I installed fedora server. I set up opnsense in the VM. I told networkmanager on the host to treat the dual port NIC as unmanaged. I have the container grabbing up that NIC and routing traffic to WAN and LAN/vLANs. that part is done.
Now I want to add a virtual network between the OPNsense guest and the fedora host so that traffic from the host can reach the guest without having to pass through the physical network outside the box. I see no reason to make it leave the box just to come right back into the box again. This is where I’m stuck.
talking with friends, arguing with chatGPT hallucinations, I finally just tried winging it visually in the cockpit UI and got it working, but it didnt survive reboots and broke again. From what I can tell, networkmanager and libvirt had a dispute over who managed a bridge. A lot of the stuff I’m finding on this was vague or meant for traffic flowing in the other direction. and I’m struggling to wrap my head around this.
How do I create a virtual network between my OPNsense guest and Fedora server host for the host and containers to reach the internet, LAN and VLANs through?
You must log in or register to comment.
Which virtualization implementation? QEMU/KVM?
libvirt qemu/kvm.
I’m runnign into virtio bottlenecks I cant get out of now too. I cant do PCI passthru on this unless I give up the GPU on this board because I didnt consider that when I bought the hardware -_-You can passthrough more than one device at a time. This is probably the source of your slow speeds.
Add a virtual nic to the opnsense VM and bind it to the host bridge, that way you can use both the VM network and the physical LAN without a lot of faf.
This board will not let me do pci passthru. Only the GPU slot and one of the m2 slots are in seperate IOMMU groups. Everything else is just dumped into the same IOMMU group.
Then you will have to do it with bridging.
Create a second bridge and bind only the wan interface and the physical interface of opnsense to it. Then create a 2nd interface for opnsense, but bind it to the brIdge libvirt uses to connect its guests.
also, I have isolated and devoted 2 threads, 1 core, of a ryzen 5800XT CPU to this VM and my WAN download traffic wont exceed 625mbps! I dont even have IDS or anything enabled yet. How can that be?
