal HW.

I am wondering:

• Will the virtualization cause extra trouble that I can avoid with OPNsense directly running on the hardware?
• OTOH, it might be nice to for testing as is:  spin up a cloned OPNsense, test the upgrade procedure etc, with a fallback only one reboot away?

Which further arguments should be considered?

Thanks and kind regards,
  Marcus

[bartjsmit]

I run OPNsense on ESXi because:

- I can snapshot the VM before upgrades
- it is easy to migrate to different hosts
- the virtualised hardware is compatible
- the hypervisor gives performance metrics

As always; YMMV & GLHF  ;)

Bart...

[mzurhorst]

I gues, this is what I meant, Bart.
Thanks for confirmation.

I would have a lot of work to set things up again on HW when the interface had different names.
Just keeping things as they are seems to make more sense, plus I do have the extra benefit of the test environment etc.

[phoenix]

Hi

I'd agree with Bart and I also use ESXi and I've been using that for years without problems. Any reason you use Proxmox rather than the free edition of ESXi?