Architettura

graph TD
    %% Stile generale
    classDef server fill:#f9f,stroke:#333;
    classDef vm fill:#bbf,stroke:#333;
    classDef network fill:#9f9,stroke:#333;
    classDef firewall fill:#f99,stroke:#333;

    %% Nodi principali
    Dell740["Dell PowerEdge R740\n(Proxmox Host)"]
    class Dell740 server

    %% Interfacce di rete fisiche
    NIC1G1["NIC 1Gbps (eth0)"]
    NIC1G2["NIC 1Gbps (eth1)"]
    NIC1G3["NIC 1Gbps (eth2)"]
    NIC1G4["NIC 1Gbps (eth3)"]
    NIC40G1["NIC 40Gbps (eth4)"]
    NIC40G2["NIC 40Gbps (eth5)"]
    class NIC1G1,NIC1G2,NIC1G3,NIC1G4,NIC40G1,NIC40G2 network

    %% Bridge/VM Network (Proxmox)
    vmbr0["vmbr0 (Bridge LAN)"]
    vmbr1["vmbr1 (Bridge WAN/UPLINK)"]
    class vmbr0,vmbr1 network

    %% VM Firewall (pfSense/OPNsense/NFT)
    FirewallVM["Firewall VM\n(NFT + Caddy + dnsmasq)"]
    class FirewallVM firewall

    %% Altre VM in Proxmox
    VM1["VM 1\n(Es: Web Server)"]
    VM2["VM 2\n(Es: Database)"]
    class VM1,VM2 vm

    %% Collegamenti fisici
    Dell740 --> NIC1G1
    Dell740 --> NIC1G2
    Dell740 --> NIC1G3
    Dell740 --> NIC1G4
    Dell740 --> NIC40G1
    Dell740 --> NIC40G2

    %% Bridge Proxmox (esempio di configurazione)
    NIC1G1 --> vmbr0
    NIC1G2 --> vmbr0
    NIC40G1 --> vmbr1  
    NIC1G3 -->|Optional| vmbr1

    %% VM collegate ai bridge
    vmbr0 --> FirewallVM
    vmbr0 --> VM1
    vmbr0 --> VM2

    %% Firewall come gateway per le altre VM
    FirewallVM -->|NAT/Routing| vmbr1

    %% Legenda
    subgraph Legenda
        N1["Server Fisico"] -->|Stile| N1Style[fill:#f9f]
        N2["VM"] -->|Stile| N2Style[fill:#bbf]
        N3["Firewall"] -->|Stile| N3Style[fill:#f99]
        N4["Rete/Bridge"] -->|Stile| N4Style[fill:#9f9]
    end