netbird icon indicating copy to clipboard operation
netbird copied to clipboard
verified publisher icon netbirdio

Site to Site routing

Open andyle2k opened this issue 1 year ago • 3 comments

Can NetBird be used in the scenario below?

Install a NB Linux peer that provides routing at Site A. Do the same at Site B. Nodes on both sites can reach each other without the need to install NB clients on individual nodes?

Unidirectional is fine as well as mostly I just need to remote into work and not the other way around. I have multiple devices at home that need to access work so installing NB on all of them is not feasible. I just don't know how I could instruct my home devices to go through the NB router if IP is 172.28.40.0/22. I'm sure there's a way for pfSense to do this.

image

Currently using Tailscale + pfSense to achieve this but wanting to switch to NB. Tailscale when using their self hosted relay solution seems limited to 50Mbps whereas NB is 100Mbps.

Thank you.

andyle2k avatar Aug 17 '24 22:08 andyle2k

please refer https://docs.netbird.io/how-to/routing-traffic-to-private-networks

lazyfatcat avatar Aug 20 '24 06:08 lazyfatcat

Already possible. You can do it by installing netbird on, say, a router or a Linux device attached to the network, and then configure a network route for it on the dashboard. Do note to also make sure your firewall settings are properly configured to allow for this.

bomkz avatar Aug 23 '24 03:08 bomkz

Thanks but how does another device at site A know to route through the NB device at site A to NB device at site B then to a final destination at site B?

E.g. if site A device (no NB 192.168.1.10) wants to ping site B device (no NB 172.28.40.10) it has to go through site A's NB device (192.168.1.2) to site B's NB device (172.28.40.2) to finally reach 172.28.40.10.

Any idea how that can be achieved? Essentially I want to install NB on one device at each site and have every other device communicate to each other without the need to install NB.

Thanks.

andyle2k avatar Aug 27 '24 11:08 andyle2k

Achieved this via iptables NAT on the Netbird client machine then setting static routing on non-Netbird clients to route the subnets via the Netbird client.

Annoying to do this individually and obviously will not work for devices like IoT.

Would be nice if there was a freebsd version or service for pfsense/opnsense so this can be done on the router level.

Anyway, thanks all.

andyle2k avatar Aug 30 '24 12:08 andyle2k

I’ve successfully set up SSO for users to connect to my VPN client (Netbird). However, I need to configure Netbird to forward traffic to a different VPN (not Netbird). Essentially, I want to set up a site-to-site connection. I can’t find any documentation on how to do this. How can I achieve it ?

1423TheMemeLorder avatar Mar 05 '25 15:03 1423TheMemeLorder

@andyle2k can you discribe how you manage iptables NAT rules?

NAGL95 avatar Jul 29 '25 12:07 NAGL95