Hi Gai,

You can certainly do something similar with DirectConnect. If you're in a hybrid environment with just AWS + on prem and you already have DirectConnect in place, this may be the best option due to the prices AWS charges for bandwidth.

Mesh VPN's are relatively new so people are a little unsure of them, but they have been tested at scale. Hundreds of VM's should be no problem.

In addition, a couple of advantages a mesh VPN brings over a single dedicated connection:

- no network bottleneck

- no single point of failure

- works no matter what your topology is

- cloud agnostic

- easily automated

- zero trust

I would argue that long term, a mesh VPN is actually a more simple architecture. For instance, with Netmaker, there is one command to join a network, and one command to leave a network. This can pretty easily be automated, and you will always know exactly which machines have access to a given private network.

While the concept is a little different, it's essentially like a custom VPC made up of whatever machines you'd like to put in it.