Damn. That's a new way to look. Also I think you are one of the few youtubers who created a video on Proxmox SDN. That's actually pretty cool. And yeagh, ofc, good luck for future videos and projects.
Thanks! I got the initial inspiration for my first SDN video from @NovaspiritTech, but then came up with the idea for this video a couple of weeks ago. But then hit a snag where I couldn't get Docker to work. Then I found that re-installing docker-compose seemed to fix it :)
Another idea would be to setup a tailscale network to access those vm’s or containers. Then you wouldn’t need a virtual desktop or domain to reach them.
Does the SDN have an option for port forwarding if you still want to access stuff on your local network so to go to something it would be the proxmox ip and then the port to a spesific service i also understand that you will be limited by how many ports are avaliable and what happens if you try to do that with multiple SDNs that will not work right?
Port forwarding on something like this seems like a LOT of extra work when you can use something like Cloudflare Tunnels or TailScale or similar to get remote access really easily.
Is port forwarding an option i would use sdn to seperate the containers from my network as it would be easier to have containers/vm under same subnet. In my case i wouldn't like to use cloudflare tunnels/tailscale its good if i want to access them privately but for public faceing services i could use cloudflare tunnels but i may need a bit more flexibility with my web server for example
SDN is not about isolation but it can be. It is about giving clients (here vm/containers) the ability to easier network management on demand. You do not need to know anything about vlan/ports/switches etc you just want a network/firewall rules/routes/load balancer etc. You do not care if it is vlan/vxlan/geneve psycial devices or virtual ones as long as it will program it self to your needs. Usually it is implemented by giving the control plane of switch (the brain/decision center) to sdn controller (here it will be OVN as controller and OVS as switches). This might sound stupid but this gives you few nice advantages like offloading to smartnic or possibilities to program new protocol in much easier manner as you need to program sdn controller. Otherwise you would need to hack your locked switches to do something new you need.
but I presume that someone running a lab behinf their firewall would have added the extra security already like running a proxy and firewall rules also segment parts of the network and access to them accordingly .. nice video however it seems excesive to me to run an SDN to just access your local lab cluster whatever .. yes accessing it from outside from a dedicated host maybe but that`s already done via proxies and all sorts of auth systems in place .. great video either way :) keep it up for us !
Would be a lot cooler to do this without any named infrastructure Run own dns & vpn on lowendbox vps Something supplier agnostic and only using open source software
You can do it that way if you want. No one is MAKING you use Cloudflare or TailScale or whatever. I like to use Cloudflare tunnels. And this video at least gives people an idea of what's possible, then they can change their setup however they like. This was just a "proof of concept" idea.
Love how transparent you are! Fun to watch!
Thanks :)
Damn. That's a new way to look. Also I think you are one of the few youtubers who created a video on Proxmox SDN. That's actually pretty cool. And yeagh, ofc, good luck for future videos and projects.
Thanks! I got the initial inspiration for my first SDN video from @NovaspiritTech, but then came up with the idea for this video a couple of weeks ago. But then hit a snag where I couldn't get Docker to work. Then I found that re-installing docker-compose seemed to fix it :)
Great explanation of a nice use-case for SDN! I was trying to think of a way to set it up and explore uses and this is a good one.
Thanks!!
Another idea would be to setup a tailscale network to access those vm’s or containers. Then you wouldn’t need a virtual desktop or domain to reach them.
Yes, would like to see a video of accessing a SDN VM/LXC with Tailscale.
@@jordant2 or netbird / zerotier.
Good morning David, Thanks for sharing this info. -Dino
As someone mentioned something like tailscale maybe setup as an exit node onto the sdn.
Thanks for sharing David.
Thanks for checking out the video :)
Can you add a static route to 10.0.0.0/24 on router ?
Great video keep up the good work!
YEah!!!! first!!! Love your videos! keep em coming!
You got it!
Nice video. 10:50 which dashboard is that ?
th-cam.com/video/2dGD4C2g8ig/w-d-xo.html
Seems like google is not suggesting me after i reset my history.
Does the SDN have an option for port forwarding if you still want to access stuff on your local network so to go to something it would be the proxmox ip and then the port to a spesific service i also understand that you will be limited by how many ports are avaliable and what happens if you try to do that with multiple SDNs that will not work right?
Port forwarding on something like this seems like a LOT of extra work when you can use something like Cloudflare Tunnels or TailScale or similar to get remote access really easily.
Is port forwarding an option i would use sdn to seperate the containers from my network as it would be easier to have containers/vm under same subnet. In my case i wouldn't like to use cloudflare tunnels/tailscale its good if i want to access them privately but for public faceing services i could use cloudflare tunnels but i may need a bit more flexibility with my web server for example
It depends on the use case
SDN is not about isolation but it can be. It is about giving clients (here vm/containers) the ability to easier network management on demand. You do not need to know anything about vlan/ports/switches etc you just want a network/firewall rules/routes/load balancer etc. You do not care if it is vlan/vxlan/geneve psycial devices or virtual ones as long as it will program it self to your needs. Usually it is implemented by giving the control plane of switch (the brain/decision center) to sdn controller (here it will be OVN as controller and OVS as switches). This might sound stupid but this gives you few nice advantages like offloading to smartnic or possibilities to program new protocol in much easier manner as you need to program sdn controller. Otherwise you would need to hack your locked switches to do something new you need.
but I presume that someone running a lab behinf their firewall would have added the extra security already like running a proxy and firewall rules also segment parts of the network and access to them accordingly .. nice video however it seems excesive to me to run an SDN to just access your local lab cluster whatever .. yes accessing it from outside from a dedicated host maybe but that`s already done via proxies and all sorts of auth systems in place ..
great video either way :) keep it up for us !
This was just a demo for the sake of a demo. I can't imagine actually using something like this in practice
It's more useful on a cluster.
I think it's useful for anyone who needs it, cluster or not ;)
@@DBTechYT In a cluster you can create vlans across hosts without having to also create the vlans on the switchports the hosts are connected to.
Would be a lot cooler to do this without any named infrastructure
Run own dns & vpn on lowendbox vps
Something supplier agnostic and only using open source software
You can do it that way if you want. No one is MAKING you use Cloudflare or TailScale or whatever. I like to use Cloudflare tunnels. And this video at least gives people an idea of what's possible, then they can change their setup however they like. This was just a "proof of concept" idea.