Hi there
We have new project for our network and we decide to use ipfire with mikrotik but this time as VM
So we get new hp server with 16g ram and 2 cpu each one 4 cores with 512g sad hard drive
with sfp+ network card (2 ports )
So we install proxmox in our server and install mikrotik Chr and install ipfire and just theme will be in it and each one have 8g ram and one cpu with there cores
My Question is it safe to use ipfire in this practice
Thx
yes i see theme but as i see
Virtual environments break the security of the firewall. Since resources are being shared between different virtual machines, it is easily possible to break out of one of them into the firewall through the host system. Those attacks are impossible to detect by IPFire and transmitted packets, key material and other sensitive information can be stolen or altered.
If it share for 2 vms one of them is ipfire and second is mikrotik Chr and Chr route total traffic from client to ipfire and from ipfire to core router
Is it stay break security ?
Thx
What for do you need mikrotik CHR?
Why do not use just IPFire on bare metal?
I use mikrotik Chr for src-nat and dst-nat and with some mark routing mangle and PCQ limit and ipfire for firewall only firewall filter and in some case proxy server i trust with ipfire firewall , and in future our network will have multiple server to handle all our growthing traffic .
SNAT, DNAT, QOS are possible with IPFire also.
Putting these in a separate appliance to distribute system load makes sense with distinct HW only.
If both run in a VM on the same HW system there is no gain.
Just my 2c.
