Re: Stretch/L2VPN between two datacenters

2022-12-16 Thread Hrvoje Popovski
On 16.12.2022. 11:33, Lars Bonnesen wrote: > We are about to migrate VM's from one datacenter to another and the VMware > L2VPN we are using for this is simply not stable for some reason that we > cannot figure out why. > > I have used GRE-tunneling before on a software router that I actually >

Re: Securely managing TLS certificates on growing server (website, XMPP, soon email)?

2022-12-16 Thread Omar Polo
On 2022/12/15 13:56:00 -0700, Ashlen wrote: > Hi all, so I'm wondering how to securely deal with TLS certificates on a > server > that's grown to host multiple services (website, XMPP, soon email as well). > Specifically how to handle permissions and to what degree certificates should > be >

Re: Securely managing TLS certificates on growing server (website, XMPP, soon email)?

2022-12-16 Thread Ali Farzanrad
Hi Ashlen, The best way to handle your concerns is to review httpd, OpenSMTPd, and other projects code and send a patch to these project to handle Certificates in a more secure way. This way you can help yourself and the others. Bests, Ali Farzanrad Ashlen wrote: > Hi all, so I'm wondering

Stretch/L2VPN between two datacenters

2022-12-16 Thread Lars Bonnesen
We are about to migrate VM's from one datacenter to another and the VMware L2VPN we are using for this is simply not stable for some reason that we cannot figure out why. I have used GRE-tunneling before on a software router that I actually cannot remember the name of now, but if OpenBSD can do

Re: Stretch/L2VPN between two datacenters

2022-12-16 Thread David Gwynne
On Fri, Dec 16, 2022 at 11:39:02AM +0100, Hrvoje Popovski wrote: > On 16.12.2022. 11:33, Lars Bonnesen wrote: > > We are about to migrate VM's from one datacenter to another and the VMware > > L2VPN we are using for this is simply not stable for some reason that we > > cannot figure out why. > >

Re: Stretch/L2VPN between two datacenters

2022-12-16 Thread deich...@placebonol.com
I've run L2 over an IPsec tunnel using egre (gre(4)) and bridge (bridge (4)) to connect systems in different locations together. This was done before David Gwynne created tpmr(4). I've been to lazy to reimplement my current configuration. 73 diana

Re: Stretch/L2VPN between two datacenters

2022-12-16 Thread Łukasz Moskała
Dnia 16 grudnia 2022 11:33:55 CET, Lars Bonnesen napisał/a: >We are about to migrate VM's from one datacenter to another and the VMware >L2VPN we are using for this is simply not stable for some reason that we >cannot figure out why. > >I have used GRE-tunneling before on a software router

Re: Securely managing TLS certificates on growing server (website, XMPP, soon email)?

2022-12-16 Thread Ashlen
Thank you, this resolves that concern of mine (and in fact, it was an elegant enough solution that I felt silly for not doing it that way before). :) It makes a lot more sense to have acme-client(1) place the exceptional certificates in a different spot, rather than modify `/etc/ssl/private` to