Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[SOLVED] pfsense VM - how many nics needed and network 'location'

Featured Replies

I'm considering creating a pfSense VM to allow me to better control my home network - I have a piss poor ADSL2+ connection at the new house we are living in temporarily (16/1) and in the home my unRAID box is connected to a UniFi AC Pro connected by wireless uplink to another that is connected to my router.   I've gone for wireless uplink as I can't run an ethernet cable to where my server is and powerline was far too slow.  Because of these bandwidth constraints I want to take more control of the in-home traffic e.g. prioritise media streaming to my Android TV, Amazon Fire Boxes; prioritise SmartThings to see if I can improve response times etc and also bandwidth out to the internet e.g. automatically prioritse smartThings again, youtube, browsing etc over Torrents, usenet without having to use schedules etc etc.  It's annoying having to constantly stop/start items to free up in particular internet bandwidth (particularly as my family have no idea how to do this), so it'd be great if I could automate all of this.  It'd also be great if I could create custom content filters for the kids on their tablets/VMs.

 

Assuming this is possible with pfSense (will verify on pfSense board), if I create a pfSense VM in unRAID how many network adapters will I need to passthrough? one or two?  I only have one on my mobo, so I'll have to buy a new card - any advice on a cheap card welcome.

 

Also, given the location of my unRAID box in my network, will this even work i.e. does my pfSense VM need to be connected directly to my current router (can disable DHCP etc) to be effective??  I've knocked up a quick diagram to help ;-)

 

Thanks in advance.

DZMM Network.png

Edited by DZMM

Nice diagram ! Is it done with Visio ?

On the subject, I'd like to suggest vyos over pfsense. pfsense has a GUI and it will do QoS, but vyos, even being command-line based, will provide you a robust and easy to setup qos.

I have shared my vyos config, with a lot of features (check the first comment of the gist).

It also helps that vyos is one of the standard vms in unRAID.

 

 

  • Author
35 minutes ago, jbrodriguez said:

Nice diagram ! Is it done with Visio ?

On the subject, I'd like to suggest vyos over pfsense. pfsense has a GUI and it will do QoS, but vyos, even being command-line based, will provide you a robust and easy to setup qos.

I have shared my vyos config, with a lot of features (check the first comment of the gist).

It also helps that vyos is one of the standard vms in unRAID.

 

 

lol no - powerpoint!

 

thanks for the reply - very useful.  I like the idea of it being one of the unRAID templates.  The CLI put me off to start with, but after looking at your config it doesn't look too bad and the way you've setup your lanes to 'burst' if no traffic is exactly what I want to do.  Is most of your config default lines or did you create from scratch?  I'm nervous about missing something fundamental that leaves me exposed which is what the pfsense gui will stop me doing?

 

how many nics do you use?  Do I need two and would a vyos/pfsense firewall work where I'd have it located in my network i.e. via unRAID connected to a switch then an AP to get to the current router/internet?

  • Author

Just had a thought.  My unRAID server is the hub of my home and the biggest bandwidth hog, and what I really want to do boils down to I want to shape the traffic coming out of it e.g.

 

- if there's a lot of media streaming going on, slow down any downloads to not saturate the wi-fi

- only allow certain sites to be accessed on the kids VMs

 

I'm assuming I don't even need a dedicated nic to do this and can passthrough a virtual card for performance improvements? 

 

I only really want to do QoS not the whole security thing, DHCP thing

 

Thoughts?

20 hours ago, DZMM said:

Is most of your config default lines or did you create from scratch?  I'm nervous about missing something fundamental that leaves me exposed which is what the pfsense gui will stop me doing?

The vyos wiki has a basic config, which I built upon.

 

20 hours ago, DZMM said:

how many nics do you use?  Do I need two and would a vyos/pfsense firewall work where I'd have it located in my network i.e. via unRAID connected to a switch then an AP to get to the current router/internet?

I'm not really sure that the location of your unraid/firewall will work.

In my case, I have a separate server running as firewall and it's basically the first thing that touches internet traffic. If you put your firewall on an unRAID VM, you'll be left without internet connectivity whenever your unRAID server is down.

  • Author

thanks - I've come to the same conclusion.  I'm going to park this as it's too big a project for the few usecases I have, and I also checked that my APs do some QoS already automatically - I'll just stick with my local and router firewall for now.

Archived

This topic is now archived and is closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.