2 Dec
2021
2 Dec
'21
5:03 p.m.
You are correct. You just literally described what my company does. We
create DTLS tunnels from an on-Prem device, or virtual appliances in AWS /
Azure. We also support IPSEC imto our cloud as well.
We will consume and share BGP routes to interop with customer networks that
have other connections outside of our control.
This isn’t that out of the ordinary.
On Thu, Dec 2, 2021 at 4:04 PM John Burwell via 44Net <
44net(a)mailman.ampr.org> wrote:
Thanks for sharing. I see this has been around a while, but I hadn’t run
into it
myself yet.
Apple is currently doing something like this with IPSEC and IPv6 for iCloud
users; pretty much any iCloud user is always on a private VPN with all
their other iCloud devices. And there are commercial enterprise SD-WAN
products and cloud providers that offer a similar approach for SMBs and
branch offices. Azure and AWS offer almost exactly this between virtual
networks, data centers, and regions, down to the private ASNs.
It’s nice to see a project built on open standards for the express purpose
of playing with it and learning about it. Seems very much like something
44net could benefit from studying carefully.
From: KUN LIN <dnwk(a)linkun.info>
To: "44net(a)mailman.ampr.org"
<44net(a)mailman.ampr.org>
Cc:
Bcc:
Date: Thu, 2 Dec 2021 18:48:49 +0000
Subject: [44net] DN42 for 44net?
https://dn42.dev/Home
Just discover this new thing where it will create mesh networks and even
BGP via VPN tunnels. This maybe an interesting way for 44net to
considering
implement.
dn42 is a big dynamic VPN<
https://en.wikipedia.org/wiki/Virtual_private_network>gt;, which employs
Internet technologies (BGP<https://en.wikipedia.org/wiki/Bgp>gp>, whois
database, DNS<https://en.wikipedia.org/wiki/Domain_Name_System>em>, etc).
Participants connect to each other using network tunnels (GRE<
https://dn42.dev/howto/GRE-on-FreeBSD>gt;, OpenVPN<
https://dn42.dev/howto/openvpn>gt;, WireGuard<
https://dn42.dev/howto/wireguard>gt;, Tinc<https://dn42.dev/howto/tinc>,
IPsec<https://dn42.dev/howto/IPsec-with-PublicKeys>) and exchange routes
thanks to the Border Gateway Protocol. Network addresses are assigned in
the 172.20.0.0/14 range and private AS numbers are used (see registry<
https://dn42.dev/services/Whois>) as well as IPv6 addresses from the
ULA-Range (fd00::/8) –
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net