

Kitty!
Rocket Surgeon


Kitty!


Mine was not very expensive. Amazon refurb, I think. Robot 360.
It has a small tool with a razor and a brush. Definitely does not clean itself tho.


My cats love my vacuum robot!
They are not magic. You gotta watch the dang things. Mine ate a dental pick the other day, so I pulled it out and sent him on his way. He started choking again, and I turned him off. When I got around to inspecting it, it was another dental pick, just jammed farther up his craw.
And they are tiny. The cruft builds up fast. I’ve got long hair and 2 cats. I have to empty the dustbin after a single use, and I have to pull the roller and cut out the hair every 3 uses.
But they get under shit that I would never clean. My place is way less dusty due to the robot going under stuff and cleaning it all.
And they also clean when you don’t want to. That’s really nice. I think I’ll send mine on a mission now…


Yup. I pay about $6/month for Hetzner with my NextCloud. Love it.


Cool. Yes, this looks reasonable. It looks logical.
So, my main recommendation is consider the use of virtual bridges to manage the network instead of passthrough. And I recommend installing and using the OVS style virtual bridge.
https://pve.proxmox.com/wiki/Open_vSwitch

This gives you flexibility going forward. Say you want to run something out in the DMZ instead of behind the firewall, well you just attach that VM to the DMZ bridge instead. And it gives you an easy way to provision network for VMs. You just attach them to the LAN bridge.
(RoaS is a terrible name. Router on a Stick. It means your router is on the same switch as its clients, and all the communications go up and down that one port. It’s a perfectly legit way to manage a network, but sorta ugly and not what you are doing with your fancy 3-port rig. :)


I own 2 OpenWRT routers. Fun little things. Love em.
But running a virtual firewall is a perfectly reasonable goal. OpenWRT doesn’t have the feature set that OPNsense has.
They are not the same sort of product. Lot of common ground, but not the same thing.


There’s a few things we don’t know here.
There’s nothing wrong with your plan, but that’s not how I would do it.
I don’t pass through NICs. I bond them or I bridge them.
In a virtual world, this sort of task is done with virtual switches. OVS switches at my job.
OVS is a lot easier to use than oldskool linux bridges that come installed with Proxmox. There’s already a dropdown in Network where you can build with OVS objects, but you need to add the package.
apt install openvswitch-switch
MGT. For your setup, I might consider (the onboard!) eth3 as my mgt NIC. That might be handy some day if you have to remove that card. Your server will still be online.
DMZ WAN. I would run the WAN line straight to eth1. Add eth1 to a ‘dmz’ virtual switch. Add the OPNsense WAN leg to this dmz virtual switch, so the OPNsense (and nothing else) can directly talk to the upstream router.
LAN Virtual. Create a ‘protected network’ virtual switch. Add the OPNsense LAN leg to this virtual switch. VMs can be a member of this downstream protected network and access any services provided by the OPNsense.
LAN Local. If you need to share the OPNsense protected network back out to other devices, add eth2 to to the protected network switch, and ethernet cable out from eth2 to a dumb switch. Plug other external devices into the dumb switch, and they will be downstream from and protected by your OPNsense, accessing its services.
Feel free to ignore me here. I build a lot of big things, so I use enterprise-scale techniques. There’s nothing wrong with your pass-through plan.
And … you can do this! I have a somewhat similar setup on my laptop with HyperV, so I can distribute wired (work VPN) and wireless (everything else) internet to guest VMs and the main OS. I made two virtual switches in HyperV.
Good luck!


It’s interesting that you are not a bot and have some purpose, but I’m blocking you anyway. Crossposts suck.


Oh that would be an interesting mess.


Tell us more about Peter Thiel’s ovipositors.



Right. It’s all so fuzzy now.
Like, this is close enough to a real pop-sci factoid and close enough to a real linkedin spamoid that it just might be real.
And if not now, wait a few weeks. Some AI is gonna scrape that shit and start using it.





And make sure you got Cisco ones for your Cisco gear. And wtf ever for your Dell crap. And the shitty ones your boss bought have 15% failure rate out of the box.
Sure. Tech this lousy needs some staunch believers.


I’ll continue to call that no fukin reason at all.
Or we could call it inherent design issues. Which is about the same thing.


I have 35 years in the field. Welcome.
If you’ve not seen a jammed SFP, read this thread. It happens.


Well that sux. I tried to get banned too, but my lemmy skills are not sufficient. I can’t find that post from my account, finally gave up. That sure sounded like fun tho.
It’s a cartoon, but I’ll suspend disbelief enough to say that’s a Dicynodont and an Archaeopteryx. And I guess that’s the joke …
I recently earned the Cisco CCST Cybersecurity cert.
Over and above the CCST Network cert, I learned a few things about configuring firewalls, ACLs, and zones.
But at least a third of the entire cert was this bullshit.
Lingo. Abbreviations. Dumb new ways to not say what you mean.


Trust me. You need Plextastic. Its got all the cool new stuff.
Just a small fee.
You will come around.
This would not work for me.
My cats are fukin weird. Mostly, they won’t touch anything but cat food.
Unless its like crackers on the kitchen counter at night, and I think they do that just to make a mess. They don’t really eat crackers either.