Software Defined WAN

adam.ierymenko

@dafyre We've considered making a little appliance for this, or a ready-to-run Raspberry Pi image.

dafyre

@adam.ierymenko said:

@dafyre We've considered making a little appliance for this, or a ready-to-run Raspberry Pi image.

Appliance isn't a bad idea.

In regards to your other posts, yeah. I ran into the same issues, kinda. I was able to get it to work by adding routes on the devices that needed to talk across networks. A curious thought, though... Why not install a few ZT "routers" on each end of my network... Then I can let the local DHCP server hand out static routes to the ZeroTier subnets?

I think you and I are thinking at different levels of the stack, in some regards, aren't we? You're thinking down at the ethernet level, and I am thinking one notch up at the IP level?

Also when thinking about a bridge set up... what I envision when you say that is something like this:

192.168.100.1-128/24 --> ZT BRIDGE --> (other site) --> 192.168.100.129 - 254 / 24 ?

travisdh1

@adam.ierymenko said:

@dafyre We've considered making a little appliance for this, or a ready-to-run Raspberry Pi image.

Hrm, I might just pull my pi out of storage to make one weather you do an "official" one or not.

JaredBusch

@dafyre said:

@adam.ierymenko said:

@dafyre We've considered making a little appliance for this, or a ready-to-run Raspberry Pi image.

Appliance isn't a bad idea.

In regards to your other posts, yeah. I ran into the same issues, kinda. I was able to get it to work by adding routes on the devices that needed to talk across networks. A curious thought, though... Why not install a few ZT "routers" on each end of my network... Then I can let the local DHCP server hand out static routes to the ZeroTier subnets?

I think you and I are thinking at different levels of the stack, in some regards, aren't we? You're thinking down at the ethernet level, and I am thinking one notch up at the IP level?

Also when thinking about a bridge set up... what I envision when you say that is something like this:

192.168.100.1-128/24 --> ZT BRIDGE --> (other site) --> 192.168.100.129 - 254 / 24 ?

That description is a nightmare waiting to happen. You described a pair of /25 networks setup as a single /25 and want it all to be magic across a VPN.

It is an extremely bad idea.

Dashrender

@JaredBusch said:

@dafyre said:

@adam.ierymenko said:

@dafyre We've considered making a little appliance for this, or a ready-to-run Raspberry Pi image.

Appliance isn't a bad idea.

In regards to your other posts, yeah. I ran into the same issues, kinda. I was able to get it to work by adding routes on the devices that needed to talk across networks. A curious thought, though... Why not install a few ZT "routers" on each end of my network... Then I can let the local DHCP server hand out static routes to the ZeroTier subnets?

I think you and I are thinking at different levels of the stack, in some regards, aren't we? You're thinking down at the ethernet level, and I am thinking one notch up at the IP level?

Also when thinking about a bridge set up... what I envision when you say that is something like this:

192.168.100.1-128/24 --> ZT BRIDGE --> (other site) --> 192.168.100.129 - 254 / 24 ?

That description is a nightmare waiting to happen. You described a pair of /25 networks setup as a single /25 and want it all to be magic across a VPN.

It is an extremely bad idea.

Considering ZT - why is this any worse? Sure, if you are going to be that separate, then just make the separate networks, but there is no requirement to, just like there is no requirement to make separate networks in ZT.

scottalanmiller

@adam.ierymenko said:

@dafyre We've considered making a little appliance for this, or a ready-to-run Raspberry Pi image.

You need to get it into some vendor devices like Ubiquiti.

scottalanmiller

@JaredBusch said:

192.168.100.1-128/24 --> ZT BRIDGE --> (other site) --> 192.168.100.129 - 254 / 24 ?

That description is a nightmare waiting to happen. You described a pair of /25 networks setup as a single /25 and want it all to be magic across a VPN.

I keep rereading this trying to figure out the goal. But I think he just wants a /24 with roughly half the IPs used on one side and half on the other with bridging in between rather than ZT installed to each device.

Deleted74295

@scottalanmiller said:

@adam.ierymenko said:

@dafyre We've considered making a little appliance for this, or a ready-to-run Raspberry Pi image.

You need to get it into some vendor devices like Ubiquiti.

Oh grief no. Ubiquiti take ages to do anything, feature requests people have been begging for take ages.

Let us white box our own hardware Or setup a VM to do it.

scottalanmiller

@Breffni-Potter said:

@scottalanmiller said:

@adam.ierymenko said:

@dafyre We've considered making a little appliance for this, or a ready-to-run Raspberry Pi image.

You need to get it into some vendor devices like Ubiquiti.

Oh grief no. Ubiquiti take ages to do anything, feature requests people have been begging for take ages.

Let us white box our own hardware Or setup a VM to do it.

I wonder how hard adding it to Ubiquiti would be.

@adam-ierymenko has anyone tested on VyOS?

Deleted74295

@scottalanmiller said:

I wonder how hard adding it to Ubiquiti would be.

They'd probably do it but updates or new features would take light-years.

scottalanmiller

I meant for us to add ourselves. It's VyOS under there, you should be able to just install to it.

Dashrender

@scottalanmiller said:

I meant for us to add ourselves. It's VyOS under there, you should be able to just install to it.

The idea of installing software on a hardware firewall just seems creepy

dafyre

@JaredBusch said:

@dafyre said:

@adam.ierymenko said:

@dafyre We've considered making a little appliance for this, or a ready-to-run Raspberry Pi image.

Appliance isn't a bad idea.

In regards to your other posts, yeah. I ran into the same issues, kinda. I was able to get it to work by adding routes on the devices that needed to talk across networks. A curious thought, though... Why not install a few ZT "routers" on each end of my network... Then I can let the local DHCP server hand out static routes to the ZeroTier subnets?

I think you and I are thinking at different levels of the stack, in some regards, aren't we? You're thinking down at the ethernet level, and I am thinking one notch up at the IP level?

Also when thinking about a bridge set up... what I envision when you say that is something like this:

192.168.100.1-128/24 --> ZT BRIDGE --> (other site) --> 192.168.100.129 - 254 / 24 ?

That description is a nightmare waiting to happen. You described a pair of /25 networks setup as a single /25 and want it all to be magic across a VPN.

It is an extremely bad idea.

That is just what I see in my head when thinking about bridging ZT to an Ethernet device... but that's not how I've done it in practice.

dafyre

@scottalanmiller said:

I meant for us to add ourselves. It's VyOS under there, you should be able to just install to it.

I could build a VyOS VM and try to install it on that and see if it works or not.

wirestyle22

This is all interesting stuff. I can't wait to finish my server build. Here it is if you're interested: http://pcpartpicker.com/p/9gPqjX

travisdh1

@wirestyle22 said:

This is all interesting stuff. I can't wait to finish my server build. Here it is if you're interested: http://pcpartpicker.com/p/9gPqjX

Is this server for a home lab?

wirestyle22

@travisdh1 said:

@wirestyle22 said:

This is all interesting stuff. I can't wait to finish my server build. Here it is if you're interested: http://pcpartpicker.com/p/9gPqjX

Is this server for a home lab?

Yessir

travisdh1

@wirestyle22 said:

@travisdh1 said:

@wirestyle22 said:

This is all interesting stuff. I can't wait to finish my server build. Here it is if you're interested: http://pcpartpicker.com/p/9gPqjX

Is this server for a home lab?

Yessir

Nice!

wirestyle22

@travisdh1 said:

@wirestyle22 said:

@travisdh1 said:

@wirestyle22 said:

This is all interesting stuff. I can't wait to finish my server build. Here it is if you're interested: http://pcpartpicker.com/p/9gPqjX

Is this server for a home lab?

Yessir

Nice!

I'm going to experiment with SSD caching on a software raid using ZFS Striped Mirrored Vdev’s as well as a ton of VM testing.

travisdh1

@wirestyle22 said:

@travisdh1 said:

@wirestyle22 said:

@travisdh1 said:

@wirestyle22 said:

This is all interesting stuff. I can't wait to finish my server build. Here it is if you're interested: http://pcpartpicker.com/p/9gPqjX

Is this server for a home lab?

Yessir

Nice!

I'm going to experiment with SSD caching on a software raid using ZFS Striped Mirrored Vdev’s as well as a ton of VM testing.

Just curious, which hypervisor are you planning to use? I'm assuming you'll be passing the drives through to a vm running the storage?