Computers & Hardware > Networking

Home lab / thesis project / dual provider SD-WAN

(1/6) > >>

niemand:
Folks,

This is a bit of a placeholder thread that will be added to as I go on and might be interesting for those so inclined.

My home network is, intentionally, relatively simple right now. I'm about to blur the distinction between my MSc lab, my work lab and the home network.

What's about to happen is:

Replace Virgin Media Business with 2 x VDSL lines.

Build an SD-WAN using full IKE-less IPSEC across those two carriers to an SD-WAN instance running in AWS. The edge of my network will be an SD-WAN appliance, with VDSL modems on its two WAN ports. The AWS instance will be the hub of the network.

Along with this having a hardware appliance coming on the road with me as I travel for business that will also be part of the fabric.

Have 4 virtual SD-WAN appliances, with public IPs on one WAN port and private addressing on the other to simulate MPLS, each with a single Linux VM behind them as a virtual client machine.

A wireless access point will of course be present.

The 4 publicly addressed SD-WAN VMs will actually use an L2TP tunnel so that they are logically outside the LAN of the edge SD-WAN appliance. It will just see a stream of L2TP which it will be required not to send to AWS.

As part of the build SSL decryption will be used, zone-based security, DPI firewalling and proprietary application identification.

There will then be various attacks on provisioning process and externally to try and spoof nodes, DoS them or compromise their communication.

Might make an interesting thread.

kitz:
Should make an interesting read.  :)
But before you get going may I ask a quick question to satisfy my own curiosity or fill in on something I may have missed.  I  saw you mention it in another thread too, but don't want to derail things too much, so a one liner will do as to why you are doing this. 

>> Replace Virgin Media Business with 2 x VDSL lines.

burakkucat:
Hmm . . . Yes, it does look interesting. So I shall be watching.  :)

niemand:

--- Quote from: kitz on September 22, 2018, 05:45:12 PM ---Should make an interesting read.  :)
But before you get going may I ask a quick question to satisfy my own curiosity or fill in on something I may have missed.  I  saw you mention it in another thread too, but don't want to derail things too much, so a one liner will do as to why you are doing this. 

>> Replace Virgin Media Business with 2 x VDSL lines.

--- End quote ---

Sure!

My home office is not so much a home office as it is a branch office. It holds lab facilities that I and others in my team use. It also runs all the applications a 'power user' runs, as well as being my VPN back home to my content.

I was told higher uploads were on the way in 2016 and would arrive on business tiers first. They were trialed in 2015. They don't seem any closer. 20Mb is not enough to run home, branch office and road warrior services. For the same price I can get 38Mb out of 2 VDSL lines so sayonara VM, and may your complacency and arrogance bite you in the future if the competition catch up leaving you scampering to upgrade and release the products you haven't bothered to, preferring (allegedly) executive compensation.

Weaver:
CarlT - will be watching with interest. Some links to reading matter for remedial and relatively geriatric users such as myself appreciated.

Navigation

[0] Message Index

[#] Next page