Setting up a new pfSense router, and I'm a bit confused on how to choose between IP Alias or Proxy ARP for my needs. I do not intend to setup HA, so I'm assuming CARP is unnecessary.
I have a public CIDR block (203.0.113.0/26) assigned from my ISP and configured as such:
Upstream Gateway: 203.0.113.1
Broadcast: 203.0.113.63
pfSense WAN: 203.0.113.2/26
Management LAN: 10.0.0.1/24
DMZ VLAN: 10.0.10.1/26
Goal: I want to route the remaining public IPs to virtual machines on the DMZ VLAN using 1:1 NAT. These servers will be public-facing web servers. I do plan to use pfBlockerNG to limit unwanted traffic.
Question: Which should be the preferred (or only) option for configuring the virtual IPs given the goal, and why? I've read through the pfSense documentation, but I'm still not 100% sure. Is there a definitive answer or are both acceptable methods?
https://docs.netgate.com/pfsense/en/latest/firewall/virtual-ip-addresses.html?highlight=virtual