Getting Started
This guide will walk you through setting up a basic Nylon network with two nodes.
graph LR
node1(node-1<br/>10.0.0.1) <--> node2(node-2<br/>10.0.0.2)
Prerequisites
Section titled “Prerequisites”- Two machines (Linux or macOS) with UDP port
57175open. - The
nylonbinary installed on both machines.
1. Generate Keypairs
Section titled “1. Generate Keypairs”On each node, generate a WireGuard keypair:
nylon key- Stdout: Your private key (keep this safe).
- Stderr: Your public key (you’ll need this for the central config).
2. Create Node Configuration
Section titled “2. Create Node Configuration”On each node, create a node.yaml file. Replace <YOUR_PRIVATE_KEY> with the private key generated in step 1.
id: node-1 # Give each node a unique ID (e.g., node-1, node-2)key: <YOUR_PRIVATE_KEY>port: 571753. Create Central Configuration
Section titled “3. Create Central Configuration”The central.yaml file defines the topology of your network. Create one file and share it across all nodes.
routers: - id: node-1 pubkey: <NODE_1_PUBLIC_KEY> endpoints: - "node1.example.com:57175" addresses: - 10.0.0.1 - id: node-2 pubkey: <NODE_2_PUBLIC_KEY> endpoints: - "node2.example.com:57175" addresses: - 10.0.0.2
# Define the connections between nodesgraph: - "node-1, node-2"4. Launch Nylon
Section titled “4. Launch Nylon”Run Nylon on both machines:
sudo nylon run -c central.yaml -n node.yamlAfter a few seconds, the nodes will discover each other and establish a secure tunnel. You should be able to ping 10.0.0.2 from node-1.
Next Steps
Section titled “Next Steps”- Explore Advanced Configuration to learn about prefixes and split tunneling.
- Learn how to connect Passive Clients (standard WireGuard apps).