Hello,
Apologies if this has been covered in other topics.
I am building a home server with a HP Z420 workstation. It will contain 8 x 8tb 12Gb SAS drives in RAIDZ running of a HBA 12Gb LSI Card in IT Mode. I will be putting in 2 x enterprise intel SSDs for VM Storage and running Proxmox as my hypervisor.
I am also adding a intel x540-t2 dual port 10GB NIC. Truenas core will be installed on a VM in proxmox.
I have pfSense and Unifi on my network with a couple of VLANS but I really want to separate the storage onto separate VLANs and dial in the networking security a bit better. What would be the best way to do this? I am just getting into networking and Toms videos have been excellent.
I am thinking of getting a 10Gb unifi switch, with 2 x 10Gb SFP ports and then the rest having 2.5Gb and 1Gb. Having a POE Wifi 7 access point and possibly adding in cameras in the future.
Do I run an ethernet cable from one of the ports on the 10Gb NIC to an SFP to Ethernet connector on the 10GB switch and then use the second ethernet port and run to pfSense?
Thanks,
Luke
Just a couple of things
Installing Truenas on Proxmox is not the recommended setup - you may have hard drive issues later down the line as truenas needs to managed the hard drives directly.
If you can using Proxmo passthru pass the drives to Truenas, to truenas manages the drives. If you can not pass the harddrive thru, as above you may experience data issues.
What is the risk factor you can manage ?
I know this is a home server, if you can have truenas on a standalone server
Would install truenas scale instead of core
I will be passing through the HBA and drives to TrueNas for storage. Proxmox os and vms on 2 x intel enterprise ssds in raid mirror.
No need for two physical connections to the switch for VLAN purposes. In Proxmox you can create multiple virtual NICs on one physical link. I might however consider two physical links in an LACP link aggregation setup.
I was mobile yesterday when I read this, so maybe didn’t give a detailed enough answer. There are lots of ways to skin a cat, so this answer is one way, maybe not the best way, but the way I do it. I have my internet connections (cable modem and a T-mobile 5G modem ) connected on the WAN side of my pfSense device. On the LAN side of pfSense, I have a connection to a managed switch. pfSense is used to define all of my VLANs. I don’t do any of that in Proxmox, although some people do. My Proxmox nodes, my Synology NAS, my wireless access point, etc. all connect to the managed switch, in a sort of hub and spoke pattern. You really should get a managed (vs unmanaged or dumb) switch if you want to use VLANs. It will make your life so much easier. Using a managed switch, you can configure ports on the swtich to either be access ports (basically dedicated to one VLAN) or trunk ports (carrying all VLANs at once). You may also see these referred to as tagged and untagged. I use trunk ports to connect all my VLAN aware devices: pfSense, Proxmox nodes, and my WAP, which can assign unique VLANs to each SSID. I use access ports for things like my Synology NAS, Ring alarm base station, my PC, etc.
Inside of Proxmox, I make vmbr0 VLAN aware, and then in the network configuration for each VM or CT, you can designate which VLAN that VM or CT should be on. Note, there’s no drop down list to select from. You have to know/remember your VLAN numbering system. I have written a number of posts how to do this in Proxmox over at their support forum. I use the same screen name there. Fort me the easiest way to do it is to directly edit the /etc/network/interfaces file. But you could do it through the GUI too I suppose. I have never tried it myself.