50 lines
1.8 KiB
Markdown
50 lines
1.8 KiB
Markdown
# Contributing a Public Address
|
|
|
|
Isle provides a VPN component which allows hosts in the network to connect to
|
|
each other directly and securely. This VPN forms the base layer on which all
|
|
other Isle functionality is based.
|
|
|
|
Every Isle network requires at least one host which provides a publicly
|
|
accessible address. These publicly accessible hosts do _not_ route traffic
|
|
between hosts on the Isle network. Rather, they coordinate hosts to talk
|
|
directly to each other, and handle the details of punching through any NATs that
|
|
hosts might be behind. As such providing a public address is very lightweight
|
|
and requires no storage.
|
|
|
|
If your host machine has a public static IP, or a dynamic public IP with
|
|
[dDNS][ddns] set up, then it can contribute a public address.
|
|
|
|
[nebula]: https://github.com/slackhq/nebula
|
|
[ddns]: https://www.cloudflare.com/learning/dns/glossary/dynamic-dns/
|
|
|
|
## Setup networking
|
|
|
|
The first step is to pick a UDP port you will expose. It doesn't really matter
|
|
which port you pick, but a number over 1024 is recommended.
|
|
|
|
If your host is behind a NAT, ensure that the gateway is setup to forward UDP
|
|
traffic on that port to your host.
|
|
|
|
Configure your host's firewall to allow all UDP traffic on that port.
|
|
|
|
## Configure Isle
|
|
|
|
See the [Configuring Networks](./configuring-networks.md) document for notes on
|
|
how to configure Isle networks. This guide assumes configuration using the CLI.
|
|
|
|
The `isle vpn public-address` sub-commands can be used to inspect and manage
|
|
the public address provided by the host.
|
|
|
|
```bash
|
|
# isle vpn public-address get
|
|
No public address configured
|
|
|
|
# isle vpn public-address set --to some-host.mydomain.com:5678
|
|
|
|
# isle vpn public-address get
|
|
some-host.mydomain.com:5678
|
|
```
|
|
|
|
Once set the public address will be automatically used by other hosts on the
|
|
network.
|