Hi folks, welcome to my tutorial for building Homelab. In this part, I will cover some setup I am setting on my server.

Of course, I need to plan a network. I haven't setup a network before, so this is one of the challenges for me.

flowchart TD;
    I[Internet]
    I1[GPON]
    I2[Main Router </br> 192.168.100.1]

    subgraph P1[Proxmox Server]
        P2[Physic Port Network </br> IP: 192.168.100.2/24]
        P3[Logical Network </br> IP: 192.168.100.2/24]

        subgraph vmbr0[vmbr0 Open vSwitch]
            LXC1[AdguardHome </br>192.168.100.x]
            LXC2[Pihole </br>192.168.100.x]
            LXC3[Dockerlxc </br>192.168.100.x]
        end 

        VM1[pfSense VM Firewall]

        subgraph vmbr1[vmbr1 Open vSwitch]
            VM2[VM </br> 10.0.50.x]
            VM3[VM </br> 10.0.70.x]
            VM4[VM </br> 10.0.24.x]
        end 
    end



    I --Optical_fiber--> I1
    I1 --RJ45--> I2
    I2 --RJ45--> P2
    P2 --hypervisor--> P3
    P3 --> LXC1
    P3 --> LXC2
    P3 --> LXC3
    P3 ----> VM1[pfSense VM Firewall </br> WAN/vtnet0: 192.168.100.147 </br> </br> LAN/vtnet1: 10.0.1.1/24 </br> </br> LAN/vtnet1.50: 10.0.50.1/24 </br> </br> LAN/vtnet1.70:1.70: 10.0.70.1/24 </br> </br> LAN/vtnet1.24: 10.0.24.1/24]

    VM1 --vlan1.50--> VM2
    VM1 --vlan1.70--> VM3
    VM1 --vlan1.24--> VM4

And this is my network diagram, let's break down it:

1. Internet.
2. GPON(fiber).
3. Main router.
   • For wifi and port forwarding.
4. Proxmox server on MS-01.
5. vmbr0 (Open vSwitch).
   • Bridged to the logical interface
   • Any VMs attached to this virtual switch will be on your home router’s LAN
6. Virtual pfSense firewall
   • WAN Port (vtnet0 interface)
     • This is not a public IP, but rather a private IP on your home router’s LAN
     • Attached to VMBR0
     • Allows traffic to get out to the LAN and to the Internet via your home router’s WAN port
   • LAN Port (vtnet1 interface)
     • Provides another virtual LAN for VMBR1
     • Firewall rules will dictate how traffic is routed between subnets
     • VLANs are defined as sub-interfaces on vtnet1
       • vtnet1 (native): 10.0.1.0/24
         • Any machine that is not tagged with a VLAN.
       • vtnet1.50 - 10.0.50.0/24
         • Sec egress network.
       • vtnet1.70 - 10.0.70.0/24
         • Private VMs.
       • vtnet1.345 - 10.0.24.0/24
         • Net for testing purposes.
7. vmbr1 (Open vSwitch)
   • Connect to pfSense LAN port.
   • Any VM, LXC will be connected to it, we can define the VLAN tags.

Why do we need it?

• I haven't used the firewall before, so this is my first time and I want to use to firewall (pfSense or OPNsense).
• I don't have a physical switch with trunk ports so I can use it in the pfSense virtual.
• You have only one network in card (NIC) such as laptop.

Reference

• Special thanks Benheter for detail the blog that I can follow and implement.