Not sure they are using l2 transit.

They are using BGP and routing nodes (backbones), recreating a mini IP (layer 3) network I think.

I've used raw wireguard in a p2p fashion to interconnect LANs. I run wireguard on each segment directly inside the network routers.

Just make sure all LANs are using a different subnet. A /24 is standard. Then configure all the peers and you get a fully peer to peer network. No relays. You only need one side of every peer "pair" to be reachable from the internet.

I do have a small management script to help peer discovery (dynamic IPs) and key exchange, but it's not strictly required. With a dozen nodes or so, it's maintainable manually. Wireguard supports roaming natively, as long as one peer can reach the other.

Very little overhead. ICMP, TCP and UDP support.

▲

icedchai 3 days ago | parent | next [-]

I have my own Wireguard mesh network between my home network and a couple of VPSes. I configured it all manually, too. I'm basically running a virtual public network and have it routing a /24 (BGP announced at the VPSes) back to my home.

▲

immibis 2 days ago | parent [-]

How did you get a public /24?!

▲

icedchai 2 days ago | parent [-]

I was an early Internet user (early 90's.) They gave them out to anyone who asked back then.

▲

bevr1337 2 days ago | parent [-]

A little morbid, but have you considered setting up a beneficiary for the allocation or detailing this asset in a will? That's some special, virtual real estate you have there.

	▲	icedchai a day ago \| parent [-]
		I’m hoping IPv4 is obsolete by that time. That’s a good idea though.

▲

mdickers47 2 days ago | parent | prev [-]

That is correct. IPSec sucks but we have already paid the price of being forced to figure it out in big organizations, so, not much motivation to figure out another thing.