VPN: Difference between revisions
No edit summary |
(→Links) |
||
| Line 21: | Line 21: | ||
==Links== | ==Links== | ||
* | * https://www.grc.com/vpn/routing.htm | ||
[[Category: IT Infrastructure]] | [[Category: IT Infrastructure]] | ||
[[Category: Software]] | [[Category: Software]] | ||
Revision as of 12:44, 9 September 2019
A VPN is a system that establishes a private network across a public network, such as the Internet
Use in Dev Server
OSE launched a single staging/dev server in Hetzner Cloud in 2019. For security reasons it's imperative that this server is locked-down and sitting *behind* a VPN.
Looking Forward
Ideally, OSE would have a single rack of colocated hardware at a datacenter near FeF. As campuses pop-up, we could provision new racks at new datacenters that peer with each-other over time, if needed.
The reality is that we have a dedicated server in Falkenstein, Germany[1]; a cloud instance at a different DC in Falkenstein; a physical office in Missouri, USA that will likely have servers in the future[2]; and developers all over the world -- which begs the question: how do you architect a VPN with this hodge-podge of geographically dispersed servers & clients?
Certainly a hub-and-spoke [3] openvpn model is possible, but that introduces a single-point-of-failure.
A better option would be a decentralized mesh-style VPN solution, such as ZeroTier.