Co-lo + 5 (or more) sites....connect 'em all
-
I'm up to 3 sites for the moment. Once of them goes away in about 2 weeks.
I connect them all via ZeroTier.
-
@Aaron-Studer said in Co-lo + 5 (or more) sites....connect 'em all:
My question is why? Why setup ZT instead of site to site on all the devices?
I suppose one answer could be, because it's just a single setup, instead of 5 setups.
-
@Dashrender said in Co-lo + 5 (or more) sites....connect 'em all:
@Aaron-Studer said in Co-lo + 5 (or more) sites....connect 'em all:
My question is why? Why setup ZT instead of site to site on all the devices?
I suppose one answer could be, because it's just a single setup, instead of 5 setups.
WTF?
FFS, the question is about connecting multiple colo's. Do you only have one thing in each colo? Most don't. The OP specifically mentioned multiple thigns.
-
@dafyre said in Co-lo + 5 (or more) sites....connect 'em all:
I'm up to 3 sites for the moment. Once of them goes away in about 2 weeks.
I connect them all via ZeroTier.
How's the speeds between sites?
-
@dafyre said in Co-lo + 5 (or more) sites....connect 'em all:
I'm up to 3 sites for the moment. Once of them goes away in about 2 weeks.
I connect them all via ZeroTier.
This is you: https://mangolassi.it/topic/19493/zerotier-site-to-site
How has it worked out so far? -
@JaredBusch said in Co-lo + 5 (or more) sites....connect 'em all:
@Dashrender said in Co-lo + 5 (or more) sites....connect 'em all:
@Aaron-Studer said in Co-lo + 5 (or more) sites....connect 'em all:
My question is why? Why setup ZT instead of site to site on all the devices?
I suppose one answer could be, because it's just a single setup, instead of 5 setups.
WTF?
FFS, the question is about connecting multiple colo's. Do you only have one thing in each colo? Most don't. The OP specifically mentioned multiple thigns.
You smokin?
"The co-lo has all the gear (servers, voip, apps, file shares etc).
You have 5 (or more) sites that "connect" to the co-lo." -
@Pete-S said in Co-lo + 5 (or more) sites....connect 'em all:
@JaredBusch said in Co-lo + 5 (or more) sites....connect 'em all:
@Dashrender said in Co-lo + 5 (or more) sites....connect 'em all:
@Aaron-Studer said in Co-lo + 5 (or more) sites....connect 'em all:
My question is why? Why setup ZT instead of site to site on all the devices?
I suppose one answer could be, because it's just a single setup, instead of 5 setups.
WTF?
FFS, the question is about connecting multiple colo's. Do you only have one thing in each colo? Most don't. The OP specifically mentioned multiple thigns.
You smokin?
"The co-lo has all the gear (servers, voip, apps, file shares etc).
You have 5 (or more) sites that "connect" to the co-lo."What we aren't told - is there a firewall in front of all of that stuff at the co-lo, or is it all directly on the internet? Then the OP asks - can ZT be installed on ER? I'll admit I was assuming an ER at each location, and at the co-lo in front of all of that gear.
-
@Pete-S said in Co-lo + 5 (or more) sites....connect 'em all:
@JaredBusch said in Co-lo + 5 (or more) sites....connect 'em all:
@Dashrender said in Co-lo + 5 (or more) sites....connect 'em all:
@Aaron-Studer said in Co-lo + 5 (or more) sites....connect 'em all:
My question is why? Why setup ZT instead of site to site on all the devices?
I suppose one answer could be, because it's just a single setup, instead of 5 setups.
WTF?
FFS, the question is about connecting multiple colo's. Do you only have one thing in each colo? Most don't. The OP specifically mentioned multiple thigns.
You smokin?
Totally.
"The co-lo has all the gear (servers, voip, apps, file shares etc).
You have 5 (or more) sites that "connect" to the co-lo."But the point was valid even if I used the wrong terms Multiple sites with multiple things. not singe server point to point like @Dashrender said.
-
@Dashrender said in Co-lo + 5 (or more) sites....connect 'em all:
@Pete-S said in Co-lo + 5 (or more) sites....connect 'em all:
@JaredBusch said in Co-lo + 5 (or more) sites....connect 'em all:
@Dashrender said in Co-lo + 5 (or more) sites....connect 'em all:
@Aaron-Studer said in Co-lo + 5 (or more) sites....connect 'em all:
My question is why? Why setup ZT instead of site to site on all the devices?
I suppose one answer could be, because it's just a single setup, instead of 5 setups.
WTF?
FFS, the question is about connecting multiple colo's. Do you only have one thing in each colo? Most don't. The OP specifically mentioned multiple thigns.
You smokin?
"The co-lo has all the gear (servers, voip, apps, file shares etc).
You have 5 (or more) sites that "connect" to the co-lo."What we aren't told - is there a firewall in front of all of that stuff at the co-lo, or is it all directly on the internet? Then the OP asks - can ZT be installed on ER? I'll admit I was assuming an ER at each location, and at the co-lo in front of all of that gear.
Yes, the plan is an ER in front at all locations (that plan isn't set in stone)
-
@JaredBusch said in Co-lo + 5 (or more) sites....connect 'em all:
@Pete-S said in Co-lo + 5 (or more) sites....connect 'em all:
@JaredBusch said in Co-lo + 5 (or more) sites....connect 'em all:
@Dashrender said in Co-lo + 5 (or more) sites....connect 'em all:
@Aaron-Studer said in Co-lo + 5 (or more) sites....connect 'em all:
My question is why? Why setup ZT instead of site to site on all the devices?
I suppose one answer could be, because it's just a single setup, instead of 5 setups.
WTF?
FFS, the question is about connecting multiple colo's. Do you only have one thing in each colo? Most don't. The OP specifically mentioned multiple thigns.
You smokin?
Totally.
"The co-lo has all the gear (servers, voip, apps, file shares etc).
You have 5 (or more) sites that "connect" to the co-lo."But the point was valid even if I used the wrong terms Multiple sites with multiple things. not singe server point to point like @Dashrender said.
Correct, multiple sites, multiple things.
-
@FATeknollogee said in Co-lo + 5 (or more) sites....connect 'em all:
@Dashrender said in Co-lo + 5 (or more) sites....connect 'em all:
@Pete-S said in Co-lo + 5 (or more) sites....connect 'em all:
@JaredBusch said in Co-lo + 5 (or more) sites....connect 'em all:
@Dashrender said in Co-lo + 5 (or more) sites....connect 'em all:
@Aaron-Studer said in Co-lo + 5 (or more) sites....connect 'em all:
My question is why? Why setup ZT instead of site to site on all the devices?
I suppose one answer could be, because it's just a single setup, instead of 5 setups.
WTF?
FFS, the question is about connecting multiple colo's. Do you only have one thing in each colo? Most don't. The OP specifically mentioned multiple thigns.
You smokin?
"The co-lo has all the gear (servers, voip, apps, file shares etc).
You have 5 (or more) sites that "connect" to the co-lo."What we aren't told - is there a firewall in front of all of that stuff at the co-lo, or is it all directly on the internet? Then the OP asks - can ZT be installed on ER? I'll admit I was assuming an ER at each location, and at the co-lo in front of all of that gear.
Yes, the plan is an ER in front at all locations (that plan isn't set in stone)
We did this for a company from their colo but NOT with ZT, ERs using their native, much faster IPSec.
-
@scottalanmiller said in Co-lo + 5 (or more) sites....connect 'em all:
@FATeknollogee said in Co-lo + 5 (or more) sites....connect 'em all:
@Dashrender said in Co-lo + 5 (or more) sites....connect 'em all:
@Pete-S said in Co-lo + 5 (or more) sites....connect 'em all:
@JaredBusch said in Co-lo + 5 (or more) sites....connect 'em all:
@Dashrender said in Co-lo + 5 (or more) sites....connect 'em all:
@Aaron-Studer said in Co-lo + 5 (or more) sites....connect 'em all:
My question is why? Why setup ZT instead of site to site on all the devices?
I suppose one answer could be, because it's just a single setup, instead of 5 setups.
WTF?
FFS, the question is about connecting multiple colo's. Do you only have one thing in each colo? Most don't. The OP specifically mentioned multiple thigns.
You smokin?
"The co-lo has all the gear (servers, voip, apps, file shares etc).
You have 5 (or more) sites that "connect" to the co-lo."What we aren't told - is there a firewall in front of all of that stuff at the co-lo, or is it all directly on the internet? Then the OP asks - can ZT be installed on ER? I'll admit I was assuming an ER at each location, and at the co-lo in front of all of that gear.
Yes, the plan is an ER in front at all locations (that plan isn't set in stone)
We did this for a company from their colo but NOT with ZT, ERs using their native, much faster IPSec.
Did you use Route based VPN?
https://help.ubnt.com/hc/en-us/articles/115011377588-EdgeRouter-IPsec-Route-Based-VTI-Site-to-Site-VPN -
@FATeknollogee said in Co-lo + 5 (or more) sites....connect 'em all:
@scottalanmiller said in Co-lo + 5 (or more) sites....connect 'em all:
@FATeknollogee said in Co-lo + 5 (or more) sites....connect 'em all:
@Dashrender said in Co-lo + 5 (or more) sites....connect 'em all:
@Pete-S said in Co-lo + 5 (or more) sites....connect 'em all:
@JaredBusch said in Co-lo + 5 (or more) sites....connect 'em all:
@Dashrender said in Co-lo + 5 (or more) sites....connect 'em all:
@Aaron-Studer said in Co-lo + 5 (or more) sites....connect 'em all:
My question is why? Why setup ZT instead of site to site on all the devices?
I suppose one answer could be, because it's just a single setup, instead of 5 setups.
WTF?
FFS, the question is about connecting multiple colo's. Do you only have one thing in each colo? Most don't. The OP specifically mentioned multiple thigns.
You smokin?
"The co-lo has all the gear (servers, voip, apps, file shares etc).
You have 5 (or more) sites that "connect" to the co-lo."What we aren't told - is there a firewall in front of all of that stuff at the co-lo, or is it all directly on the internet? Then the OP asks - can ZT be installed on ER? I'll admit I was assuming an ER at each location, and at the co-lo in front of all of that gear.
Yes, the plan is an ER in front at all locations (that plan isn't set in stone)
We did this for a company from their colo but NOT with ZT, ERs using their native, much faster IPSec.
Did you use Route based VPN?
https://help.ubnt.com/hc/en-us/articles/115011377588-EdgeRouter-IPsec-Route-Based-VTI-Site-to-Site-VPNI've done both. No idea on speed difference. never ran in to router limits with both methods.
-
@JaredBusch said in Co-lo + 5 (or more) sites....connect 'em all:
@FATeknollogee said in Co-lo + 5 (or more) sites....connect 'em all:
@scottalanmiller said in Co-lo + 5 (or more) sites....connect 'em all:
@FATeknollogee said in Co-lo + 5 (or more) sites....connect 'em all:
@Dashrender said in Co-lo + 5 (or more) sites....connect 'em all:
@Pete-S said in Co-lo + 5 (or more) sites....connect 'em all:
@JaredBusch said in Co-lo + 5 (or more) sites....connect 'em all:
@Dashrender said in Co-lo + 5 (or more) sites....connect 'em all:
@Aaron-Studer said in Co-lo + 5 (or more) sites....connect 'em all:
My question is why? Why setup ZT instead of site to site on all the devices?
I suppose one answer could be, because it's just a single setup, instead of 5 setups.
WTF?
FFS, the question is about connecting multiple colo's. Do you only have one thing in each colo? Most don't. The OP specifically mentioned multiple thigns.
You smokin?
"The co-lo has all the gear (servers, voip, apps, file shares etc).
You have 5 (or more) sites that "connect" to the co-lo."What we aren't told - is there a firewall in front of all of that stuff at the co-lo, or is it all directly on the internet? Then the OP asks - can ZT be installed on ER? I'll admit I was assuming an ER at each location, and at the co-lo in front of all of that gear.
Yes, the plan is an ER in front at all locations (that plan isn't set in stone)
We did this for a company from their colo but NOT with ZT, ERs using their native, much faster IPSec.
Did you use Route based VPN?
https://help.ubnt.com/hc/en-us/articles/115011377588-EdgeRouter-IPsec-Route-Based-VTI-Site-to-Site-VPNI've done both. No idea on speed difference. never ran in to router limits with both methods.
Ease of setup/ability to add more sites, one method vs the other?
-
@FATeknollogee said in Co-lo + 5 (or more) sites....connect 'em all:
@dafyre said in Co-lo + 5 (or more) sites....connect 'em all:
I'm up to 3 sites for the moment. Once of them goes away in about 2 weeks.
I connect them all via ZeroTier.
How's the speeds between sites?
Speeds were good. I don't remember what they were, but I transferred 1TB of stuff over ZT without any issues.
-
@FATeknollogee said in Co-lo + 5 (or more) sites....connect 'em all:
@dafyre said in Co-lo + 5 (or more) sites....connect 'em all:
I'm up to 3 sites for the moment. Once of them goes away in about 2 weeks.
I connect them all via ZeroTier.
This is you: https://mangolassi.it/topic/19493/zerotier-site-to-site
How has it worked out so far?Yeah, that's me, and it's been great. I haven't had any problems with it at all.
-
@scottalanmiller said in Co-lo + 5 (or more) sites....connect 'em all:
@FATeknollogee said in Co-lo + 5 (or more) sites....connect 'em all:
@Dashrender said in Co-lo + 5 (or more) sites....connect 'em all:
@Pete-S said in Co-lo + 5 (or more) sites....connect 'em all:
@JaredBusch said in Co-lo + 5 (or more) sites....connect 'em all:
@Dashrender said in Co-lo + 5 (or more) sites....connect 'em all:
@Aaron-Studer said in Co-lo + 5 (or more) sites....connect 'em all:
My question is why? Why setup ZT instead of site to site on all the devices?
I suppose one answer could be, because it's just a single setup, instead of 5 setups.
WTF?
FFS, the question is about connecting multiple colo's. Do you only have one thing in each colo? Most don't. The OP specifically mentioned multiple thigns.
You smokin?
"The co-lo has all the gear (servers, voip, apps, file shares etc).
You have 5 (or more) sites that "connect" to the co-lo."What we aren't told - is there a firewall in front of all of that stuff at the co-lo, or is it all directly on the internet? Then the OP asks - can ZT be installed on ER? I'll admit I was assuming an ER at each location, and at the co-lo in front of all of that gear.
Yes, the plan is an ER in front at all locations (that plan isn't set in stone)
We did this for a company from their colo but NOT with ZT, ERs using their native, much faster IPSec.
Which is what i was mentioning up top.
-
@FATeknollogee said in Co-lo + 5 (or more) sites....connect 'em all:
@JaredBusch said in Co-lo + 5 (or more) sites....connect 'em all:
@FATeknollogee said in Co-lo + 5 (or more) sites....connect 'em all:
@scottalanmiller said in Co-lo + 5 (or more) sites....connect 'em all:
@FATeknollogee said in Co-lo + 5 (or more) sites....connect 'em all:
@Dashrender said in Co-lo + 5 (or more) sites....connect 'em all:
@Pete-S said in Co-lo + 5 (or more) sites....connect 'em all:
@JaredBusch said in Co-lo + 5 (or more) sites....connect 'em all:
@Dashrender said in Co-lo + 5 (or more) sites....connect 'em all:
@Aaron-Studer said in Co-lo + 5 (or more) sites....connect 'em all:
My question is why? Why setup ZT instead of site to site on all the devices?
I suppose one answer could be, because it's just a single setup, instead of 5 setups.
WTF?
FFS, the question is about connecting multiple colo's. Do you only have one thing in each colo? Most don't. The OP specifically mentioned multiple thigns.
You smokin?
"The co-lo has all the gear (servers, voip, apps, file shares etc).
You have 5 (or more) sites that "connect" to the co-lo."What we aren't told - is there a firewall in front of all of that stuff at the co-lo, or is it all directly on the internet? Then the OP asks - can ZT be installed on ER? I'll admit I was assuming an ER at each location, and at the co-lo in front of all of that gear.
Yes, the plan is an ER in front at all locations (that plan isn't set in stone)
We did this for a company from their colo but NOT with ZT, ERs using their native, much faster IPSec.
Did you use Route based VPN?
https://help.ubnt.com/hc/en-us/articles/115011377588-EdgeRouter-IPsec-Route-Based-VTI-Site-to-Site-VPNI've done both. No idea on speed difference. never ran in to router limits with both methods.
Ease of setup/ability to add more sites, one method vs the other?
Well, once you have ZT setup, adding another site is likely the easiest. You just add ZT on a new ER, join the mesh and you're done.
With site to site VPN, you'd have to build the tunnel on both ER's (the co-lo and the new site). Not that this is hard, just possible a tiny more amount of work.
-
@Dashrender said in Co-lo + 5 (or more) sites....connect 'em all:
Well, once you have ZT setup, adding another site is likely the easiest. You just add ZT on a new ER, join the mesh and you're done.
Who has done this ZT on ER install?
The previous blog post seems to imply heavy/high CPU usage, wondering how this would affect performance? -
@FATeknollogee said in Co-lo + 5 (or more) sites....connect 'em all:
The previous blog post seems to imply heavy/high CPU usage, wondering how this would affect performance?
We'd expect a bit. OpenVPN does as it is. SSL VPNs take a toll on performance.
