I'll get my homelab setup later this week and I'll use proxmox for managing VMs and stuff.
One of the most important things I have to handle for my business is networking for my clients. To be more precise, unique gateways to access the internet.
I have been learning networking a lot lately, and OPNSense seems to be the solution for me, but I'm not certain, so I decided to ask here for confirmation and possible tips for (physical) server components, and/or routers if I cannot achieve the goal on software level alone.
The problem:
- I host apps for many clients which require a unique gateway to access the internet, for example, NodeJS apps sending requests over the internet, and communicating 3rd party apps
The goal:
- Each client has a unique gateway to access the internet, so other clients cannot block others in strictly rate-limited services. A few local services that many of my clients use are quite strictly rate-limited, so each client must be treated as a unique user, as they are.
The solution I have been thinking of:
- Create a VM on proxmox for OPNSense which handles all the routing for me
- Create a VM for docker, and a docker container for each client & assign a unique network interface for each container. I'll most likely use WireGuard to set up communication channels between Docker VM & OPNSense VM, so each docker container (there will be many) can access the OPNSense
- Then, on the OPNSense I'll route each container IP to its unique gateway which only that specific container will use.
Does that make each of my clients a unique user when using the 3rd party services and whatever they might use the internet for?
What if I have hundreds of clients, can I create hundreds of gateways just like that?
Can I achieve this on software level, or is there something on hardware level I need to take into an account, except a strong internet connection/home router? (which I already have)
One of the most important things I have to handle for my business is networking for my clients. To be more precise, unique gateways to access the internet.
I have been learning networking a lot lately, and OPNSense seems to be the solution for me, but I'm not certain, so I decided to ask here for confirmation and possible tips for (physical) server components, and/or routers if I cannot achieve the goal on software level alone.
The problem:
- I host apps for many clients which require a unique gateway to access the internet, for example, NodeJS apps sending requests over the internet, and communicating 3rd party apps
The goal:
- Each client has a unique gateway to access the internet, so other clients cannot block others in strictly rate-limited services. A few local services that many of my clients use are quite strictly rate-limited, so each client must be treated as a unique user, as they are.
The solution I have been thinking of:
- Create a VM on proxmox for OPNSense which handles all the routing for me
- Create a VM for docker, and a docker container for each client & assign a unique network interface for each container. I'll most likely use WireGuard to set up communication channels between Docker VM & OPNSense VM, so each docker container (there will be many) can access the OPNSense
- Then, on the OPNSense I'll route each container IP to its unique gateway which only that specific container will use.
Does that make each of my clients a unique user when using the 3rd party services and whatever they might use the internet for?
What if I have hundreds of clients, can I create hundreds of gateways just like that?
Can I achieve this on software level, or is there something on hardware level I need to take into an account, except a strong internet connection/home router? (which I already have)
