IPFire on a virtual machine environment

I thinking about running IPFire in a virtualized machine environment. My thinking is that in a VM environment, I can clone the production IP fire, upgrade, try new applications etc. and if something fails, I can flip back to the production image.

I suspect I would need some sort of tiny linux + kvm for the host and attach the red interface to a bridge not accessible to the host OS.

Are there any security risks that I should be aware of?

You could also use an hypervisor running directly on the bare metal ESXi

They do have a free ESXi if I recall. I was white to stay with KVM because I’m trying to build a series of tools for things like backups and proper check pointing etc. That would be a nice place for running them. The other reason, if I can do it securely, is that I have an at-home server just sitting there running little web applications and as a backup target for my Windows laptop. It’s really heavily underused but does have a nice 6 TB of storage.

If there was convincing evidence I could safely run IPFire as my main firewall under KVM on my main server, that could be also an interesting platform for experimentation.

Yes, they are massive. For testing, virtualisation is absolutely fine, but I would not recommend it for production.

1 Like

I suspected as much. how does AWS IPFire provide security if there are massive risks in a VM environment? looks I need to do some form of dual boot so I can flip between testing and production systems.

1 Like

The cloud has exactly the same problem. There are tons of articles out there that explain it very well.

People who use AWS are taking this risk into account that all their data and private key material might leak into another VM of another customer.