A bit lower level than most things discussed here but on the topic of overlay networks, I’ve used nebula for years and can recommend it

ysleepy 3 hours ago | parent | next [-]

I've used it for some time, it feels very much like it is in maintenance mode.

You manage a PKI and have to distribute the keys yourself, no auth/login etc.

it's much better than wireguard, not requiring O(N) config changes to add a node, and allowing peoxy nodes etc.

iirc key revocation and so on are not easy.

	▲	PLG88 8 minutes ago \| parent \| next [-]
		This problem has been brought up in the OpenZiti community many times. I like Nebula, but it's not 'truly open source'.
	▲	dave78 2 hours ago \| parent \| prev \| next [-]
		Nebula just had a major release that added IPv6 support for overlay networks. Hardly maintenance mode. The main company working on it now seems to be adding all the fancy easy-to-use features as a layer on top of Nebula that they are selling. I personally appreciate getting to use the simple core of Nebula as open source. It seems very Unix-y to me: a simple tool that does one thing and does it well.
	▲	c0balt 3 hours ago \| parent \| prev [-]
		Nebula does not require O(n) config changes for adding a node. O(n) is only required for: - active revocation of a certificate (requires adding the CA fingerprint to the config file) - adding/removing a lighthouses (hub for publishing IPs for p2p) or relay (for going over p2p) - CA rotation

eddyg 3 hours ago | parent | prev | next [-]

+1 on Nebula. I don’t know why it doesn’t get mentioned more as an overlay network option.

it his much complex to setup then wireguard based?

	▲	prmoustache 2 hours ago \| parent [-]
		It is the easiest to setup and understand really. There are no users, just hosts and their keys. What it doesn't offer is a gui or tool to handle copying/installing/revocating keys so you trade super easy setup for a handful of nodes to management overhead if you are scaling up and down regularly.