A scalable overlay networking tool with a focus on performance, simplicity and security

Generate CA with 3 years expiration.

nebula-cert ca -name "Sdvcrx" -duration 26280h0m0s  # 24 * 365 * 3h

Generate node cert and key:

nebula-cert sign -name nas -ip '192.168.100.xx/24' -groups home

Check cert/CA detail:

nebula-cert print -json -path lighthouse1.crt

Change config to allow any inbound/outbound between any nebula hosts:

  outbound:
    # Allow all outbound traffic from this node
    - port: any
      proto: any
      host: any

  inbound:
    # Allow all inbound traffic to this node.
    # [danger], make sure you know what you're doing.
    - port: any
      proto: any
      host: any

• slackhq/nebula