Comment on Setup guide Proxmox, Opnsense, HA, OpenWRT
giacomo@lemm.ee 1 year ago
Can you list the devices you have and what you want each one to be doing?
Comment on Setup guide Proxmox, Opnsense, HA, OpenWRT
giacomo@lemm.ee 1 year ago
Can you list the devices you have and what you want each one to be doing?
filister@lemmy.world 1 year ago
I have this fanless PC, and it has 4 ethernet ports, 2.5Gbps. I have equipped it with 2x2Tb of SSD and 32Gb of RAM.
I have an ISP router, but it would only serve to bridge the WAN interfaces.
I have Netgear with OpenWRT running on it.
I want to install proxmox on the fanless PC and spin up Opnsense and Home assistant on it. The plan is to run a couple of containers but I consider them out of scope for now.
I want to pass through the network interfaces to Opnsense directly as I have a Gbps Internet connection.
The plan is to create a couple of VLANs, e.g.
Here I am debating whether I need a fourth for the management interfaces of all services, but let’s say not for now.
The WiFi router would be connected to one of the ports of the firewall appliance and it would need to have access to all three VLANs in tagged mode. I want to configure them on the Netgear R7800 running OpenWRT or Voxel, need to decide what’s better suited for my needs as I believe this router would only act as a dumb AP and all the networking and firewalling will be handled by Opnsense. Here the plan is to create three different SSIDs (Home WiFi, connected to VLAN 100 on 5GHz, IoT SSID for the IoT devices connected to VLAN 200 and running at 2.4GHz and a Guest SSID.
My HomeAssistant VM should have access to both the VLAN 100 and 200. Eventually it should have management IP from VLAN 100 and also access to see all the IoT devices over VLAN 200.
I know that’s not the best setup and I have one huge point of failure, but since I am living in Europe in a country where electricity is one of the most expensive, I wanted to minimise my cost over time. I specifically bought a fanless firewall appliance that is using N100 CPU and through some BIOS tweaks I managed to reduce the idle power consumption to 9 Watts, as I don’t want my annual electricity bill to balloon by adding a couple of devices. Alternatively I also have a Raspberry Pi but I would prefer not to use it, to save on electricity costs.
My goal is to try this setup for a couple of days and in the worst case I can always revert to the old setup.
NeoNachtwaechter@lemmy.world 1 year ago
Your MQTT broker for IoT lives in your IoT VLAN, obviously.
Assuming your Home Assistant webfrontend lives in your “home” VLAN (otherwise you can’t get all the fancy controls). Then how are these two talking to each other?
filister@lemmy.world 1 year ago
That’s the question? If the device has access to both VLANs I presume I would be able to configure the Management interface to be on VLAN 100 while everything else is on VLAN 200 Is it that hard to configure?