Introduction

FreeSDN is a vendor-neutral, self-hosted single pane of glass for physical and virtual infrastructure. One platform manages switches, access points, cameras, phones, firewalls, hypervisors, and observability pipelines - no cloud dependency, no per-device fees, no phone-home telemetry.

Pre-production / testing release

FreeSDN is under active development and is currently intended for evaluation, testing, and homelab use. It is not yet recommended for production or business-critical deployments. Features, APIs, and data schemas may change between releases. Please validate thoroughly in a non-production environment. Production readiness will be announced in a future release.

What FreeSDN manages

FreeSDN ships 10 modules. All run on the same stack; each is independently enabled per organization:

Module	What it covers
Network Management	Switch port management (enable / PoE / cycle), VLAN CRUD + interactive port-VLAN matrix, LAGs, port mirroring, APs / SSIDs, rogue-AP detection, topology, firmware lifecycle, config backup
Video Surveillance	Camera CRUD, live stream (RTSP/HLS/MJPEG/fMP4), snapshots, PTZ, recording playback, NVR import, LPR, forensic export + legal hold
VoIP & Telephony	Phone provisioning and fleet ops (onboard/migrate/reboot/factory-reset/push-SIP) plus PBX management (extensions, trunks, ring groups, queues, IVR, voicemail, DIDs, CDR)
Firewall	Rule CRUD and reorder, NAT, VPN (IPsec / OpenVPN / WireGuard) + stats, IDS/IPS, and gateway orchestration - canonical VLANs, drift detection, multi-controller distribution
Compute / Hypervisor	Proxmox VE: clusters, nodes, VMs, LXC containers, snapshots, backups, storage, SDN
Observability	Passive SNMP-trap, Syslog (RFC 3164/5424), and NetFlow (v5/v9) collection into TimescaleDB
Configuration Backup	Portable config snapshot (.fsdn archive: sites / controllers / devices / users / automation)
AI Assistant	Multi-provider LLM agentic assistant (OpenAI, Anthropic, Ollama), 11 tools, 3-layer governance
Access Control	Door, credential, cardholder, and schedule CRUD
Storage	TrueNAS health rollup (ZFS pools, alerts, disk temps) and staged blob writes

Access Control and AI Assistant are BETA

The Access Control module is off by default. Door lock/unlock endpoints return 501 - no door adapter ships yet for any vendor. Do not rely on it for operational door control.

The AI Assistant is also BETA. Review the AI governance model before enabling cloud providers in a production environment.

Adapters - 13 vendor drivers

FreeSDN talks to real devices via typed adapters. Maturity varies:

Tier	Adapters
Production	Omada (gold standard), OPNsense, pfSense, MikroTik (RouterOS v7), Hikvision, Proxmox
Beta	FreePBX, Grandstream, UniFi (network)
Preview	OpenWrt, TrueNAS (read-only: ZFS pools, alerts, disk temps), ONVIF-compatible cameras, UniFi Protect

ONVIF is a protocol shim (app/adapters/onvif/, ) used internally by camera adapters as a fallback for generic ONVIF cameras - it is not a standalone vendor adapter and does not appear in any tier row.

Write-capable adapters route all mutations through the staged dual-gate - nothing touches a live device until an operator explicitly applies the change. See Concepts for how this works.

Who is FreeSDN for?

• MSPs and IT teams running mixed-vendor sites who need a single management plane without locking every site into a single vendor’s cloud.
• Enterprises with compliance requirements who need self-hosted infrastructure with an auditable, no-surprises codebase.
• Homelabs and small networks that want Unifi-style UX without the Unifi vendor lock.

FreeSDN’s multi-tenant model (Organizations → Sites → Controllers → Devices) naturally fits MSP use: each customer organization is isolated at the application layer with a 7-tier role hierarchy and per-user site grants.

What is production-ready?

The core platform - auth, RBAC, multi-tenancy, the Network module, Hikvision cameras, Firewall / gateway orchestration, Proxmox compute, and Observability - is covered by automated tests and internal review, but no third-party security audit or certification is claimed. The CI suite runs automated checks. This has been tested in only a small number of local environments - evaluate it on its merits for your own deployment.

Honest scope

Access Control door control (501, no adapter), SAML SSO (501), and the AI Assistant (BETA) are not production-ready. The Configuration Backup module produces a config snapshot, not a full-system disaster-recovery image. See individual module pages for accurate scope.

License

FreeSDN core is licensed under AGPL-3.0-only. The freesdn-agent desktop/daemon package is MIT. There are no per-device fees, seat licenses, or usage-based charges. FreeSDN does not phone home or require internet access after installation - it is fully air-gappable.

Next steps

• Quickstart - up in under five minutes on Docker
• Concepts - the mental model before you configure anything
• Deployment Tiers - Lite / Pro / Max / HA explained