How private is the "Private" network?
As I migrate services from web1 to web2, I'd like to know how much privacy I can expect on the "private" network. Do y'all encrypt traffic between your hosts, even when using the private network? My goal is to rebuild web1 and I'm not keen on putting OpenVPN on web2, so I'd be considering service-specific encryption like MySQL + TLS, but I won't bother if it's not necessary.
Is the Private network safe enough that I could send plaintext over the wire, or should I treat it like the public network? Can other hosts sniff the traffic or attempt to steal my private IP? Apologize if I'm missing this in the docs, I did look around but didn't see any deep dive into the private network.
If you're worried though, you should consider firewalling + some kind of service-level encryption.
It is very easy to use Ansible for updating a list of private IP addresses within the firewall of each server.