Dear Steve, and distinguished members of this forum,
I have been following (but too lazy to implement) this rather promising network project which I'd like to share with you and gather your experiences and opinions.
What if, you could simply connect all your devices, no matter where they are located, by using your own private IP network?
No VPN to setup, just add your machine to connection list and it just works. (or almost)
Well, that's what the Nebula project proposes. (With one single executable file - well two, the second generates the required certificates)
More information here: https://nebula.defined.net/docs/ and https://github.com/slackhq/nebula
I have no affiliation with the project, just curious.
Note: It does need some configuration and setup but it is simpler than you think.
Enjoy.
Best regards,
I have been following (but too lazy to implement) this rather promising network project which I'd like to share with you and gather your experiences and opinions.
What if, you could simply connect all your devices, no matter where they are located, by using your own private IP network?
No VPN to setup, just add your machine to connection list and it just works. (or almost)
Well, that's what the Nebula project proposes. (With one single executable file - well two, the second generates the required certificates)
Nebula: Open Source Overlay Networking
Nebula is an overlay networking tool designed to be fast, secure, and scalable. Connect any number of hosts with on-demand, encrypted tunnels that work across any IP networks and without opening firewall ports.
Core features
- Peer-to-peer, layer 3, virtual network (Technical Details)
- Supports TCP/UDP/ICMP traffic via TUN adapter with split-tunneling
- Host firewall with groups-based rules engine for overlay traffic
- Route discovery and NAT traversal assisted by simple "lookup" hosts
Identity and Authorization
Nebula uses a PKI model for establishing trust between hosts and networks.
Releases include nebula-cert executable to generate keys, certs, CA's, and to sign host certificates.
- Host certificates are used to securely identify and authorize peers
- Hosts mutually authenticate by validating certificates and CA's
- Firewall rules enforced by evaluating certificate "security groups"
More information here: https://nebula.defined.net/docs/ and https://github.com/slackhq/nebula
I have no affiliation with the project, just curious.
Note: It does need some configuration and setup but it is simpler than you think.
Enjoy.
Best regards,