Physical or Virtual? A Silent 4x 2.5GbE Proxmox VE pfSense and OPNsense Box

preview_player
Показать описание
We review another 4x 2.5GbE firewall solution to see if this Topton unit is any better than the Hnsun unit we reviewed previously. We also ask that important question: physical or virtual firewall. This time we show how to setup the system with either pfSense or OPNsense running firewall and VPN services (as well as HAproxy.) We also discuss how by using virtualizing and Intel i225 pass-through on this Intel J4125 firewall, one can run more services like Guacamole to access Project TinyMiniMicro nodes. We are going to put this in our new STH Mini PC series.

----------------------------------------------------------------------
Where to Find STH
----------------------------------------------------------------------

----------------------------------------------------------------------
Where to Find The Unit We Purchased
----------------------------------------------------------------------

----------------------------------------------------------------------
Timestamps
----------------------------------------------------------------------
00:00 Introduction
01:21 External Hardware Overview
04:21 Configuration and Pricing
05:09 Internal Hardware Overview
08:33 Power Consumption
09:11 Virtualized or Physical pfSense and OPNsense on Proxmox VE
18:56 Looking Toward the Next-Generation
19:48 Key Lessons Learned
20:57 Wrap-up

----------------------------------------------------------------------
Other STH Content Mentioned in this Video
----------------------------------------------------------------------
  1. ServeTheHome
  2. pfsense
  3. opnsense
  4. 2.5gbe
  5. 2.5g
  6. intel i225
Рекомендации по теме
Physical or Virtual? 0:22:07

Physical or Virtual? A Silent 4x 2.5GbE Proxmox VE pfSense and OPNsense Box

Building a Low 0:13:20

Building a Low Power, All-in-One, Silent Server

Best Mini PC 0:15:09

Best Mini PC For a HomeLab: Silent and Powerful VMware Server

How to Build 0:11:42

How to Build a Budget Home Server and WHY You Should!

⚡️instant, virtual pain 0:01:50

⚡️instant, virtual pain relief pills subliminal - silent version

Preparing my silent 0:07:11

Preparing my silent server to host a virtual router and introduction - Network hardening (part 1)

Springlets: Expressive, Flexible 0:00:31

Springlets: Expressive, Flexible and Silent On-Skin Tactile Interfaces

i bought a 0:17:21

i bought a new SERVER!! (VMware ESXi Setup and Install)

The 5 Signs 0:05:13

The 5 Signs Your Relationship Is Over | Mel Robbins

Why iPhones Have 0:02:25

Why iPhones Have A Silent Switch

Segmented, Paged and 0:07:48

Segmented, Paged and Virtual Memory

An Unexpected Lesson 0:01:27

An Unexpected Lesson in Respect

Silent Weight Loss 0:15:09

Silent Weight Loss Exercises To Do In Your Room

Learn to 'Play 0:05:02

Learn to 'Play Calm' & Take Your Game to the NEXT LEVEL 🔬

Anderson Cooper tries 0:05:04

Anderson Cooper tries a schizophrenia simulator

The Power of 0:12:56

The Power of Nonverbal Communication | Joe Navarro | TEDxManchester

CERN Scientists Break 0:21:36

CERN Scientists Break Silence On Chilling New Discovery That Changes Everything

HOTWORX silent trainer 0:00:19

HOTWORX silent trainer | Downtown Tulsa Gyms

Are Virtual Particles 0:17:14

Are Virtual Particles A New Layer of Reality?

Are Hard Drives 0:07:01

Are Hard Drives Still Worth It?

move in silence… 0:00:16

move in silence…

Springlets: Expressive, Flexible 0:02:40

Springlets: Expressive, Flexible and Silent On-Skin Tactile Interfaces

She Dances To 0:02:21

She Dances To Silence Every Day. [Virtual Reality Dance]

10 Best Movies 0:03:02

10 Best Movies to Binge on DISNEY+

Комментарии
Автор

Just want to say that even a year later this video really help me wrap my head around physical port mappings for virtualized FW/virtualization hosts. Something even nearly all the "tutorial" videos simply gloss over. I really appreciate this!

slipnfall
Автор

Nice piece of content! I had virtual servers for networking and always want to consolidate & upgrade them. This shed light on how the set up will go.

cyruschan
Автор

Wonderful to see a video on this, got a J4125 4x i225 to pick up next week and N6005 4x i225 is a few weeks away "reviews seems to be dropping in on the mobile site", both from Topton. Feel somewhat secure in the purchase now.

Robbaz
Автор

You lay in bed vexing over virtualizing your router or not too???? And here I thought it was just me! 😉

Viking
Автор

I bought that one after the first video, installed pfSense on it, but I feel it's under utilised. I've been thinking of installing Proxmox on it, so this video is very pertinent

BobHannent
Автор

WAN port selection really needs to take failure modes into account. If there is some kind of "factory" reset, or if file system corruption deletes your port config file, you don't want your WAN cable going to the port that will ask for a DHCP address and allow logins.

beauregardslim
Автор

I run OPNsense virtualized under Proxmox, and personally I like it. I went the "one big server that serves all the things" route. Of course, if I need to do maintenance on the machine, all of it goes down during that. It's a reliable machine, though, and while I'm doing maintenance I don't need to be online. I appreciate being able to manage OPNsense as just another VM.

These are interesting little boxes! Within these limitations, many people's needs for a server appliance could be met.

vonkruel
Автор

I set up the firewall protecting my Proxmox VM cluster as a VM running on that cluster. I was having second thoughts about that decision because it seemed like I'd run into an issue where I wouldn't be able to manage the cluster remotely if something happened to it because the firewall was one of the VMs on that cluster. However, that decision was reaffirmed a few weeks back when something happened to the host the firewall was living on. I couldn't get into my cluster remotely, and I was like "oh no ... this eventual nightmare has finally come true". But then, about 5 minutes later the firewall came back up because Proxmox migrated it to another host for me. I was pretty impressed and I was happy with my decision to have made it a VM after that.

arcadiosincero
Автор

just found your channel, you have the exact approach to computer hardware I've been looking for. so, thanks!

yourfriendwill
Автор

I won't go back from virtual... snapshots, simple remote console access, adjusting the hardware on the fly, so many benefits for me!

justinnamilee
Автор

Bought a machine that looks physically similar to this a couple of years back with a Celeron J1900. It's a great little firewall for home which was very cheap uses hardly any power - but like you, I find the RAM and SSD a bit of a worry (they're branded "Kston"). My decision to put the LAN on interface 0 and the WAN on interface 3 will from now on keep me awake at night.

KSJAFN
Автор

it always depends.... as long as your virtualization is performant enough, there is no problem with running virtual. but you need to consider, your infrastructure should be solid enough to avoid problems (like multiple hypervisors, vMotion enabled or better yet - a virtual HA with both vFirewalls on different Hypervisors)

DmnkRocks
Автор

I bought one of the 1Gbps variants off of Alibaba, and the SSD died about a year in, so definitely a valid concern to call out.

tokyotexture
Автор

Very impressive video review, actually this model is our first generation which is stable but big.We have developped this router to the third generation, pocket size with 3*2.5Bge+ dual 10.0Gbe port

gowinfanless
Автор

To be or not to be [virtual], that is the question. While an older video now, regardless I find myself here.
Excellent video👍, awesome channel, thank you. 17:10 -- STH _unblocked_ on my pihole.

Testing on N100 C[heap]PU, by which I mean fooling/playing around.
Kindest regards, neighbours and friends.

chromerims
Автор

FYI- the reason pfsense/opnsense appear to consume all the ram you get it is because BSD doesn't have the qemu-guest-agent driver that reports memory usage back to the hypervisor like most Linux instances do. Proxmox just sees that the OS has reserved all that memory even though it may just be being used for caches or unused inside the instance. Trust what the pfsense ui tells you, not proxmox. It'll run fine on 2-4gb for most use cases

ryanblue
Автор

Been virtualizing my firewall (OPNsense) on my "main" homelab server for about a year now. I'm pretty happy with it, and the box overall has enough horsepower that I can pretty much dedicate as many resources as I want to the firewall should performance be an issue. My worry is that if anything happens to that server--it is basically a pile of used enterprise parts I got off ebay--all my internet connectivity goes away.

MatthewHill
Автор

Awesome videos, buddy i love all of them. Just to say, snapshots are not backups every snapshot will decrease performance, so we use them before changes/upgrades...etc after we know everything works and you can keep them for day / week then we delete them.

eazysnatch
Автор

Just bond all the NICs and use VLAN tags for LAN, WAN, etc. When you're virtualizing your firewall anyway, this just works.

TerraMagnus
Автор

My N6005 unit was also taking like a month to be shipped. So I contacted them and they said they couldn't get n6005 atm because of Shanghai lock down. They said they have n5105 in stock. So I changed my order and it shipped same day.

PeterZin