ESXI - pfsense and FreeNAS
-
It is less trouble setting up direct path than it is a new vswitch, but hey, just go with what works for you
-
that is your opinion. Go with what works for you - but if you ask my opinion having vswitches tied to your specific nics with them labeled is much easier to manage then worried about what what specific nic is passed through to a specific vm.
Also very difficult to passthru a multiport nic and use one port as passthru and another port tied to a vswitch for use with other vms or lan side of your router vm.
When phyical tied to a vswitch I can bring up different copies of pfsense or other router distros tied to the vswitch and switch between them pretty much just turning off one vm and turning on different vm. Very easy to leverage port 1 for vswitch X and port 2 for vswitch Y, etc. etc. Especially if I use the same mac on my router vm wan vnics.. My public IP doesn't even change that way.. I can bring up different version of pfsense or untangle or ipcop or any of the other router/firewall distros in a matter of couple of minutes. Shutdown vm 1, turn on vm 2 and now my network is using different firewall/router distro for testing, etc.
When tied to a vswitch I can connect any vm I want to the "wan" for say sniffing the traffic seen on the wan.. So I can use stuff like ntop or ids to monitor that traffic without having to run it on my pfsense vm.
To me your making it more complicated and reduced functionality for some perceived added security.
physical passthru also makes it difficult to use any sort of vmotion. Which I am currently not using in my home setup, but clearly passthru reduces the feature set of a Visualization setup.
-
physical passthru also makes it difficult to use any sort of vmotion.
I was just going to mention this part. No real benefit for passthrough but a major drawback.
-
Ok I stand corrected - and appreciate the dialogue!