I’m running VMware vSphere 4.1 with 3 hosts. I’ve completed the task of virtualizing all “old” physical servers exept the last one running the role as firewall.
Now I’m planning on virtualizing this last server as well. It’s running OpenBSD with PF as firewall.
My initial plan was to virtualize the firewall as put it on one of the hosts dedicating a phycical NIC for it’s external interface. Of course in this scenario it won’t be possible to migrate (using vMotion) the virtual machine to other hosts.
What are the “best practises” for virtualizing a firewall?