Skip to content

pve0-core

Critical infrastructure node. If this goes down, the whole network goes down (OPNsense runs here).

Hardware

Component Detail
IP 10.37.16.2 (VLAN 16 – Servers)
CPU Intel Core i5-6500 @ 3.20GHz (4 cores)
RAM 15 GB
Hypervisor Proxmox VE

Storage

Physical Disks

Device Model Size Type Role
sda Crucial CT250MX500SSD1 233 GB SSD OS disk (LVM)
sdb Samsung SSD 860 EVO 500GB 466 GB SSD VM/CT disk images (LVM-thin)

OS Disk Layout (sda — LVM)

Volume Size Purpose
pve-root 224 GB Proxmox root filesystem
pve-swap 8 GB Swap

VM/CT Disk Allocation (sdb — LVM-thin pve-images)

Volume Size CT/VM
vm-100-disk-0 128 GB opnsense
vm-101-disk-0 32 GB adguard
vm-113-disk-0 16 GB ns1
vm-123-disk-0 8 GB ts-gateway
vm-109-disk-0 8 GB bastion
vm-117-disk-0 8 GB step-ca
vm-121-disk-0 8 GB radius-tls
vm-127-disk-0 8 GB omada
vm-124-disk-0 6 GB services-proxy-01
vm-128-disk-0 2 GB cloudflared
vm-129-disk-0 2 GB authelia

Storage Pools

Pool Type Total Used Notes
pve-images LVM-thin 478 GB 151 GB VM/CT disk images (sdb)
local dir 231 GB 48 GB ISO, templates, local backups (sda)
backup-local dir 231 GB 48 GB Local backup target (same disk as local)
backup-pve1 NFS 6.7 TB 43 GB Remote backup target mounted from pve1-media (zpool0/pve-backup/pve0-core)
pve-zfs ZFS pool Disabled

Bridges

Bridge Type Description
vmbr0 VLAN-aware trunk Carries all tagged VLANs. Containers specify VLAN via tag=.
vmbr1 Untagged DMZ bridge (VLAN 176). All attached interfaces are natively on the DMZ segment.

LXC Containers

CT ID Hostname VLAN IPv4 IPv6 (ULA) Cores RAM Role
101 adguard 64 10.37.64.53/24 auto 1 512 MB DNS ad-blocking. IP .53 is intentional (DNS port).
109 bastion 176 10.37.176.23/24 fda8:288c:4f37:b000::23/64 1 512 MB Bastion host. Dual-stack.
113 ns1 64 10.37.64.54/24 fda8:288c:4f37:4000::54/64 1 512 MB Internal DNS server.
117 step-ca 16 10.37.16.128/24 fda8:288c:4f37:1000::128/64 1 512 MB Internal certificate authority (step-ca).
121 radius-tls 16 10.37.16.129/24 auto 1 512 MB RADIUS server (802.1X / WPA-Enterprise).
123 ts-gateway 176 10.37.176.22/24 auto 1 512 MB Tailscale subnet router.
124 services-proxy-01 176 10.37.176.32/24 fda8:288c:4f37:b000::32/64 1 512 MB Reverse proxy.
127 omada 8 10.37.8.2/24 fda8:288c:4f37:800::2/64 2 4096 MB TP-Link Omada WiFi controller.
128 cloudflared 176 10.37.176.30/24 DHCP 1 512 MB Cloudflare Tunnel daemon.
129 authelia 176 10.37.176.64/24 1 512 MB SSO / authentication portal.

Virtual Machines

VM ID Name VLAN Cores RAM Role
100 opnsense 2 4096 MB Router/firewall. WAN NIC via PCI passthrough. Manages all VLANs.