netbird icon indicating copy to clipboard operation
netbird copied to clipboard

Published 20 hours ago verified publisher icon netbirdio

Can local Mesh VPN Node subnet's be included in advertisements to other Mesh VPN Nodes?

Open bmullan opened this issue 2 years ago • 3 comments

Some of the other Mesh VPN tools I've used (VPNCloud & Nebula for 2 examples) support the ability for the Config for a Node in the Mesh to specify local Subnets to include in Peer advertisements.

With Containers (Docker, LXD etc) this is very useful in that the Mesh VPN has its Endpoint on the Host but each Container(s) on that Host (which are on their own 10.x.x.x non-routable subnet) can be reachable over the Mesh VPN also.

I hope I'm explaining the above functionality well enough.

Does Netbird support something like this?

thanks for any info

Brian

bmullan avatar Jul 23 '22 14:07 bmullan

@bmullan Hey Brian. Thank you for trying out NetBird :) I think that what you are talking about is a "router node" feature that @mlsmaycon started working on already. Not yet supported, but coming very soon. @mlsmaycon any other thoughts?

braginini avatar Jul 23 '22 21:07 braginini

The term "Router Node" makes me think we are both talking about the same capability!

Thanks.

Brian

On Sat, Jul 23, 2022, 5:18 PM Misha Bragin @.***> wrote:

@bmullan https://github.com/bmullan Hey Brian. Thank you for trying out NetBird :) I think that what you are talking about is a "router node" feature that @mlsmaycon https://github.com/mlsmaycon started working on already. Not yet supported. @mlsmaycon https://github.com/mlsmaycon other thoughts?

— Reply to this email directly, view it on GitHub https://github.com/netbirdio/netbird/issues/395#issuecomment-1193189841, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAM23J4U4ZSYIG24POZLME3VVRORXANCNFSM54OBWIYA . You are receiving this because you were mentioned.Message ID: @.***>

bmullan avatar Jul 23 '22 22:07 bmullan

We will let you know @bmullan once delivered!

braginini avatar Jul 25 '22 17:07 braginini

@mlsmaycon @braginini

I was following the work you were doing in this "router node" feature that might enable advertisement of Container ... LXD (or Docker) subnets across the Mesh.

It seemed like you were completing work on it so I was wondering if its been released and if there was documentation about how to utilize it yet?

Thanks Brian

bmullan avatar Sep 28 '22 22:09 bmullan

Hello @bmullan we've completed the first step for the feature, it includes:

  • Route private networks via one or multiple peers
  • Masquerade traffic from NetBird network to those networks

With these features, you are able to route traffic with linux peers, including containers (requires --privileged flag to enable ip forwarding)

The documentation is: https://netbird.io/docs/how-to-guides/network-routes

We are now working on DNS and after that will return to this feature to add:

  • Routing group tags, to distribute routes only to a set of peers
  • Internet gateway like routing. Basically routing all traffic of peer via another peer (0.0.0.0/0)

mlsmaycon avatar Sep 29 '22 06:09 mlsmaycon