This page covers common configuration steps for Nebula deployments.
Use the same configuration file referenced in the setup guide for your installation.
Typical path:
/etc/nebula/config.yml
config.yml)pki:
ca: /etc/nebula/ca.crt
cert: /etc/nebula/host.crt
key: /etc/nebula/host.key
static_host_map:
"10.90.0.1": ["198.51.100.10:4242"]
lighthouse:
am_lighthouse: false
interval: 60
hosts:
- "10.90.0.1"
listen:
host: 0.0.0.0
port: 4242
punchy:
punch: true
tun:
dev: nebula1
mtu: 1300
tx_queue: 500
logging:
level: info
format: text
firewall:
outbound:
- port: any
proto: any
host: any
inbound:
- port: 22
proto: tcp
host: any
On lighthouse nodes set:
lighthouse:
am_lighthouse: true
interval: 60
hosts: []
4242 open between peers/lighthouses as required by topology.Restart the service or reload the configuration using your init system or container manager.
sudo systemctl restart nebula
Confirm the service is healthy, then test connectivity from a client.
sudo systemctl status nebula
sudo nebula -test -config /etc/nebula/config.yml
sudo ip addr show nebula1
Check tunnel reachability between nodes:
ping -c 3 10.90.0.1