Enrolling a Lighthouse
In a Managed Nebula network, hosts discover each other via lighthouses. To create a lighthouse, you will need a lightweight server on a persistent public IPv4 address. Additionally, you'll want to use a machine that is always-on rather than a serverless platform, since the lighthouse is a stateful process.
To start enrolling a lighthouse, visit the lighthouses page of the admin panel and click the "add" button.
Give the lighthouse a name and enter the machine's public IPv4 address and the port you opened to allow UDP inputs (default
4242). Choose the pre-created “Lighthouse” role, which only accepts
ping requests from other hosts. You'll be able to edit the Lighthouse role's firewall rules later if desired.
You’ll need to open the machine's firewall for UDP port
4242 (or some other configured port) in order for any host to be able to query the lighthouse, on both IPv4 and IPv6 ports to allow hosts on all types of networks to communicate.
Now that you have created your lighthouse, follow the instructions in the admin panel to install
dnclient, start it as a startup service, and enroll the machine into the Managed Nebula network.
Once you’ve enrolled a lighthouse, you can start setting up other hosts and using
ping with their Managed Nebula IP addresses to verify that they are able to communicate with each other via the lighthouse over your Managed Nebula network.