Hi all,
I'm working on my first setup at Hetzner and I can't find any examples of what I am attempting to do. I'm hoping for some insight, an interfaces config or step by step if it's available would both be very helpful! While there's plenty of instructions with regard to hosting OpnSense as a VM on the Proxmox instance, I can't find anything with a reference to my use-case, which uses one bare metal box for Proxmox and another for the Firewall. I'd like to be able to reboot Proxmox and keep the network up, and I've had much better luck with BSD network performance on bare metal, so that's what I've been trying to accommodate for.
Presently I have 2 physical hosts. Both are in the same DC, yet they have no dedicated switching between them. I'd like all public traffic to and from the Proxmox host and guests to route through the OpnSense box for anything leaving the LAN. Nothing should hit the internet directly from the Proxmox box. I presently have the OpnSense box using the public physical interface directly for access to the internet, and I've configured a VLAN interface on the same NIC for the LAN using the private address space. My hope is to be able to easily add more physical boxes behind the firewall in the future, yet I'm starting off with just one.
As I understand it, this is possible with a vswitch...? I've set up said vswitch and intend to use a VLAN to route all traffic on a 172.16.30.0/24 between the physical OpnSense and Proxmox boxes.
Being that this is my first Hetzner rodeo, I am not quite sure how I should be setting this up. I'm not sure if the vswitch will do what I want, however I'm hopeful that I'm on the right path.
Thanks so much for any assistance!
All the best,
Keith
I'm working on my first setup at Hetzner and I can't find any examples of what I am attempting to do. I'm hoping for some insight, an interfaces config or step by step if it's available would both be very helpful! While there's plenty of instructions with regard to hosting OpnSense as a VM on the Proxmox instance, I can't find anything with a reference to my use-case, which uses one bare metal box for Proxmox and another for the Firewall. I'd like to be able to reboot Proxmox and keep the network up, and I've had much better luck with BSD network performance on bare metal, so that's what I've been trying to accommodate for.
Presently I have 2 physical hosts. Both are in the same DC, yet they have no dedicated switching between them. I'd like all public traffic to and from the Proxmox host and guests to route through the OpnSense box for anything leaving the LAN. Nothing should hit the internet directly from the Proxmox box. I presently have the OpnSense box using the public physical interface directly for access to the internet, and I've configured a VLAN interface on the same NIC for the LAN using the private address space. My hope is to be able to easily add more physical boxes behind the firewall in the future, yet I'm starting off with just one.
As I understand it, this is possible with a vswitch...? I've set up said vswitch and intend to use a VLAN to route all traffic on a 172.16.30.0/24 between the physical OpnSense and Proxmox boxes.
Being that this is my first Hetzner rodeo, I am not quite sure how I should be setting this up. I'm not sure if the vswitch will do what I want, however I'm hopeful that I'm on the right path.
Thanks so much for any assistance!
All the best,
Keith