netbird icon indicating copy to clipboard operation
netbird copied to clipboard
verified publisher icon netbirdio

DNS Network Routes break masquerading

Open ndziuba opened this issue 1 year ago • 1 comments

When creating a DNS Network Route masquerading is set by default. This results in the following rule for routing nodes when running: iptables -t nat -S -A NETBIRD-RT-NAT -j MASQUERADE -A NETBIRD-RT-NAT -j MASQUERADE

Because of that every traffic trough a routing node that has this route gets masqueraded as no -s or -d flags are set. Even when masquerading is deactivated for another route.

Deactivating masq for the DNS route fixes this behaviour. But that means they cant be used with masquerading on a node that has non-masqueraded routes.

NetBird version

0.28.6

ndziuba avatar Jul 30 '24 12:07 ndziuba

Maybe related to #2489

soymgomez avatar Aug 28 '24 13:08 soymgomez

Hello @ndziuba,

We're currently reviewing our open issues and would like to verify if this problem still exists in the latest NetBird version.

Could you please confirm if the issue is still there?

We may close this issue temporarily if we don't hear back from you within 2 weeks, but feel free to reopen it with updated information.

Thanks for your contribution to improving the project!

nazarewk avatar Apr 28 '25 15:04 nazarewk

closing issue due to no recent feedback. Feel free to open a new one if the issue persist or reopen if this was a feature request.

mlsmaycon avatar Jun 01 '25 20:06 mlsmaycon