Nebula Overlay Networks

Your network, everywhere

Extend network access with on-demand, encrypted tunnels between any hosts on any network

Get started

Proven technology, deployed at scale

Nebula open source software powers production networks accessed by millions of users

Trusted and stable

Innovative companies with high expectations of availability and reliability run their networks with Nebula. Slack open sourced the project after years of R&D and deploying it at scale.

Runs everywhere

Nebula is a lightweight service that’s easy to distribute and configure on modern operating systems. It runs on a wide variety of hardware including x86, arm, mips, and ppc.

Mesh VPN architecture

Traditional VPNs come with availability and performance bottlenecks. Nebula is decentralized: Encrypted tunnels are created per-host and on-demand as needed.

Secure by design

Created by security engineers, Nebula leverages trusted crypto libraries (Noise), includes a built-in firewall with granular security groups, and uses the best parts of PKI to authenticate hosts.

It’s fast

From initial handshake to heavy usage, Nebula was designed to be as efficient as possible without compromising security or reliability.

  • Finds the fastest route between hosts automatically
  • Takes advantage of AES-NI on supported CPUs
  • Small runtime = Snappy daemon start-up time
  • Runs near network line speed on most x86 Linux hosts
  • Can easily run thousands of tunnels on a single host

It’s secure

Overlay networks are only as convenient as they are trustworthy. Nebula was designed to be secure from the ground up.

  • Core crypto provided by the Noise Protocol Framework
  • Includes firewall with granular port/protocol filters
  • Firewall can filter by hosts and security groups
  • Host identity verified by digital certificate
  • Nebula includes a CA to sign host certs (with groups!)
  • Architecture and source code is audited by third-party

Useful resources

Defined powers production networks accessed by millions of users.

blog

Blocking a Host from a Nebula Network

Read more

blog

Announcing Relays for DN: Connectivity in challenging situations

Read more

docs

Automating Host Creation with the API

Read more

Your network everywhere

Extend network access with on-demand, encrypted tunnels between any hosts on any network.

Get started