ZeroTier and DNS issues
-
By registered, I assume you mean that at least one of your AD DNS servers has to be part of the Pertino network?
-
In Pertino, in a more traditional network (not the totally remote type that NTG runs) where you have mostly local client computers to the server, and a few remote (via Pertino), does DNS have both IPs (local network and Pertino IPv4) addresses registered in DNS?
And if so, how do local clients know to use the local IP instead of the remote IP from DNS?
Is the DNS server smart enough to see if there is a local IP (local to the client) for the machine in question before responding to the client? What if you have a multi-segment LAN, so the IP is no longer local, but still not wanting to use the Pertino IPv4 - i.e. anything local can't reach Pertino IPs.
-
@Dashrender said:
By registered, I assume you mean that at least one of your AD DNS servers has to be part of the Pertino network?
No, it has formal AD handling. You can have up to three AD DCs registered with Pertino. It is "AD Aware" and handles them specially hijacking their DNS and altering it as needed.
-
@Dashrender said:
In Pertino, in a more traditional network (not the totally remote type that NTG runs) where you have mostly local client computers to the server, and a few remote (via Pertino), does DNS have both IPs (local network and Pertino IPv4) addresses registered in DNS?
If you are using their AD Connector, yes.
-
@Dashrender said:
And if so, how do local clients know to use the local IP instead of the remote IP from DNS?
Pertino DNS Hijacking.
-
@Dashrender said:
Is the DNS server smart enough to see if there is a local IP (local to the client) for the machine in question before responding to the client? What if you have a multi-segment LAN, so the IP is no longer local, but still not wanting to use the Pertino IPv4 - i.e. anything local can't reach Pertino IPs.
It does link detection.
-
Ug - well this doesn't help me with regards to ZT.
-
@Dashrender said:
Ug - well this doesn't help me with regards to ZT.
Nope, Pertino faced this and the challenge was huge. It is something everyone in full mesh networks face. It is a huge part of what makes Pertino an enterprise product.
-
At $3.50/device/month - it's pretty damned expensive. Hell when you compare it to something like O365, it's ungodly expensive!
-
I have to agree.
For the price of Pertino for our clients, they can buy a fricken Sonicwall with all the crazy licenses for gateway AV and still get VPN connectivity.
Bearing in mind, they could buy the Sonicwall each year...brand new.
-
@Dashrender said:
At $3.50/device/month - it's pretty damned expensive. Hell when you compare it to something like O365, it's ungodly expensive!
They can charge what they want, they have no competition
-
Not yet.
The problem with Pertino is they are enjoying the monopoly, until someone breaks that monopoly and forces them to change tactic, by then they might have already lost too many leads due to their pricing.
-
For everyone "stuck" with Pertino, I encourage you to check out ZeroTier. (www.zerotier.com) It's free for up to 10 devices so you can tinker around with it... If you decide to go with ZT, it is $4 per Network that you create... no per device charges.
Check it out and see if it will work for you... (God, I sound like a sales rep, lol... I'm not, I promise... I just really like their service!)
-
@dafyre said:
For everyone "stuck" with Pertino, I encourage you to check out ZeroTier. (www.zerotier.com) It's free for up to 10 devices so you can tinker around with it... If you decide to go with ZT, it is $4 per Network that you create... no per device charges.
Check it out and see if it will work for you... (God, I sound like a sales rep, lol... I'm not, I promise... I just really like their service!)
That's what @Dashrender is having issues with right now.
-
ZeroTier does not appear to have Pertino functionality and it is Pertino functionality that he needs.
-
@Dashrender how many end points would you need to put on Pertino?
-
The owner, soon to be division CEO of Lastpass was on Security Now yesterday.
One of the things he mentioned was that he hoped to get Himachi under his umbrella and bring it back to life. I'm not sure what that has to do with identity, but he felt that they were related and could bring new life to LogMeIn.
-
@Dashrender said:
The owner, soon to be division CEO of Lastpass was on Security Now yesterday.
One of the things he mentioned was that he hoped to get Himachi under his umbrella and bring it back to life. I'm not sure what that has to do with identity, but he felt that they were related and could bring new life to LogMeIn.
Hamachi has identical issues to ZeroTier here and LMI has no engineering talent left or else they would get LMI working instead of it slowly dying off. Hamachi has been dead for nearly a decade, it's time to bury those products.
-
One thing you may want to check is that your LAN / Wireless connections are above the ZeroTier interface under Network Connections -> Advanced Settings
-
@scottalanmiller said:
@Dashrender said:
The owner, soon to be division CEO of Lastpass was on Security Now yesterday.
One of the things he mentioned was that he hoped to get Himachi under his umbrella and bring it back to life. I'm not sure what that has to do with identity, but he felt that they were related and could bring new life to LogMeIn.
Hamachi has identical issues to ZeroTier here and LMI has no engineering talent left or else they would get LMI working instead of it slowly dying off. Hamachi has been dead for nearly a decade, it's time to bury those products.
I hear what you are saying - I think this is why LMI bought Lastpass. The LP guys still have fire in their belly. Hopefully they can turn things around...
The problem I have with them is their pricing structure. The product has always been solid for me.
