Beacons

Beacons are a type of agent that provides routing information for the overlay network when using Enclave networking. Beacons require a static IP address and are designed to run with low resources. They are necessary for host discovery and translating VPN address space to physical addresses. At least one beacon is required for Enclave networking to function properly.

How they work

All agents connect up to a beacon and send relevant routing information to it (e.g. local subnets, IP addresses, etc.). The beacon this information, along with the agents public IP address to create a routing table. When an agent wants to communicate with another agent, it gets the routing information from the beacon. The agent then attempts to connect to the other agent directly using the routing information provided by the beacon. If the agent is unable to connect directly, the beacon will then facilitate a hole punching process with the two agents to establish a direct connection. This allows agents to communicate with each other even if they are behind NATs or firewalls.

Relays

Beacons also support running as a relay. A relay beacon can also act as a relay for traffic between two agents. This is useful for routing traffic between agents that are not able to communicate directly with each other due to network restrictions or other reasons.

High availability/Redundancy

To ensure high availability and redundancy, it is recommended to deploy multiple beacons in your network. This way, if one beacon goes down, the other beacons can still provide routing information for the overlay network. In general a beacon can handle tens of thousands of agents. Multiple beacons are not necessary for a small deployment, but are recommended for larger deployments or for high availability.

SideChannel managed beacons

We provide managed beacon services for customers who do not want to manage their own beacons. These beacons are hosted in our cloud and provide the same functionality as self-hosted beacons. They are designed to be easy to set up and use, and can be used in conjunction with self-hosted beacons for high availability and redundancy. Shared or dedicated clusters are available depending on your needs. If you are interested in using our managed beacon service, please contact us at info@sidechannel.com for more information.