Opnsense on proxmox (w/ Plex) best practices. - eviltoast

Hello, I bought a chinese x86 router minipc thing with 6x i226 ports. I have proxmox installed with Opnsense running as a VM and a plex LXC.

It didn’t need a fan, but I had a fan, so it got a fan. https://imgur.com/a/RdjYyRZ

I’m currently passing through my WAN and LAN connections to OPNSense. IOMMU had all the NICs separated so it was a fairly simple task. Plex is just using the bridge from Proxmox.

So right now traffic from Plex out to the interwebs is going through the physical switch and back into OPnsense.

None of this is really relevant because my media is on unRaid and I’m constrained by single disk I/O unfortunately, but if I cared about that I wouldn’t have a banging 2.5gb minipc router hooked up to a 2.5gb switch for my 40Mbps upload internet connection. I do it because I can not because I need to.

There are a lot of guides out there, but the problem is a lot of it is out dated, the length of time all this different software has been around makes googling information a bit tricky.

I’m just wondering what the best possible setup is and ways I can optimize my configuration. WAN is going to stay on pass through of course, but should my OPNSense lan connection be using the proxmox bridge? Can I or should I plug multiple 2.5gb ports from the chinese box into my switch and combine them in proxmox (HA is kind of irrelevant if both connections go to the same switch, I’m more interested in providing more paths, more speed)? I’d like plex and opnsense to have the fastest communication possible so that would mean using both on the proxmox bridge with virtio. Should I enable multiqueue? What other settings don’t I know about that I should be setting?

If anyone knows of a guide that is fairly recent that goes into any of this I would appreciate it. I’m still googling on my own as well, I’m not just waiting on an answer to be handed to me, but I figured I’d drop this here in case someone had the same questions and already answered them.

Thanks for your time.

  • ducs4rs@alien.topB
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    1
    ·
    1 year ago

    I doubt your lan traffic would be heavy enough to worry about. I run proxmox on a lga 1151 system that runs Plex and about half a dozen vms including Opnsense. I have a i350 setup using PCI passthrough. I can’t say if it’s best practice, all I know on my lan I can utilize the full 1g and speedtest on my wan runs as high as 600Mb on my 1g FiOS connection. I say try it run some benchmarks and see.