So I have a few VPS's and dedicated servers with a few different hosts. All have multiple IPs allocated to them.
How can I go about creating a private LAN to connect all these together? It needs to be secure and ideally a simple process to add more nodes to the private LAN.
Is this possible, and how secure would a setup like this be if say one of the nodes were compromised?
Thanks!
In theory, OpenVPN can create virtual layer 2 networks. See the example here:
I haven't set this up myself, but I think this is pretty much what you're asking for.
Once you have the virtual layer 2 network set up (see other answers, or you can try IPSec), the VPN interface can have the same firewall rules applied to it as regular interfaces. In case one node on the virtual subnet gets compromised they will have complete access to that subnet and you should plan accordingly.
In more old-school networks the logical equivalent would be preventing one host in a DMZ from being able to do Bad Things to other hosts in that DMZ. The networking problem is very similar, it's just that you have a virtual interface as your 'trusted-side' network which can change some of the specific details.
A VPN would be a great way to achieve this. It encrypts all data(secure) and it would be rather easy to connect a node add it to the VPN. If a node is compromised it would be comparable if they were in a local LAN. Depending on OS there are different VPN protocols that could suite your needs.