Skip to main content
> Equinix Deploy

Interconnected Devices with Internet Access

Networking Architecture (Scenario 1) - Exploring network configurations where every device is connected to each other and directly to the Internet

Interconnected Devices with Internet Access

On this page

In this scenario:

  • Devices are connected to the Internet
  • The Internet connections are direct
  • Devices communicate with each other via standard Equinix Metal networking
  • Devices use both public and private IPs allocated by Equinix Metal
  • Devices may be all in one metro or in multiple metros

This is the normal, default Equinix Metal scenario.

Each and every device receives a public IPv4 address and a private IPv4 address. Each device is on its own private subnet, to which just the device and its upstream router are connected.

General layout

The device can communicate with the Internet using its public address, and can communicate with other devices in the same project using its private address or the public address.

Comms

All packets bound for the Internet, upon reaching the upstream router, will be recognized as coming from the given device and passed onwards, while packets inbound from the Internet for the public address will be recognized and routed to the specific device.

Both the public and the private addresses are provided and managed by Equinix Metal.

This scenario requires no additional work on your behalf, as it is the standard Equinix Metal model. Simply deploy your devices.

Multiple Metros

If you wish to deploy devices in multiple metros while enabling communications between them, you have several options.

First, you can deploy the devices as-is, and use the public IP addresses to communicate between them. This may be sufficient if the communications use publicly available services anyways, such that they already are secure. It may also be sufficient if the communications need not be secure.

Across the Internet

Second, you have the option of installing your own VPN.

  1. On one of the devices in each metro, install VPN services, such as openvpn or StrongSWAN.
  2. Create a VPN tunnel between the two devices over the Internet.
  3. Configure routing on each device, such that the addresses for the private range in the other metro is via the local VPN device.

VPN

Finally, and most simply for a secure channel, you can enable Backend Transfer. Backend Transfer is the Equinix Metal service that enables your devices in a single project to communicate with each other across metros using the Equinix-assigned private IP addresses.

Backend Transfer

Last updated

25 June, 2024

Category

Tagged

Article
You may also like
Dig deeper into similar topics in our archives
Image of Configuring BGP with BIRD 2 on Equinix Metal
Networking Technical
Configuring BGP with BIRD 2 on Equinix Metal

Set up BGP on your Equinix Metal server using BIRD 2, including IP configuration, installation, and neighbor setup to ensure robust routing capabilities between your server and the Equinix M...
Image of Configuring BGP with FRR on an Equinix Metal Server
Networking Technical
Configuring BGP with FRR on an Equinix Metal Server

Establish a robust BGP configuration on your Equinix Metal server using FRR, including setting up network interfaces, installing and configuring FRR software, and ensuring secure and efficie...
Image of Crosscloud VPN with WireGuard
Networking Technical
Crosscloud VPN with WireGuard

Learn to establish secure VPN connections across cloud environments using WireGuard, including detailed setups for site-to-site tunnels and VPN gateways with NAT on Equinix Metal, enhancing...
Image of Deploy Your First Server
Platform Quickstart
Deploy Your First Server

Learn the essentials of deploying your first server with Equinix Metal. Set up your project & SSH keys, provision a server and connect it to the internet.