Help for virtual network design

Computer Hardware & Server Infrastructure Builds
1

Ciao a tutti,

I am back with my very old project to build an homelab with proxmox (I know…) or xen and some network stuff I already have.
I am not a big expert so, I need an help.

Could you help me to improve the drawing below?

My pc/server has 6 nics:

  • 2x 2.5 gb onboard
  • 2x 1 gb on pcie
  • 2x 10 gb on pcie

The first vm will be pfSense to route 4 vlan I will use with other vm on this machine and other network devices (in grey on the switches).

For a better network separation and performance do you think I need a bridge for each vlan?
Or one “big” bridge vlan aware attached to all nics is enough?
Or should I remove the pfSense “ALL” interface and split the vlan 202 and 207 (create a bridge binded to a 10 gb nic for each vlan) and use only the virtual bridges to connect pfSense to the unifi switches?

My apologies in advance, because as probably you understand english is not my main lang

sinottico
sinottico1589×1164 295 KB

Ps. I don’t know if this is the right section, if not can I ask a favor to some moderator to move this 3d in the right place
Thanks

2

I am not as familiar with Proxmox but if you have things in VLANs where the routing between them is controlled by pfsense the setup should work fine.

3

Thank you!
Yesterday evening I rewatched your video “pfsense ↔ unifi 2023” a couple of times (actually I don’t remember the exact number but the digits were 2 :sweat_smile:) and everything works now.

When I’ll back from work, I will do some other test because - due to the lang barrier and few skills in networking :innocent: - to me it is not so clear the advanced part of your video, where you created a direct network for your son, with the vlan tag set only on unifi.

What I have to test is if this solution works even if across switches
Like this:

sinottico-Pagina-15.drawio
sinottico-Pagina-15.drawio993×1403 74.1 KB

If so I can avoid the creation of the vlans on pfsense side and use directly the virtual interfaces assigned by the hypervisor to the pfsense vm, right?

Also, I notice that there was a small error on the first diagram I posted, because the virtual switch must be above the nic, not below, this a new revision with some other modifications.

sinottico-Pagina-16.drawio
sinottico-Pagina-16.drawio1985×1403 200 KB

Looking forward to see your video about “pfsense unifi for office from scratch 2023 edition”, Because some things in unifi have been changed with the new UI.
Some are good, some are bad (like the new port management of the switches …I hate it) and some aren’t very clear - to me - (like the “allow / block traffic” always on the switch port management)

thanks again

ciao
Roberto