Network setup - Since NIC and pfsense

[gretz]

Hello,

I have a proxmox host with 2 network interfaces and 2 ISP :

LAN/Management : currently connected to another LAN (ISP1)
WAN 10Gb : directly connected ISP2

I plan to have another NIC (usb) soon to act as LAN in pfsense for ISP2 that will be connected to my wifi router.

The thing is in the meantime I was wondering since I have enabled VF on the WAN card if I could simulate a LAN interface on pfsense with one of the VFs and have VMs in proxmox use other VFs that will be connected to this LAN behind pfsense ?

A diagram to explain a bit more my target :



Not sure if this is technically possible ?

 

[guywhotypeslow]

I know this doesn't exactly answer your question but it might be worth considering just using failover in pfsense. You can set it up to be active/active and use even all three WANs all at once with different priorities.

Assuming you can pass all the physical ports to pfsense then that is what I would do. Hand all your physical ports to pfsense, set up failover and have your proxmox host communicate via a virtual port on pfsense. For anything past proxmox you will have to use a port forwarding and or a reverse proxy. That is what I do on my virtualized pfsense firewall, except I don't have multiple ISPs to use failover with (yet).

 

[patch]

10Gb : directly connected ISP2

I plan to have another NIC (usb) soon

Not sure I would recommend a USB NIC.
If you can't add more NIC cards I would use an external managed switch with VLANs to pfsense

 

[gretz]

yeah I went for the simple approach with usb nic, speeds are fine aroune 900Mbs (usb passthrough) but latency is not great I get 1.5ms between 2 directly connected hosts ...