Software Defined WAN
-
@wirestyle22 said:
@dafyre said:
@wirestyle22 said:
@scottalanmiller said:
NTG was doing a pretty elaborate SDWan by 2001 with dedicated hardware at every site and home.
These days, if you want this, often the best choices are things like ZeroTier and Pertino.
Do you need any hardware for ZeroTier? It's entirely done through software? I might use this for my single PC group homes. My company won't buy any new hardware for them unless things break.
ZeroTier is totally done in software. It does require a computing device (PC or Mac). It won't work on Switches and Printers.
Even if you're printing using something like Tricerat Screwdrivers?
I actually don't know what Tricerat Screwdrivers are. But chances are, your printer will actually not be on the ZeroTier network, so you still won't be able to print unless you are on the same network as the printer. [This is true of all printers]
-
@wirestyle22 said:
@dafyre said:
@wirestyle22 said:
Is it possible to use this in conjunction with a File Server to provide an alternative means of accessing and also provide domain authentication or am I way off base here?
That is pretty much what ZeroTier is for. The easiest way to use it though, is an all-or-nothing approach. Every computer runs it (AD Domain Controller, DNS servers, Workstations, Laptops). Otherwise, you get fun issues with DNS returning wrong IP addresses.
You mean even domain connected workstations? Is this just for mapping purposes?
Pretty much, yes. There are other ways you can do it and not have to install ZT on everybody's computer... but it can muddy the waters a bit.
-
@dafyre said:
@wirestyle22 said:
@dafyre said:
@wirestyle22 said:
Is it possible to use this in conjunction with a File Server to provide an alternative means of accessing and also provide domain authentication or am I way off base here?
That is pretty much what ZeroTier is for. The easiest way to use it though, is an all-or-nothing approach. Every computer runs it (AD Domain Controller, DNS servers, Workstations, Laptops). Otherwise, you get fun issues with DNS returning wrong IP addresses.
You mean even domain connected workstations? Is this just for mapping purposes?
Pretty much, yes. There are other ways you can do it and not have to install ZT on everybody's computer... but it can muddy the waters a bit.
If ZeroTier is linux compatible I wonder if you could turn a Raspberry Pi into an external NIC kind of like external hp jet direct cards. What do you think @scottalanmiller
Update: Oh my god they even have it for Rasbian.
-
@wirestyle22 said:
@dafyre said:
@wirestyle22 said:
@dafyre said:
@wirestyle22 said:
Is it possible to use this in conjunction with a File Server to provide an alternative means of accessing and also provide domain authentication or am I way off base here?
That is pretty much what ZeroTier is for. The easiest way to use it though, is an all-or-nothing approach. Every computer runs it (AD Domain Controller, DNS servers, Workstations, Laptops). Otherwise, you get fun issues with DNS returning wrong IP addresses.
You mean even domain connected workstations? Is this just for mapping purposes?
Pretty much, yes. There are other ways you can do it and not have to install ZT on everybody's computer... but it can muddy the waters a bit.
If ZeroTier is linux compatible I wonder if you could turn a Raspberry Pi into an external NIC kind of like external hp jet direct cards.
Update: Oh my god they even have it for Rasbian.
They do? Nice!
I know they have binaries for Windows, Linux, Mac, and Android. You can build it yourself on other platforms (*BSD, and a few others).
Building from source isn't too bad on Linux.
-
@dafyre said:
@wirestyle22 said:
@dafyre said:
@wirestyle22 said:
@dafyre said:
@wirestyle22 said:
Is it possible to use this in conjunction with a File Server to provide an alternative means of accessing and also provide domain authentication or am I way off base here?
That is pretty much what ZeroTier is for. The easiest way to use it though, is an all-or-nothing approach. Every computer runs it (AD Domain Controller, DNS servers, Workstations, Laptops). Otherwise, you get fun issues with DNS returning wrong IP addresses.
You mean even domain connected workstations? Is this just for mapping purposes?
Pretty much, yes. There are other ways you can do it and not have to install ZT on everybody's computer... but it can muddy the waters a bit.
If ZeroTier is linux compatible I wonder if you could turn a Raspberry Pi into an external NIC kind of like external hp jet direct cards.
Update: Oh my god they even have it for Rasbian.
They do? Nice!
I know they have binaries for Windows, Linux, Mac, and Android. You can build it yourself on other platforms (*BSD, and a few others).
Building from source isn't too bad on Linux.
Whenever I have a free minute I'm going to make this into a project. I just wish the Raspi were POE compatible.
-
I totally need to get a RPi.
-
@dafyre said:
I totally need to get a RPi.
I use them for scrolling marketing displays, honeypots, security cameras etc. They're great.
-
http://www.raspberry-pi-geek.com/Archive/2013/01/Converting-the-Raspberry-Pi-to-a-wireless-print-server FYI--doesnt have to be wireless obv
-
@wirestyle22 said:
@dafyre said:
@wirestyle22 said:
@dafyre said:
@wirestyle22 said:
@dafyre said:
@wirestyle22 said:
Is it possible to use this in conjunction with a File Server to provide an alternative means of accessing and also provide domain authentication or am I way off base here?
That is pretty much what ZeroTier is for. The easiest way to use it though, is an all-or-nothing approach. Every computer runs it (AD Domain Controller, DNS servers, Workstations, Laptops). Otherwise, you get fun issues with DNS returning wrong IP addresses.
You mean even domain connected workstations? Is this just for mapping purposes?
Pretty much, yes. There are other ways you can do it and not have to install ZT on everybody's computer... but it can muddy the waters a bit.
If ZeroTier is linux compatible I wonder if you could turn a Raspberry Pi into an external NIC kind of like external hp jet direct cards.
Update: Oh my god they even have it for Rasbian.
They do? Nice!
I know they have binaries for Windows, Linux, Mac, and Android. You can build it yourself on other platforms (*BSD, and a few others).
Building from source isn't too bad on Linux.
Whenever I have a free minute I'm going to make this into a project. I just wish the Raspi were POE compatible.
Like @wirestyle22 linked you, all you need to make a Raspi PoE is a converter on the Pi's end.
-
@travisdh1 said:
@wirestyle22 said:
@dafyre said:
@wirestyle22 said:
@dafyre said:
@wirestyle22 said:
@dafyre said:
@wirestyle22 said:
Is it possible to use this in conjunction with a File Server to provide an alternative means of accessing and also provide domain authentication or am I way off base here?
That is pretty much what ZeroTier is for. The easiest way to use it though, is an all-or-nothing approach. Every computer runs it (AD Domain Controller, DNS servers, Workstations, Laptops). Otherwise, you get fun issues with DNS returning wrong IP addresses.
You mean even domain connected workstations? Is this just for mapping purposes?
Pretty much, yes. There are other ways you can do it and not have to install ZT on everybody's computer... but it can muddy the waters a bit.
If ZeroTier is linux compatible I wonder if you could turn a Raspberry Pi into an external NIC kind of like external hp jet direct cards.
Update: Oh my god they even have it for Rasbian.
They do? Nice!
I know they have binaries for Windows, Linux, Mac, and Android. You can build it yourself on other platforms (*BSD, and a few others).
Building from source isn't too bad on Linux.
Whenever I have a free minute I'm going to make this into a project. I just wish the Raspi were POE compatible.
Like @wirestyle22 linked you, all you need to make a Raspi PoE is a converter on the Pi's end.
I've seen them but have no experience with them. Have you done this yourself?
-
@wirestyle22 said:
@travisdh1 said:
@wirestyle22 said:
@dafyre said:
@wirestyle22 said:
@dafyre said:
@wirestyle22 said:
@dafyre said:
@wirestyle22 said:
Is it possible to use this in conjunction with a File Server to provide an alternative means of accessing and also provide domain authentication or am I way off base here?
That is pretty much what ZeroTier is for. The easiest way to use it though, is an all-or-nothing approach. Every computer runs it (AD Domain Controller, DNS servers, Workstations, Laptops). Otherwise, you get fun issues with DNS returning wrong IP addresses.
You mean even domain connected workstations? Is this just for mapping purposes?
Pretty much, yes. There are other ways you can do it and not have to install ZT on everybody's computer... but it can muddy the waters a bit.
If ZeroTier is linux compatible I wonder if you could turn a Raspberry Pi into an external NIC kind of like external hp jet direct cards.
Update: Oh my god they even have it for Rasbian.
They do? Nice!
I know they have binaries for Windows, Linux, Mac, and Android. You can build it yourself on other platforms (*BSD, and a few others).
Building from source isn't too bad on Linux.
Whenever I have a free minute I'm going to make this into a project. I just wish the Raspi were POE compatible.
Like @wirestyle22 linked you, all you need to make a Raspi PoE is a converter on the Pi's end.
I've seen them but have no experience with them. Have you done this yourself?
Not yet, just been very tempted.
-
@wirestyle22 said:
How does ZeroTier handle updates? Are they just individual client based or can you use something similar to WSUS to update it?
-
They're just individual client based. You can deploy the software and all via your favorite method, but you still have to join the devices to your ZT network, and that requires some manual labor on the controller. ZT Won't let a device on your network unless you authorize it in the controller (generally their web site).
-
@dafyre said:
They're just individual client based. You can deploy the software and all via your favorite method, but you still have to join the devices to your ZT network, and that requires some manual labor on the controller. ZT Won't let a device on your network unless you authorize it in the controller (generally their web site).
I like that.
-
Yeah. It's really slick the way they do it, and it does work relatively well. I was out for 2 weeks when I got my cochlear implant a few months ago. I spent one of those weeks working from home using ZeroTier to connect to my office machine.
-
@dafyre said:
Yeah. It's really slick the way they do it, and it does work relatively well. I was out for 2 weeks when I got my cochlear implant a few months ago. I spent one of those weeks working from home using ZeroTier to connect to my office machine.
We currently have everyone connecting through an RDP client to a Terminal Server. I inherited this network and they do not embrace any kind of change here
-
@wirestyle22 said:
@dafyre said:
Yeah. It's really slick the way they do it, and it does work relatively well. I was out for 2 weeks when I got my cochlear implant a few months ago. I spent one of those weeks working from home using ZeroTier to connect to my office machine.
We currently have everyone connecting through an RDP client to a Terminal Server. I inherited this network and they do not embrace any kind of change here
I definintely know how that is!
-
Well this chain went on quite a ways and I read Scott's posts. I will agree that originally it was for larger companies.. Facebook uses SD WAN instead of MPLS. However, SD WAN is a good alternative for MPLS actually.
I agree it does make more sense with bigger companies, however this is how it works and why it is advantageous.
SD Wan like Aryaka allows you to choose the best Edge provider in your geographic regions. Then the SD Wan provider has NTN interfaces with all the carriers and with the shortest amount of hops brings the traffic back onto their backbone.
However, you could very easily build your own solution. Simply build out strategic data center locations nation wide and geographically have your end user sites VPN to the data center and connect your data center over their backbone or set up Gig Wave circuits between sites.
This is becomming the standard for multi-site scenarios. Anyone who has 4 or 5 sites and wants to use a single carrier for MPLS can attest that certain sites when they price out are more expensive because they are offnet. SD WAN is providing a realistic alternative for this while keeping latency low and being able to tag packets for priority for voice and Video.
-
@TeleFox Well said. Thanks for the feedback
-
@TeleFox said:
However, you could very easily build your own solution. Simply build out strategic data center locations nation wide and geographically have your end user sites VPN to the data center and connect your data center over their backbone or set up Gig Wave circuits between sites.
.This is what Pertino has always done before the SD-WAN term was around. Central connection points in datacenters all over the world and dynamically changing the paths as needed. It was just called SDN and was just a dynamic balancing on a VPN backend before the new marketing term came around.
