Open vSwitch or Linux bridge: Combination of multiple physical ports, tagged vlan and VMs

[adrianf]

Hello Proxmox experts,

I want to redesign my home network coming from a "firewall on a stick" setup with a 2-port server and a managed switch.
I want to replace my server with a 6-port machine and remove the need for an additional switch.

My future setup should look like this.
And after reading much about standard linux bridges and the alternative OVS, can you tell my how the interfaces config should look like?

I would like to see exactly these 5 network interfaces in OPNsense (WAN, LAN, WIFI, IoT, MGMT). I assume the main challenge is definining an OVS bridge including multiple physical ports (e.g. 3+4), one of them with tagged VLAN and additional VMs.
For example the IoT subnet (in green) would include a VLAN on port 3, the complete port 4 and a VM.
The LAN subnet would include 2 physical ports (2+5) and multiple VMs.

Any help would be greatly appreciated!

 

[adrianf]

Using standard Linux bridges I would do it like this, correct?

auto lo
iface lo inet loopback

iface enp1s0 inet manual
iface enp2s0 inet manual
iface enp3s0 inet manual
iface enp4s0 inet manual
iface enp5s0 inet manual
iface enp6s0 inet manual

auto vmbr0
iface vmbr0 inet manual
        bridge-ports enp1s0
        bridge-stp off
        bridge-fd 0

auto vmbr1
iface vmbr1 inet static
        address  192.168.1.200
        netmask  24
        gateway  192.168.1.1
        bridge-ports enp6s0
        bridge-stp off
        bridge-fd 0

auto vmbr10
iface vmbr10 inet manual
        bridge-ports enp2s0 enp5s0
        bridge-stp off
        bridge-fd 0

auto vmbr20
iface vmbr20 inet manual
        bridge-ports enp3s0.20
        bridge-stp off
        bridge-fd 0

auto vmbr30
iface vmbr30 inet manual
        bridge-ports enp3s0.30 enp4s0
        bridge-stp off
        bridge-fd 0