I am thinking of setting up an overlay network using Nebula but I am curious as to what other completely open source projects there are out there. Sure I know about the commercial ones like Tailscale and Zerotier but I’d like to know what else I might be missing.
How well does Nebula handle symmetric NAT? I’ve got a rather complicated problem in that I am currently using WireGuard tunnels to solve. I have a rented VPS in the cloud that is my WireGuard/reverse proxy server. I use a tunnel between it and my home network to carry traffic to/from the reverse proxy. The same tunnel allows me to access my home network. I have routing on my VPS to allow me to connect my laptop to it via a second a WireGuard tunnel. It works well but obviously has issues with scalability. My family has asked me to provide some services for them as my anti-public cloud philosophy has worn off on them. I warned them that if I provide the service it will be a best effort one with no guarantees and they said okay.
So I would also like to be able to help maintain their systems from my home. I am hoping to use Nebula to build an overlay network and connect all three of their locations. The nice thing about Nebula is the automeshing capability which makes it scale well.
Sorry, I commented then went to Europe for 3 weeks; Browsing detox.
Symmetric NAT wouldn’t be an issue for Nebula at all – or WireGuard, as you know, but neither ZeroTier.
If you’re worried about CGNAT, it has several ways to deal with it:
https://nebula.defined.net/docs/config/punchy/
The lighthouse can also act as a bastion/proxy and handle the connections for you, if your two nodes can’t speak directly.
That being said… if you’re supporting other users, I think wireguard is the way to go.