Good evening community,
I'm coming to you to share a reflection on a course activity I'm going to give hosted on a proxmox dedicated server
Here is the context:
I have 50 students divided into cities (reference casa de papel ;-)) 2 to 4 students per city
So 19 cities. I hope not to lose you. Each of these students connects by vpn wireguard in its pool with a vmbr allowedip declared.
This makes us 20 network interface and as much wireguard.
The idea is to share these cities in team.
A team represents 4 cities for example I detail you the team tomato:
Mexico lab1 vmbr10 172.16.10.0/24 - vmbr2000 172.17.20.10/30 to vlan1337 < Router > vmbr2001 172.17.21.10/30 to vlan2001 via dmz
Moscow lab7 vmbr70 172.16.70.0/24 - vmbr2000 172.17.20.70/30 to vlan1337 < Router > vmbr2001 172.17.21.70/30 to vlan2001 via dmz
Beijing lab17 vmbr170 172.16.170.0/24 - vmbr2000 172.17.20.170/30 to vlan1337 < Router > vmbr2001 172.17.21.170/30 to vlan2001 via dmz
Pyongyang lab14 vmbr140 172.16.140.0/24 - vmbr2000 172.17.20.140/30 to vlan1337 < Router > vmbr2001 172.17.21.140/30 to vlan2001 via dmz
I see several options for grouping either by tagged vlan and then routing that goes well on the router
I've seen a lot of things with pfsense, and also OVS (OpenVswitch). What do you think would be the best option. I leave you a schema which represents only that of a TEAM that will be to reproduce 5 times! My idea would be to mutualize as much as possible the network interfaces and not to recreate 20 more!
Thanks for your opinions and feedbacks
I'm coming to you to share a reflection on a course activity I'm going to give hosted on a proxmox dedicated server
Here is the context:
I have 50 students divided into cities (reference casa de papel ;-)) 2 to 4 students per city
So 19 cities. I hope not to lose you. Each of these students connects by vpn wireguard in its pool with a vmbr allowedip declared.
This makes us 20 network interface and as much wireguard.
The idea is to share these cities in team.
A team represents 4 cities for example I detail you the team tomato:
Mexico lab1 vmbr10 172.16.10.0/24 - vmbr2000 172.17.20.10/30 to vlan1337 < Router > vmbr2001 172.17.21.10/30 to vlan2001 via dmz
Moscow lab7 vmbr70 172.16.70.0/24 - vmbr2000 172.17.20.70/30 to vlan1337 < Router > vmbr2001 172.17.21.70/30 to vlan2001 via dmz
Beijing lab17 vmbr170 172.16.170.0/24 - vmbr2000 172.17.20.170/30 to vlan1337 < Router > vmbr2001 172.17.21.170/30 to vlan2001 via dmz
Pyongyang lab14 vmbr140 172.16.140.0/24 - vmbr2000 172.17.20.140/30 to vlan1337 < Router > vmbr2001 172.17.21.140/30 to vlan2001 via dmz
I see several options for grouping either by tagged vlan and then routing that goes well on the router
I've seen a lot of things with pfsense, and also OVS (OpenVswitch). What do you think would be the best option. I leave you a schema which represents only that of a TEAM that will be to reproduce 5 times! My idea would be to mutualize as much as possible the network interfaces and not to recreate 20 more!
Thanks for your opinions and feedbacks
