-
Notifications
You must be signed in to change notification settings - Fork 74
Description
Scenario
Imagine that you have a two Peers (A and B). Peer A advertise 8.8.8.8/32 to Peer B through Netbird's network.
If we have hosts in Peer B's subnet that may want to talk to 8.8.8.8/32 through Peer A but they simple cant/dont want to install Netbird Client. We can forward traffic to Peer B instead.
I have managed to get this working by following these steps:
In peer B:
- run
echo 1 > /proc/sys/net/ipv4/ip_forward
or addingnet.ipv4.ip_forward=1
to /etc/sysctl.conf. - run
iptables -t nat -A POSTROUTING -o netbird_interface -j MASQUERADE
Take note that netbird_interface is the interface from wireguard. Run
route -n
just to be sure.
In hosts that are in the same local subnet of Peer B:
- run
route add 8.8.8.8 mask 255.255.255.255 ip_of_peer_B
In my case, it was easier to push that route (static route) in my router (UDM PRO from ubiquiti). By doing this all local clients (that dont have netbird) in my home network can now access 8.8.8.8 through Peer B -> Peer A (Netbird route).