zirias@
Developer
It's time to think about a new server I will use in my private network, and I'd like to base it on FreeBSD this time. As my experience with FreeBSD so far is only a VM on my Linux Desktop for experimenting and the new installation on my notebook that's still work in progress, both running 11.0-CURRENT, I'm looking for some advice here.
First a quick description of my current server:
First a quick description of my current server:
- Runs XEN 3.2 with a minimal Linux (Debian) dom0 and custom patched kernel using some old SuSE modifications for managing the hardware and providing the volumes on encrypted storage
- Hosts three Debian paravirtualized VMs, one as a router/firewall, one providing all internal services and one for services that are accessible from the outside (kind of "poor-mans DMZ")
- The router/firewall VM has exclusive control over the single physical NIC
- Additionaly hosts a Windows Server 2008R2 hardware-virtualized VM
- stable and reliable (so, probably not running -CURRENT)
- provide the separation of internal services, external services and firewall in a way comparable to what I have now (especially in terms of security)
- I also want that virtual Windows server again, it's nice for testing stuff, e.g. some builds on win32, or for hosting some windows applications without the need for a local VM.
- Full disk encryption (but this doesn't seem an issue, geli happily encrypts my whole ada0 on my notebook now)
- Ideally run a PBX using some FXS/FXO card to connect POTS lines to a SIP provider.
- For the separation of firewall, internal and external services, maybe jails could do? Would there be a way to disconnect the host system from the physical network while allowing one jail access?
- Am I correct to assume both xen dom0 support and bhyve support for windows guests are only available in -CURRENT so far? Is there a recommended alternative?