Does linode offer true private networking?
Does linode offer true private networking?
Nodes not in the account cant talk/sniff each other
15 Replies
jchism
Linode Staff
We do offer private networking but this only works between servers residing in the same data center. Also, other servers residing in the same data center, that have private IP's for their servers, would also be able to communicate with your server's private IP address. To prevent this from occurring, you can setup firewall rules for your server. We have a few guides that can assist you with this option.
https://www.linode.com/docs/platform/manager/remote-access/#adding-private-ip-addresses
https://www.linode.com/docs/security/firewalls/control-network-traffic-with-iptables/
https://www.linode.com/docs/security/firewalls/configure-firewall-with-ufw/
https://www.linode.com/docs/security/firewalls/introduction-to-firewalld-on-centos/
Is there any plan to have true private networking on Linode platform or any sort of overlay network that could be implemented.
rdaniels
Linode Staff
@cmg and @xntscript This exact thing is actual in our 2020 Roadmap which was released yesterday on our blog. If you scroll to the bottom of the post, you'll see a small sample of some of the things we have to come next year. Most notably for you, a Per customer network VLAN is listed in the below snippet!
- NodeBalancer automatic Let’s Encrypt support
- NodeBalancer PROXY protocol support
- Instantaneous DNS Manager updates
- Marketplace for One-Click Kubernetes and single instance apps
- Linode Kubernetes Engine global availability
- Bare Metal machines with cloud infrastructure management
- Managed Databases for production-ready DBs
- Cloud Firewall to control network traffic to your Linodes
- Per customer network VLAN
- Anycast Network for improved routing
- New data centers to continue supporting global markets
- Multi-language support for Linode docs & guides including Spanish, German, Portuguese, Japanese and more
Hi,
Any update on this
Is "Per customer network VLAN" expected to be rolled out anytime soon ??
jtoscani
Linode Staff
Hey @DWACommerce - right now this feature is in Beta testing. If you'd like to sign up for our Beta Program, Green Light, you can test this out and provide valuable feedback. More info about this can be found on our VLAN page!
Hi,
Any update on this?
Is "Per customer network VLAN" expected to be rolled out anytime soon?
I asked about this since I’m signed up betas and they said it’s not currently ready for testing.
I wouldn’t get my hopes up could be a while.
Once again I got here searching for an update on this product. It's 2021 and this is still not available. Other linode customers (192.168…) are scanning our hosts and running all sorts of attacks against our services.
:(
Personally I created a small golang app which lets me p2p encrypt between nodes using high strength encryption. Where possible I also firewall nodes as well.
A vpn is also a good option although for my needs the p2p encryption makes more sense as it doesn’t need vpn overhead and works for udp as well without encapsulation.
@madalex --
You should check out @jchism's post above…the one with the links to the guides about setting up firewall rules.
Also, if other Linodes are carrying out attacks against yours, you should report it in a support ticket. There are a few customers who use Linode for security research. This is supported and legal. There are some FAQs from Linode about this (although I can't locate links right now…too early in the morning!). There's a way to opt out of their scanning…I just don't remember how at the moment.
Anything else is a violation of the Acceptable Use Policy. You should report it.
-- sw
It would be great if we got a response from someone from Linode's team.
jtoscani
Linode Staff
jtoscani
Linode Staff
Update: VLAN is currently available in our Toronto, Sydney, Atlanta and Mumbai data centers. It will be coming soon to the rest of our DCs, and you can check on availability here:
