How secure is the firewall inside the proxmox VM?

V

VRS2020-06-22 15:08:16

System administration

VRS, 2020-06-22 15:08:16

There is a virtual machine (proxmox hypervisor) where pfsense is installed. There are 2 virtual interfaces configured inside the vm, they are bridged through the hypervisor to the physical ones, that is

vmb1 to real1 WAN  "LINUX Bridge"
vmb2 to real2 LAN   "LINUX Bridge"

The virtual machine acts as a gateway. Physically and virtually these two network interfaces are different. Also, to access proxmox, there is another separate physical interface to a different subnet.

The question is how reliable is the isolation of network interfaces in proxmox and is there a chance that they can somehow get inside the hypervisor? If they can break in, then how to cover this opportunity?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

C

CityCat4, 2020-06-23
@citmai

FreeBSD worked for me for several years as a virtual machine - a router, a firewall and everything else - being a VM on VmWare. Nothing happened :) The question here is not the reliability of isolation of network interfaces, but the reliability of isolation of the VM from the hyper and from neighboring machines. Meltdown, spectrum and others...

K

ky0, 2020-06-22
@ky0

If the server with the hypervisor does not have an IP address on the bridges, how can one get there?