proxmox noob, questions about config for existing opnsense setup

O

ozne

New Member
Jun 18, 2023
4
0
1
I would like to reconfigure my existing bare metal opnsense as a VM on Proxmox, but I have ZERO experience with VMs.
My hardware is a PC with two hard disks and 5 ethernet ports (1 original port, plus a 4 NIC card I added).

My plan is to have two separate installs of the Proxmox and the VMs (opnsense) and containers (omada software), one on each of the hard disks on the same PC as a backup/failsafe. I assume I should be able to just import my opnsense configuration to the VM as is from a backup file.

So my questions are:
1) If the opnsense is configured with ZFS, does that mean Proxmox needs the same hard disk configuration, or is it still recommended to have it with EXT4?
2) Since Proxmox has to be installed before opnsense, and opnsense will be imported from an existing backup file, what should the Proxmox network settings be? Seems like a chicken and egg problem... Proxmox needs an IP and gateway IP, but opnsense will be the DHCP server and isn't installed yet.
3) How do I configure the ethernet ports in Proxmox so that they are consistent with the existing opnsense that will be imported.

I appreciate any help with this. Thank you.
 
I've been researching but not having much luck. My planned setup seems so common, but I can't figure out the initial configuration.

Can someone explain how I would set up the Proxmox subnet/static IP/gateway initially if my ISP modem is in bridge mode and there is no router running a DHCP server? If Proxmox relies on the OPNsense router DHCP server, then wouldn't I be unable to access Proxmox if OPNsense went down for some reason?

Any help is appreciated. Thank you!
 
1. It doesn't matter what file system your proxmox is using, just choose what you think you prefer, the VM will have their own file system. Just think of a VM as a computer.
2. There is no chicken and egg problem. Proxmox has its own Static IP address, it can be the same subnet as your opnsense network, it can also not be on it, really depends on how simple u want it to be accessed by you.
3. Depending on your host system, if you have enough LAN ports, you can passthru ports to the VM, which locks it for just that VM. If you choose to bridge it instead, you can share 1 single LAN port to multiple VM.

Here is a simple example:
Promox 192.168.1.254
OPNsense (VM) (2 different LAN ports) - LAN 192.168.1.1 WAN <WANADDRESS>

You can do this with 2 LAN ports on your host system, or you can have 3.
You can bridge VM LAN port to your host LAN, since it is physically connected to your network.

How do you do this?
In proxmox, under the host system tab, then System->Network you have physical Network Devices
You should have a bridge assigned for your Proxmox host port. (example: enp3s0)
You create another bridge for your WAN
Bridge Port = Physical Network Device name (example: enp2s0)

So now you have 2 bridge which are physically assigned (wan=vmbr1) (lan/host=vmbr0)

Create a VM and assign these 2 ports
In opnsense, just assign the vmbr1 to wan and vmbr0 to lan

Yes, since proxmox is assigned a static IP address, if opnsense goes down, it still retains its IP address, you just need to assign the system you are using to access it with a static IP on the same subnet as your proxmox, and you can access your proxmox. You just need to be physically at the same location and not a remote location.
 
Thank you for that explanation. That helps me conceptualize it a bit better.

Since the port bridge is labeled vmbr0, vmbr1, etc, would the OPNsense VM then "see" the ports as vmbr#, or would it still utilize the physical name of the ports? It would be convenient to just import my current OPNsense configuration to the VM from a backup file with WAN, LAN, and LAGG port configuration as is.
 
Sorry, I can't remember, but you can always use Auto-Detect in opnsense, since you have WAN that will assign you a DHCP and your LAN side won't.
You can maintain the same port assignment in opnsense, but you will have to hunt down which port is which.

Since you are using LAGG, you have more than 2 ports, you might want to look at PCIe Passthru as well.
Proxmox PCI(e) Passthrough

If it is not for commercial deployment but personal usage, I would recommend try using bridge mode, then try again with PCIe Passthrough, no harm trying and learning.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom