brad-defined

@johnjces host certs expire by default 1 second before the CA expires. So, if you create a new CA cert and configure it to expire in 5 years, then your...

also removed GOISMIN Makefile check

Nebula 1.6.0 is released with a Relay feature, to cover cases like a Symmetric NAT. https://github.com/slackhq/nebula/pull/678 Check out the example config to see how to configure a Nebula node to...

Nebula doesn't support certificate chains / intermediate certs, there are only roots and leafs. There is no signing a CA with another CA. It does support trusting multiple CA's, though....

Nebula is designed to be run as a peer-to-peer mesh, with each peer getting direct UDP access to each other peer for communication. Unsafe routes is a feature to access...

Nebula 1.6.0 is released with a Relay feature, to cover cases like a Symmetric NAT. https://github.com/slackhq/nebula/pull/678 Check out the example config to see how to configure a Nebula node to...

You should only set `relay.am_relay` on the relay host. Laptop and Desktop should have `relay.am_relay` set to `false`. ```mermaid graph LR A[Laptopip:192.168.0.2relay.am_relay:falserelay.use_relays:truerelay.relays: 192.168.0.1] --> B(Relay Host AWSip:192.168.0.1relay.am_relay:truerelay.use_relays:ignoredrelay.relays:ignored) B --> C[Desktopip:192.168.0.3relay.am_relay:falserelay.use_relays:truerelay.relays:192.168.0.1]...

Thanks for the configs @chrisx8 ! You reported that if only one host has relays enabled, it becomes unreachable. Are you still seeing that behavior? If so, please provide the...

Nebula 1.6.0 is released with a Relay feature, to cover connectivity cases like the one you're encountering. https://github.com/slackhq/nebula/pull/678 If you don't want to keep manually forwarding ports through each device,...

Nebula 1.6.0 is released with a Relay feature, to cover cases like a Symmetric NAT. https://github.com/slackhq/nebula/pull/678 Check out the example config to see how to configure a Nebula node to...