Feb 15, 2022·edited Feb 15, 2022

How do you secure the ports open to the public? for example your backend or front end running on swarm? each port is open on each node as the link to routing mesh says...

Are you connecting to ssh server within the nebula network? ssh service starts before the nebula service which probably will fail at some point.

You will end with a public IP where a couple of ports are open on each worker node, so far ssh, 80, 443, nebula, back end... any intrusion from here will have access to your nebula network and the whole set up could be hacked.

Apart of iptables rules, DDos filters etc, and a possible external load balancer... have you done any extra layer of security?

Expand full comment
Dec 30, 2021·edited Dec 30, 2021

Will consider netmaker which has GUI? (wireguard base)

Expand full comment

In the first Nebula setup code box, should the IP's have /32 instead of /24?

Expand full comment
User was banned for this comment. Show
Expand full comment