Port - How to go about setting up a client to be virtualized?

StorageNinja

@scottalanmiller said in Port - How to go about setting up a client to be virtualized?:

A VPN adds overhead and latency

You sir, have not seen what a pair of Brocade MLXe's can do with a dark fiber connection. A fully loaded chassis could push 1.2Tbps of IPSEC traffic at wire speed.

Shitty consumer grade, no crypto ASIC stuff? Yah, there are limits. The latency your complaining about? That's likely from trying to run UDP real time protocols WITHOUT configuring datagram TLS? OUCH. Yah that's gonna suck. Use a real VPN appliance that will support dTLS.

Dashrender

@storageninja said in Port - How to go about setting up a client to be virtualized?:

@scottalanmiller said in Port - How to go about setting up a client to be virtualized?:

A VPN adds overhead and latency

You sir, have not seen what a pair of Brocade MLXe's can do with a dark fiber connection. A fully loaded chassis could push 1.2Tbps of IPSEC traffic at wire speed.

Shitty consumer grade, no crypto ASIC stuff? Yah, there are limits. The latency your complaining about? That's likely from trying to run UDP real time protocols WITHOUT configuring datagram TLS? OUCH. Yah that's gonna suck. Use a real VPN appliance that will support dTLS.

What is the cost of stuff like that? Recall that most people here come from SMBs where we are now recommending ER-L firewalls that cost $150 or less.

stacksofplates

@dashrender said in Port - How to go about setting up a client to be virtualized?:

@storageninja said in Port - How to go about setting up a client to be virtualized?:

@scottalanmiller said in Port - How to go about setting up a client to be virtualized?:

A VPN adds overhead and latency

You sir, have not seen what a pair of Brocade MLXe's can do with a dark fiber connection. A fully loaded chassis could push 1.2Tbps of IPSEC traffic at wire speed.

Shitty consumer grade, no crypto ASIC stuff? Yah, there are limits. The latency your complaining about? That's likely from trying to run UDP real time protocols WITHOUT configuring datagram TLS? OUCH. Yah that's gonna suck. Use a real VPN appliance that will support dTLS.

What is the cost of stuff like that? Recall that most people here come from SMBs where we are now recommending ER-L firewalls that cost $150 or less.

I don't think that was the point of his post.

Dashrender

@stacksofplates said in Port - How to go about setting up a client to be virtualized?:

@dashrender said in Port - How to go about setting up a client to be virtualized?:

@storageninja said in Port - How to go about setting up a client to be virtualized?:

@scottalanmiller said in Port - How to go about setting up a client to be virtualized?:

A VPN adds overhead and latency

You sir, have not seen what a pair of Brocade MLXe's can do with a dark fiber connection. A fully loaded chassis could push 1.2Tbps of IPSEC traffic at wire speed.

Shitty consumer grade, no crypto ASIC stuff? Yah, there are limits. The latency your complaining about? That's likely from trying to run UDP real time protocols WITHOUT configuring datagram TLS? OUCH. Yah that's gonna suck. Use a real VPN appliance that will support dTLS.

What is the cost of stuff like that? Recall that most people here come from SMBs where we are now recommending ER-L firewalls that cost $150 or less.

I don't think that was the point of his post.

my question still stands.

stacksofplates

@dashrender said in Port - How to go about setting up a client to be virtualized?:

@stacksofplates said in Port - How to go about setting up a client to be virtualized?:

@dashrender said in Port - How to go about setting up a client to be virtualized?:

@storageninja said in Port - How to go about setting up a client to be virtualized?:

@scottalanmiller said in Port - How to go about setting up a client to be virtualized?:

A VPN adds overhead and latency

You sir, have not seen what a pair of Brocade MLXe's can do with a dark fiber connection. A fully loaded chassis could push 1.2Tbps of IPSEC traffic at wire speed.

Shitty consumer grade, no crypto ASIC stuff? Yah, there are limits. The latency your complaining about? That's likely from trying to run UDP real time protocols WITHOUT configuring datagram TLS? OUCH. Yah that's gonna suck. Use a real VPN appliance that will support dTLS.

What is the cost of stuff like that? Recall that most people here come from SMBs where we are now recommending ER-L firewalls that cost $150 or less.

I don't think that was the point of his post.

my question still stands.

Expensive. But again, that wasn't his point. ASIC offloading and dTLS aren't only available in those. Ubiquiti does crypto ASIC. Last place I worked we did 3D CAD with SolidWorks over ZeroTier and it wasn't bad. There is likely some serious tuning that could be done here.

luismc

@stacksofplates said in Port - How to go about setting up a client to be virtualized?:

@dashrender said in Port - How to go about setting up a client to be virtualized?:

@stacksofplates said in Port - How to go about setting up a client to be virtualized?:

@dashrender said in Port - How to go about setting up a client to be virtualized?:

@storageninja said in Port - How to go about setting up a client to be virtualized?:

@scottalanmiller said in Port - How to go about setting up a client to be virtualized?:

A VPN adds overhead and latency

You sir, have not seen what a pair of Brocade MLXe's can do with a dark fiber connection. A fully loaded chassis could push 1.2Tbps of IPSEC traffic at wire speed.

Shitty consumer grade, no crypto ASIC stuff? Yah, there are limits. The latency your complaining about? That's likely from trying to run UDP real time protocols WITHOUT configuring datagram TLS? OUCH. Yah that's gonna suck. Use a real VPN appliance that will support dTLS.

What is the cost of stuff like that? Recall that most people here come from SMBs where we are now recommending ER-L firewalls that cost $150 or less.

I don't think that was the point of his post.

my question still stands.

Expensive. But again, that wasn't his point. ASIC offloading and dTLS aren't only available in those. Ubiquiti does crypto ASIC. Last place I worked we did 3D CAD with SolidWorks over ZeroTier and it wasn't bad. There is likely some serious tuning that could be done here.

ZeroTier looks pretty dope. I'm curious to set this up and see how well it behaves.

scottalanmiller

@luismc said in Port - How to go about setting up a client to be virtualized?:

@stacksofplates said in Port - How to go about setting up a client to be virtualized?:

@dashrender said in Port - How to go about setting up a client to be virtualized?:

@stacksofplates said in Port - How to go about setting up a client to be virtualized?:

@dashrender said in Port - How to go about setting up a client to be virtualized?:

@storageninja said in Port - How to go about setting up a client to be virtualized?:

@scottalanmiller said in Port - How to go about setting up a client to be virtualized?:

A VPN adds overhead and latency

You sir, have not seen what a pair of Brocade MLXe's can do with a dark fiber connection. A fully loaded chassis could push 1.2Tbps of IPSEC traffic at wire speed.

Shitty consumer grade, no crypto ASIC stuff? Yah, there are limits. The latency your complaining about? That's likely from trying to run UDP real time protocols WITHOUT configuring datagram TLS? OUCH. Yah that's gonna suck. Use a real VPN appliance that will support dTLS.

What is the cost of stuff like that? Recall that most people here come from SMBs where we are now recommending ER-L firewalls that cost $150 or less.

I don't think that was the point of his post.

my question still stands.

Expensive. But again, that wasn't his point. ASIC offloading and dTLS aren't only available in those. Ubiquiti does crypto ASIC. Last place I worked we did 3D CAD with SolidWorks over ZeroTier and it wasn't bad. There is likely some serious tuning that could be done here.

ZeroTier looks pretty dope. I'm curious to set this up and see how well it behaves.

A lot of us have used it, it's a really cool product. Their founder is here in the community, too.

luismc

@dashrender said in Port - How to go about setting up a client to be virtualized?:

As for Sharepoint - You don't get that much storage in Sharepoint in O365, so you'll likely be paying for more storage there. Sharepoint also has a number of files per site limit, just something else to watch out for.

For future reference to anyone wondering, I spoke to three different O365 reps today and they said the limit has been bumped to 1 million items so we'll be good for a while!

scottalanmiller

@luismc said in Port - How to go about setting up a client to be virtualized?:

@dashrender said in Port - How to go about setting up a client to be virtualized?:

As for Sharepoint - You don't get that much storage in Sharepoint in O365, so you'll likely be paying for more storage there. Sharepoint also has a number of files per site limit, just something else to watch out for.

For future reference to anyone wondering, I spoke to three different O365 reps today and they said the limit has been bumped to 1 million items so we'll be good for a while!

That's a bit more!