I am thinking of having a remote bare metal server running as a kvm node with just a couple of nic with internet coming straight to my server with a ip address. Usually I would be able to put a firewall between the server and service like opnsense. But I would like for all of that to be on the KVM node like a virtual machine to be my opnsense firewall. Any suggestions on the best way to do that? Am I overthinking this should my opnsense be wild vm maybe ? Please advise.
Thanks