[CentOS-virt] recommended network setup for kvm/qemu VM running pfsense?

Wed Sep 15 13:14:26 UTC 2021
hw <hw at gc-24.de>

Hi,

I'm planning to set a up a kvm/qemu VM with pfsense.  I have a quad-port 
Intel PRO/1000 PT networking card to put into my server which I want to 
use as card dedicted to this VM.

I was planning to use PCI passthrough to hand over the network card (or 
all ports on the card) to the VM.  However, according to 
https://libvirt.org/formatdomain.html#network-interfaces using a bridge 
(bridges in this case) is the "recommended config for general guest 
connectivity on hosts with static wired networking configs".

Pfsense running in the VM will have a static ipv4 address and a dynamic 
ipv6 subnet via a pppoe connection to the ISP.  Addresses on the other 
networks the VM will be connected to are static, except for the ipv6 
addresses Pfsense will get via prefix-delegation and distribute to local 
clients.

The libvirt documentation shows a multitude of options to give network 
access to VMs.

What would be the best option for this purpose?