VMWare/VirtualBox as a router on a multiple use machine
I'm currently thinking of setting up a Linux box (still deciding between Ubuntu and Fedora). I plan to install either VMWare Server 2 or VirtualBox on the base OS. The base OS will be used as a HDPC as well installed with XMBC.
I will then create a number of virtual machines. One machine shall be installed with pfSense. I'm not too familiar with networking in Linux but can I uninstall all associated services for the network card and have everything go through the pfSense VM adapter instead?
I plan to have 2 NICs and 1 wireless adapter. There will be 4 virtual network that maps to each of the NIC. 1st NIC will go to the WAN link, 2nd NIC shall be a normal LAN link, The wireless adapter (OPT1) shall form the wireless network. The LAN link shall go to a 10/100/1000 switch.
My other VMs shall host a file server, a SSH/FTP server and maybe a LDAP/PKI server for testing. They shall be connected to the LAN virtual network only.
My other physical machines will be connected to the switch which is in turn connected to the LAN virtual network.
I am planning to use an Intel i3 with an iTX motherboard for this. With the above implementation, is there any case for security concerns? I was thinking of buying an Atom to just use as the pfsense router but since I plan to buy a HTPC cum file server, it will be great if I can combine them and reduce power consumption (I like to go green). Secondly, will the CPU be sufficient for my needs? I am not planning heavy duty encoding with my HTPC. More of recording shows, playing Bluray discs and H264 1080p/720p files, music. I will go with 4GB (8GB if required) RAM and a RAID 1/0 disc setup. I hope to keep power consumption below 50w idle.
- as fast a disk as you can afford (consider linux software RAID1 [md device, NOT dm device] if you are sure you don't want to run VMWare ESXi), and
- as much RAM as you can reasonably afford to put on the board (I'd say 8Gb would be a starting point, not a maximum, based on my experience).
CPU usage is not likely to be an issue.
If you try to use "fakeraid" RAID-1 (e.g. Intel Matrix Raid, Marvell/SiliconImage/Highpoint PATA/SATA RAID) you will be unsatisfied with performance.
I'm running multiple VMs (including pfSense) on a dual-cpu quad-core 2.6GHz Xeon, 24Gb RAM, hardware PERC/6i RAID controller running a pair of 146Gb 15kRPM SAS disks. My biggest bottleneck is disk performance. I haven't yet filled all 24Gb of RAM. I'm not even close to hitting the wall on CPU.
With today's systems it's basically impossible to buy a "fast enough" disk subsystem. (Well, excluding the more-money-than-god people who buy the old-fashioned solid-state disks that use SRAM or DRAM, not Flash… They're probably fairly happy with their disk performance :-)
It sounds like you want to use the host OS as a workstation; that's OK, although you'll probably want to spend less money on the motherboard, RAM, and chip and get an SSD to use as your root filesystem; offload the VMs onto a secondary (mechanical) disk.
On the other hand, if you're OK with the VMs eating into performance of the host OS, then your setup should be fine.
Note that "playing Bluray disks and H264 1080p/720p files" is still considered pretty heavy-duty use. Just playing back a 1080p file will probably use ten times as much CPU time as all your VMs combined. Take a close look at the I/O bandwidth rates you need to support for HTPC usage; Bluray playback involves an astonishing amount of data being transferred from disk (whether HDD or Optical)... another reason to look more carefully at your I/O setup.
One last point is that I believe (haven't done it myself, so not 100% positive) if you put a supported WLAN card into a pfSense box, it can act as an Access Point for you... but not if it's virtualized. The exception to the exception is if you can do I/O (PCI) Virtualization, which I'm fairly sure neither VMWare Server nor VirtualBox can do right now.
Um... I guess I should offer some options for the I/O problem that are compatible with an HTPC setup: have a look at Iomega's NAS line: "StorCenter ix", available in everything from single-drive 500Gb units to 12-drive monsters. QNAP also makes some good, reasonably cheap iSCSI products. Using iSCSI lets you attach the storage at whatever level you like; you said you're using GigE, iSCSI performance will be not great but if it relieves pressure on the internal SATA controller, it might be worthwhile.