Nebula from Slack - open-source overlay networking tool - Mesh VPN
-
- https://slack.engineering/introducing-nebula-the-open-source-global-overlay-network-from-slack/
- https://github.com/slackhq/nebula
Spotted it as used by a (more expensive) Cloudron alternative, Elestio:
“What is the easiest way to securely connect tens of thousands of computers, hosted at multiple cloud service providers in dozens of locations around the globe?” If you want our answer, it’s Nebula, but I recommend that you read the rest of this short post before clicking that shiny link.
At Slack, we asked ourselves this very question a few years ago. We tried a number of approaches to this problem, but each came with trade-offs in performance, security, features, or ease of use. We will gladly share those experiences in future presentations and writing, but for now, just know that we did not set out to write software to solve this problem. Slack is in the business of connecting people, not computers.
What is Nebula?Nebula is a scalable overlay networking tool with a focus on performance, simplicity and security. It lets you seamlessly connect computers anywhere in the world. Nebula is portable, and runs on Linux, OSX, and Windows. (Also: keep this quiet, but we have an early prototype running on iOS).
It is important to note that Nebula incorporates a number of existing concepts like encryption, security groups, certificates, and tunneling, and each of those individual pieces existed before Nebula in various forms. What makes Nebula different to existing offerings is that it brings all of these ideas together, resulting in a sum that is greater than its individual parts.
Today Nebula runs on every server at Slack, providing a global overlay network that helps us operate our service. While this is the first time most people have heard of Nebula, it has been in use at Slack for over two years!
-
This is interesting - seems like overlay networks are all the rage. I also note there's an OSS implementation of the Tailscale services (protocol matching I think is the term) and I've played with netmaker but it didn't do so great with my cgnat. Tailscale is simply phenomenal.
-
@doodlemania2 is there a comparative post of them all? Or shall we start one here on the forum?
-
The ones I can think of are Nebula, Tailscale, and Zero Tier. Although from what I hear, Zero Tier is a little more low level (Layer 2 Networking rather than Layer 3).
-
I posted most of these, just search "Mesh VPN" to see others. I really like the look of Firezone:
-
@robi Looks like @marcusquinn beat me to it!
-
@doodlemania2 said in Nebula from Slack - open-source overlay networking tool - Mesh VPN:
@robi Looks like @marcusquinn beat me to it!
Sort of.. not all in one [Discussion] place, but perhaps close enough in the larger [Forum] part of the larger [Internet]?
-
There is new open source solution based on nebula with friendly WEB GUI from shieldoo.io - see https://github.com/shieldoo/shieldoo-mesh-docker-compose
