Ugh, I want to build an opnsense router but I can’t go spending unnecessarily until I find a job.
Anyone hiring an IT admin and/or software engineer in the Portland area?
Ugh, I want to build an opnsense router but I can’t go spending unnecessarily until I find a job.
Anyone hiring an IT admin and/or software engineer in the Portland area?
Wyse 5070 thin clients are cheap on ebay and work great.
How do you deal with only 1 Ethernet port?
Vlan to managed switch? USB Ethernet adapter?
Also, is this powerful enough for a symmetrical 1gig connection?
I run it on a Fujitsu Futro S720 thin client (bought for 40€ on ebay) with a VLAN aware switch. I know the Futro is not available in the US, but there is an HP thin client similar to it.
Theres a NIC that uses the WiFi m.2 socket and mounts in th thin client option port.
Ive been running it at full speed on symmetrical gigabit pppoe with opnsense for a while. Works great.
I use vlans to work with it.
If you have a Proxmox box with 2 NICs, it requires very little resources as a VM.
I've been rocking an ali express mini PC since 2017, started with pfsense for a year and ditched it when the devs had multiple public tantrums. Opnsense ever since then. It's been rock solid and super stable since. Super happy I went with it!
So this would basically allow me to use unbound as a DNS filter and resolver? Any reason why one would use adguard/blocky in their setup? Would it be more performant to use blocky + unbound, or have all your filtering done using unbound?
unbound as a DNS filter and resolver
Its.... worked as a recursive resolver, with filtering/blacklist features for years now?
That’s cool, so why would someone run pihole/adguard/blocky with unbound?
Not a clue.
Maybe they like the pretty dashboard pihole has.
I pull all my data into Grafana anyway, so dashboarding on any platform holds little attraction for my use case.
That said, my pair of Pi-hole servers pre-dates my OPNsense setup, plus I use a lot of internal hostname resolution for service portability. My single instance of OPNsense doesn't tick all those boxes for DNS.
Unbound will do complete domain redirection to another service on itself or individual host overrides if you wanted to do that in the OPNsense box alone. What I like about the host overrides being on the Opnsense box is that you can have DHCP make the clients register their hostnames with Unbound for automatic registration, and if you combine that with IP reservations, it's that much more predictable.
Yeah, no doubt there's some benefits there. My problem is that I don't (yet) have the storage system to make my Proxmox cluster properly HA. Technically, a hardware fault could still take down my OPNsense instance, whereas I have a secondary Pi-hole running on a RasPi, for redundancy.
I think you can also export to graphana via Prometheus if you want to get fancy.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:
Fewer Letters | More Letters |
---|---|
DNS | Domain Name Service/System |
HA | Home Assistant automation software |
~ | High Availability |
IP | Internet Protocol |
[Thread #260 for this sub, first seen 2nd Nov 2023, 20:10] [FAQ] [Full list] [Contact] [Source code]
This is good to know as I'll be seeing up a new opnsense router in the next few weeks.
I didn't know. I'll have a look. thanks for sharing.
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
Resources:
Any issues on the community? Report it using the report flag.
Questions? DM the mods!