OPNsense Bare Metal vs Virtualization (sh.itjust.works)

submitted 2 months ago by CosmicRanger@sh.itjust.works to c/selfhost@lemmy.ml

1 comments fedilink hide all child comments

cross-posted from: https://sh.itjust.works/post/49034430

Looking for some advice / recommendations / considerations on running OPNsense on bare metal vs virtualized, and if virtualized how best to do so.

I currently have OPNsense running bare metal on a Protectli FW6E Vault, with the following specs:

Intel i7-8550U CPU @ 1.80GHz

120GB mSATA (1% utilization)

16GB RAM (6.5% utilization)

6 Gigabit Ethernet NIC ports

The Vault running OPNsense is the primary firewall and router, any wireless devices connect through a dumb AP running OpenWRT. Connected over Ethernet I have a RPi running HomeAssistant OS (would probably also move to virtual if that's the chosen direction) as well as a TrueNAS setup.

How much of a performance hit would be expected running in some sort of container vs the current bare metal setup? Are there any other concerns with running the main firewall / router virtually vs bare metal to take into account?

top 1 comments

sorted by: hot top controversial new old

[-] scarecrow365@reddthat.com 2 points 2 months ago

I've run mine as a VM for several years now. I haven't noticed any appreciable impact on performance vs bare metal. I am able to max out my 1000/40 WAN.

That being said, the platform you use to virtualize it on will have an impact. I am running mine on a 3 node proxmox cluster with 10gig networking and SSD backed Ceph storage, so my benchmarks for performance grossly outweigh what my WAN bandwidth can accommodate.

this post was submitted on 02 Nov 2025

3 points (80.0% liked)

Self Hosted - Self-hosting your services.

17821 readers

1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules

No harassment
crossposts from c/Open Source & c/docker & related may be allowed, depending on context
Video Promoting is allowed if is within the topic.
No spamming.
Stay friendly.
Follow the lemmy.ml instance rules.
Tag your post. (Read under)

Important

Lemmy doesn't have tags yet, so mark it with [Question], [Help], [Project], [Other], [Promoting] or other you may think is appropriate. This is strongly encouraged!

Cross-posting

!everything_git@lemmy.ml is allowed!
!docker@lemmy.ml is allowed!
!portainer@lemmy.ml is allowed!
!fediverse@lemmy.ml is allowed if topic has to do with selfhosting.
!selfhosted@lemmy.ml is allowed!

If you see a rule-breaker please DM the mods!

founded 4 years ago

MODERATORS

dogmuffins@lemmy.ml

Zoe8338@lemmy.ml

testman@lemmy.ml