Year of the IPv6 Overlay Network
a day ago
- #IPv6
- #Overlay Network
- #Security
- Nebula 1.10 introduces IPv6 support in overlay networks, enabling future-proofing and seamless connectivity.
- A new v2 certificate format using ASN.1 replaces Protobufs, supporting IPv6 and multiple IPs per host.
- Multiple Nebula IPs per host can now be assigned, including both IPv4 and IPv6 addresses.
- IPv6 adoption eliminates addressing conflicts and prepares networks for IPv6 dominance.
- Upgrade process involves upgrading to v1.10, creating a v2 CA, and minting v2 certs with IPv4/IPv6 addresses.
- Firewall behavior changes: default_local_cidr_any now defaults to false for improved security.
- PKCS#11 support for P256 keys enables enterprise HSM and smart card integration.
- ECMP support for unsafe_routes provides load balancing and redundancy with multiple gateways.
- SO_MARK socket option support on Linux allows advanced routing via firewall marks.
- Enhanced library integration offers configurable logging and versioning for embedded use.