Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense 2.3.4 on top of KVM hypervisor network setup

    Scheduled Pinned Locked Moved
    Virtualization
    1
    1
    1.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      aquilares
      last edited by

      Hello,

      I have some experience with pfsense on baremetal, but I want to run it in a KVM VM.
      I have a machine with 2 NIC's, which I intend to assign to WAN and LAN. However, both NIC's do not support VT-d, so PCI-passthrough is a big no-go.

      Therefore, I had the setup in mind of using a macvtap in private mode for the WAN-interface and a standard bridge for the LAN-interface.

      I was just wondering: what do I do with that WAN-interface? Let's say it's called eth0 and there's a macvtap in private mode linked to it, which gets the pfsense WAN interface assigned.

      How do you configure the eth0-interface itself in the linux host? Do you set it to manual mode, thereby not assigning it an IP?
      Do you give it an IP, static or DHCP?
      Do you protect it also with IPTABLE rules?

      I'm just wondering, how do you implement this type of setup securely that protects both the host and the virtual pfsense guest from the WAN-side?

      Any advice you can give is appreciated!

      1 Reply Last reply Reply Quote 0
      • First post
        Last post