I've been using Nebula for a long time. It's great and definitely worth your time to setup.
networking
Community for discussing enterprise networks and the ensuing chaos that comes after inheriting or building one.
How well does Nebula handle symmetric NAT? I've got a rather complicated problem in that I am currently using WireGuard tunnels to solve. I have a rented VPS in the cloud that is my WireGuard/reverse proxy server. I use a tunnel between it and my home network to carry traffic to/from the reverse proxy. The same tunnel allows me to access my home network. I have routing on my VPS to allow me to connect my laptop to it via a second a WireGuard tunnel. It works well but obviously has issues with scalability. My family has asked me to provide some services for them as my anti-public cloud philosophy has worn off on them. I warned them that if I provide the service it will be a best effort one with no guarantees and they said okay.
So I would also like to be able to help maintain their systems from my home. I am hoping to use Nebula to build an overlay network and connect all three of their locations. The nice thing about Nebula is the automeshing capability which makes it scale well.
Sorry, I commented then went to Europe for 3 weeks; Browsing detox.
Symmetric NAT wouldn't be an issue for Nebula at all -- or WireGuard, as you know, but neither ZeroTier.
If you're worried about CGNAT, it has several ways to deal with it:
https://nebula.defined.net/docs/config/punchy/
The lighthouse can also act as a bastion/proxy and handle the connections for you, if your two nodes can't speak directly.
That being said.... if you're supporting other users, I think wireguard is the way to go.
Sorry for the necro. There's not many posts about Nebula on the lemmyverse.
Been having a pain in the ass time getting my network up and running. I've got nodes on the same LAN as well as a VPS lighthouse and another few nodes on another LAN miles away. Seems all can ping the lighthouse and nodes within the same LAN can ping eachother (although sometimes they randomly can't until I reboot them), but I can't get nodes from one LAN to ping the other. Have you had any experiences with this in your setup? It's pretty much the entire use case of Nebula so it's strange that it's giving so much shit.