Hello!
How are you doing?. I have an scenario and I wonder what's the most straightforward solution.
Having several sites to connect, I'm thinking about deploying OPNsense in a small box on remote site and a two node cluster at the main office with zerotier connecting everything.
Now regarding routing:
- should I use no routing on zerotier + BGP in OPNsense, or should I use the embedded routing of zerotier?
- static routing setup on ZT is centralized and simple, but won't cover CARP scenarios with a gateway failover.
Regarding filtering:
- should I allow everything between gateways and filter everything in OPNsense?
- should I allow everything in OPNsense and filter everything in Zerotier?
- so a mix?, Filtering different things in both?
Hello!,
I've been looking for alternatives and would also like to hear from other SDWAN solutions that would play nice with OPNsense:
Tailscale/Headscale
Nebula
Netbird
Netmaker