Kutanga kwe iyo nyowani vhezheni ye Nebula 1.5 iyo inomisikidzwa semuunganidzwa wezvishandiso zvekuvaka akachengeteka pamusoro pemanetiweki Ivo vanogona kubatanidza kubva kune akati wandei kusvika kumakumi ezviuru evaenzi vakapatsanurwa munzvimbo, vachigadzira yakaparadzana yakasarudzika network pamusoro peiyo network yepasirese.
Iyo purojekiti yakagadzirirwa kugadzira ako ega evhavha network kune chero chinodiwa, semuenzaniso, kusanganisa makomputa emakambani mumahofisi akasiyana, maseva munzvimbo dzakasiyana dzedata, kana nharaunda dzakajeka kubva kune vakasiyana vanopa makore.
About Nebula
Node dzeNebula network dzinotaurirana zvakananga kune imwe neimwe muP2P modhi, sezvo kudikanwa kwekufambisa data pakati penodes inogadzira yakananga VPN yekubatanidza zvine simba. Kuzivikanwa kwemunhu wega wega pane network kunosimbiswa nechitupa chedhijitari, uye kubatana kune network kunoda kuvimbiswa; mushandisi wega wega anogamuchira chitupa chinosimbisa IP kero muNebula network, zita uye nhengo yemapoka evaenzi.
Zvitupa zvinosainwa nedare retifiketi remukati, rinoitwa nemugadziri wetiweki yega yega panzvimbo yavo, uye rinoshandiswa kusimbisa masimba evaenzi vane kodzero yekubatanidza kune yakanangana netiweki yakabatana nechiremera chechitupa.
Kugadzira yakatendeseka yakachengeteka yekutaurirana chiteshi, Nebula inoshandisa yayo tunneling protocol yakavakirwa paDiffie-Hellman kiyi yekutsinhana protocol uye AES-256-GCM encryption. Kuitwa kweprotocol kwakavakirwa pakugadzirira-kushandisa-uye kwakaedzwa primitives inopihwa neNoise framework, iyo zvakare. inoshandiswa mumapurojekiti akaita seWireGuard, Mheni, uye I2P. Chirongwa ichi chinonzi chapasa ongororo yakazvimirira yekuchengetedzwa kwenharaunda.
Kuti uwane mamwe ma node uye kuronga kubatana kune network, "beacon" node inogadzirwa specials, vane kero dzepasi rose dzeIP dzakagadziriswa uye dzinozivikanwa kune vatori vechikamu. Manodhi anotora chikamu haana chinongedzo kune yekunze IP kero, anocherechedzwa nezvitupa. Varidzi vevaenzi havagone kuita shanduko kune vakazvisaina zvitupa, uye kusiyana nevechinyakare IP network, havagone kunyepedzera kuve mumwe muenzi nekungoshandura IP kero. Kana mugero wagadzirwa, kuzivikanwa kwemugamuchiri kunosimbiswa kune kiyi yega yega.
Iyo yakagadzirwa netiweki inopihwa humwe huwandu hwe intranet kero (semuenzaniso, 192.168.10.0/24) uye kero dzemukati dzakasungwa nezvitupa zvevaenzi. Mapoka anogona kuumbwa kubva kune vatori vechikamu mune yakavharika network, semuenzaniso kuparadzanisa maseva uye nzvimbo dzekushandira, uko kwakaparadzaniswa mitemo yekusefa kwemigwagwa inoshandiswa. Nzira dzakasiyana-siyana dzakapihwa kuyambuka kero vashanduri (NAT) uye firewall. Zvinogoneka kuronga nzira kuburikidza neyakavharika network yetraffic kubva kune yechitatu-bato mauto asina kubatanidzwa muNebula network (isina kuchengeteka nzira).
Zvakare inotsigira kugadzirwa kweFirewalls kuparadzanisa kupinda uye kusefa traffic pakati pemanodhi epamusoro peNebula network. Tag-akasungwa ACLs anoshandiswa kusefa. Mumwe nemumwe anotambira panetiweki anogona kutsanangura ega mafirita mitemo kune network host, mapoka, maprotocol, uye madoko. Panguva imwecheteyo, mauto haana kusefa nema IP kero, asi nemadhijitari akasainwa madhijitari, ayo asingagone kuumbwa pasina kukanganisa nzvimbo yetifiketi inoronga network.
Iyo kodhi yakanyorwa muGo uye inopihwa rezinesi neMIT. Iyo purojekiti yakavambwa naSlack, iyo inovandudza mutumwa wekambani wezita rimwe chete. Inotsigira Linux, FreeBSD, macOS, Windows, iOS uye Android.
Kana zvakadaro shanduko dzakaitwa mushanduro itsva zvinotevera:
- Yakawedzera "-raw" mureza kune print-cert command kudhinda iyo PEM inomiririra yechitupa.
- Yakawedzera rutsigiro rweiyo Linux riscv64 architecture.
- Yakawedzera zviyedzo zveremote_allow_ranges kusungirira mazita anotenderwa kune mamwe ma subnets.
- Yakawedzera pki.disconnect_invalid sarudzo yekumisikidzazve tunnel mushure mekumisa kuvimba kana kupera kwechitupa.
- Yakawedzera unsafe_routes sarudzo. .metric yekuseta huremu hweimwe nzira yekunze.
Chekupedzisira, kana iwe uchifarira kukwanisa kuziva zvakawanda nezvazvo, unogona kubvunza iwo ruzivo uye / kana zvinyorwa mune iyi link inotevera.