Software company I work for are starting to check how secure home labs are. Good idea but means I need to get a few things redesigned.
I need to build a more secure zone in my home network in to which I can deploy and run various VM’s.. I was planning to convert my home network to 10GBE (mainly between office (where I work) and basement (where I have server, nas, switch)
Looking on netgate.com an adequate appliance with 10GB throughput seems to be based on an Intel Xeon Processor D-1537 - a low TDP class 8 CPU (Intel Xeon CPU D-1537 @ 1.70 GHz) based machine.
Plan is to virtualize TNSR on to ESXi 7 running on PowerEdge 630 which is currently running with 16 CPUs x Intel(R) Xeon(R) CPU E5-2630L v3 @ 1.80GHz.
I have a a double X520-DA 10GB card - one of the ports is used for a 10 GBE DAC connection to a Synology NAS (this provisions ESXi datastore over iSCSI)
Could the remaining 10GB port be passed through directly to the TNSR VM with a 10 GBE uplink to suitable 10 GBE switch (Probably USW-Agregator) ?
On the internal side then set up a new ESXi vSwitch with multiple VLAN’ed port groups in order to connect to the VM subnet. No additional physical adapter needed, right ?
Any suggestions or advice on best way to get going ? I’ll admit I’m not too hot on network security nor networking in general since it’s not my day to day work but not a complete noobie either…
I need to build a more secure zone in my home network in to which I can deploy and run various VM’s.. I was planning to convert my home network to 10GBE (mainly between office (where I work) and basement (where I have server, nas, switch)
Looking on netgate.com an adequate appliance with 10GB throughput seems to be based on an Intel Xeon Processor D-1537 - a low TDP class 8 CPU (Intel Xeon CPU D-1537 @ 1.70 GHz) based machine.
Plan is to virtualize TNSR on to ESXi 7 running on PowerEdge 630 which is currently running with 16 CPUs x Intel(R) Xeon(R) CPU E5-2630L v3 @ 1.80GHz.
I have a a double X520-DA 10GB card - one of the ports is used for a 10 GBE DAC connection to a Synology NAS (this provisions ESXi datastore over iSCSI)
Could the remaining 10GB port be passed through directly to the TNSR VM with a 10 GBE uplink to suitable 10 GBE switch (Probably USW-Agregator) ?
On the internal side then set up a new ESXi vSwitch with multiple VLAN’ed port groups in order to connect to the VM subnet. No additional physical adapter needed, right ?
Any suggestions or advice on best way to get going ? I’ll admit I’m not too hot on network security nor networking in general since it’s not my day to day work but not a complete noobie either…
Last edited: