ZTNA Options & differences for private DNS

markamind · September 5, 2022, 8:31am

Situation

I have setup a private git repo on a private compute and want to perform git operations over a Ziti network

ZTNA (Ziti Network Access) options

1. LAN Gateway using two private routers

2. Ziti Edge Tunneller

A normal setup to create a tunneller

Differences

After working through the LAN Gateway option, my understanding is that this does not use a public edge router. It is not needed because the connection is made within the fabric between the two ziti routers that connect to the host via the nic.

In contrast, the Ziti Edge Tunneller operates at the edge, which by definition needs to pass via the public edge router.

Is this correct? Am i missing anything.

The impact of this difference is seen in how the Service Edge Router Policy is configured.

TheLumberjack · September 5, 2022, 11:27am

If you have the two ziti identities in different clouds/private networks, you’ll absolutely need and use a public edge router for the private edge routers or local tunneling apps to link to.

You always need at very least, one public edge router if you’re spanning two private networks.

Topic		Replies	Views
Feedback on deployment diagram Ziti Overlay	5	458	August 26, 2022
Ziti Edge Router General Questions General Questions	46	2045	May 8, 2023
NEW TO ZITI Please Help and guide to use ziti in private network	1	27	September 6, 2024
Source IP / Network segmention feature Ziti Edge Tunnel	12	347	September 16, 2023
Pros and cons of using edge router to host a private DNS Ziti Overlay	6	344	June 12, 2022

ZTNA Options & differences for private DNS

Situation

ZTNA (Ziti Network Access) options

Differences

Related Topics