Imagine that you have a two Peers (A and B). Peer A advertise 8.8.8.8/32 to Peer B through Netbird's network.
If we have hosts in Peer B's subnet that may want to talk to 8.8.8.8/32 through Peer A but they simple cant/dont want to install Netbird Client. We can forward traffic to Peer B instead.
I have managed to get this working by following these steps:
In peer B:
run echo 1 > /proc/sys/net/ipv4/ip_forward or adding net.ipv4.ip_forward=1 to /etc/sysctl.conf.
run iptables -t nat -A POSTROUTING -o netbird_interface -j MASQUERADE
Take note that netbird_interface is the interface from wireguard. Run route -n just to be sure.
In hosts that are in the same local subnet of Peer B:
run route add 8.8.8.8 mask 255.255.255.255 ip_of_peer_B
In my case, it was easier to push that route (static route) in my router (UDM PRO from ubiquiti). By doing this all local clients (that dont have netbird) in my home network can now access 8.8.8.8 through Peer B -> Peer A (Netbird route).
Scenario
Imagine that you have a two Peers (A and B). Peer A advertise 8.8.8.8/32 to Peer B through Netbird's network.
If we have hosts in Peer B's subnet that may want to talk to 8.8.8.8/32 through Peer A but they simple cant/dont want to install Netbird Client. We can forward traffic to Peer B instead.
I have managed to get this working by following these steps:
In peer B:
echo 1 > /proc/sys/net/ipv4/ip_forwardor addingnet.ipv4.ip_forward=1to /etc/sysctl.conf.iptables -t nat -A POSTROUTING -o netbird_interface -j MASQUERADEIn hosts that are in the same local subnet of Peer B:
route add 8.8.8.8 mask 255.255.255.255 ip_of_peer_BIn my case, it was easier to push that route (static route) in my router (UDM PRO from ubiquiti). By doing this all local clients (that dont have netbird) in my home network can now access 8.8.8.8 through Peer B -> Peer A (Netbird route).