I picked up a minisforum ms01 with the 12600H. Looking to use it as router and retire my ubiquiti USG and pleb switch for primary routing. I am most comfortable with Debian based systems. In fact it’s the only one I really know.
Look to use lightweight vms and docker containers. Hoping to pin the E-cores to these if it’s a OS that doesn’t manage E~cores well.
Will attach das at a future date for backups hosting media
I’m not a “power” user but I’m so tired of 1 gig.
Comfortable with virtualization and pass thru.
Is there is mildly noob friendly os I can achieve this?
Are there inherit security risks with running pfsense as a VM? If I recall from the forbidden router series that’s an “off label” use IIRC, I could very much be wrong.
Either way, open to comments on hardening security with vms. I typically just deploy as is.
The reason is because your entire internet goes down with the hypervisor/server. That’s why it is “forbidden” or off-label. Bare-metal router is by far best practice. But it’s damn cheap and convenient to virtualize it.
So just keep your phone internet ready. Because if there is something with Proxmox not booting or whatever, there won’t be any internet connection either.
And the MS-01 with all the ports just screams to run a router on it
Proxmox. Uses LXC for container , but you can make a VM for docker if you really want docker or any other container format. Making VMs is what a hypervisor is about after all.
And it’s probably also a platform for learning new stuff for you, so don’t hesitate to try new and wild stuff. You will eventually learn and see what is the best for you. And routers with great CPUs are freaking expensive on their own. I ran pfSense on my server for years, was great. Now things are changing with different servers and design, may get an MS-01 myself at some point for just that. Good all-in-one package.
And whether you get pfSense, OPNsense or openWRT or whatever…with Proxmox it’s just a VM away and even just 1GB of RAM is overkill.
At work we run VM PfSenses at some locations, for smaller environments or remote sites it can make failover faster and cheaper, no licensing two bare metal FW(though this does not matter at home) and not having to mess with more complicated setups and CARP(All First Hop Redundancy Protocols Suck)to do failover it can be nice. So i wouldn’t really worry too much about running it at home and if it ever really dies you can always directly hook in your computer to the WAN.
PfSense people when providing support have never had any issue with us running on top of ESXI. We do keep intervlan traffic on real hardware.
As far as options for VM, my plan for my home servers is to run Fedora Server and cockpit to manage the VMs using the Web UI or via the cockpit app and SSH.
I don’t have any home servers running at the moment after i moved but eventually running this on an old Dell box is my plan for home. Proxmox is also fine too I used to host Minecraft servers using it.
Whether straight Xen is mildly newb friendly depends on the newb!
Sorting out your VM image storage is left as an exercise to the user, be it a LVM logical volume or a partition or a file or whatever else you imagine.
Creating the guest images can be done via xen-create-image, though I’ve been running the Debian installer in HVM mode.
Simple networking is arranged in the familiar /etc/network/interfaces.
I find it easier than the popular do everything for you type solutions in that it’s relatively simple and getting it off the ground served as a learning experience in each piece. That pays back when I’m trying to troubleshoot and understand the security risks involved.
There’s quite a spectrum in virtualization which I’ve found this diagram helpful in describing (I’m sure I’ve linked this before!):
The qemuless PVH mode has been my personal optimal.
The usb4 is labeled as “alt DP”. How would one set that up. The usb /dp set up is foreign to me. If there’s a way to get 4k144 on a monitor/tv that’d be sweet
This looks to be one hell of a learning curve for proxmox , can I do this with vanilla Linux?
Whether using Ubuntu or proxmox, conceptually trying to understand the network side of things.
Would I be setting the hypervisor to have a connection straight to the modem and bridge connection to pfsense with all the other network devices passed through?
I’m not sure how that works if pfsense will be your 192.168.1.1 gateway with an os behind it and even such…if I want to pass through a nic for it to have its own dedicated ip, am I then connecting the machine to itself?
I typically use a passthrough network card for the modem connection and everything else via Linux Bridge over a second network card.
Since Proxmox supports SDN, I like networking with Proxmox better than with VMware.
Proxmox is essentially Debian with a GUI and a customized kernel; you can use it just like you would use Debian Linux.
If you want, you can also install KDE, Gnome, or whatever, but I wouldn’t do that.
it’s strange, I’ve never been able to have a VM assigned its own IP directly to the network as opposed to via something like 17.0.1.2. How is proxmox able to achieve this and can it be done in vanilla linux
I have never used host connection or NAT for a VM. I always use bridges or Open vSwitch.
Everything that works with Ubuntu Server also works with Proxmox or vice versa.
Here’s an example with Netplan, your network card is “eno2”
I played around with cockpit a bit as well when looking for server UI-s and was really impressed by it. It also has plugins (for example podman) that make it really convenient to use.
More of a general server management ui as you said but still could be a great fit for a lot of things
