search

netbirdio / netbird

Connect your devices into a secure WireGuard®-based overlay network with SSO, MFA and granular access controls.
https://netbird.io
BSD 3-Clause "New" or "Revised" License
10.65k stars 476 forks source link

Issues with Netbird client on Windows #1991

Open vincent-lg18 opened 4 months ago

vincent-lg18 commented 4 months ago

Describe the problem

I want to access my services through Netbird (I'm using Windows 11). In order to do this, I created a route to my pfSense's DNS server to be able to resolve my services domain name (gitlab.mycompany.net for example).

Sometimes, my nameserver isn't available at all : 

Nameservers:
  [10.220.220.1:53] for [gitlab.mycompany.net, ...] is Unavailable, reason: 1 error occurred:
        * read udp 172.20.10.7:57553->10.220.220.1:53: i/o timeout

Sometimes, after restarting my Netbird's client (netbird down, netbird up), my nameserver is marked as available:

Nameservers:
  [10.220.220.1:53] for [gitlab.mycompany.net, ...] is Available

BUT, my gitlab web ui is taking a while to load, and my ping to the gitlab server are very strange:

➜  ~ ping gitlab.mycompany.net
PING gitlab.mycompany.net (10.230.230.10) 56(84) bytes of data.
64 bytes from 10.230.230.10 (10.230.230.10): icmp_seq=8 ttl=62 time=95.5 ms
64 bytes from 10.230.230.10 (10.230.230.10): icmp_seq=9 ttl=62 time=83.6 ms
64 bytes from 10.230.230.10 (10.230.230.10): icmp_seq=16 ttl=62 time=50.8 ms
64 bytes from 10.230.230.10 (10.230.230.10): icmp_seq=17 ttl=62 time=60.7 ms
64 bytes from 10.230.230.10 (10.230.230.10): icmp_seq=18 ttl=62 time=67.4 ms
^C
--- gitlab.mycompany.net ping statistics ---
22 packets transmitted, 5 received, 77.2727% packet loss, time 22213ms

However, if I ping it using Netbird's domain name, it works perfectly.

➜  ~ ping faucon.mycompany.vpn
PING gitlab.mycompany.vpn (100.73.149.194) 56(84) bytes of data.
64 bytes from 100.73.149.194 (100.73.149.194): icmp_seq=1 ttl=63 time=65.0 ms
64 bytes from 100.73.149.194 (100.73.149.194): icmp_seq=2 ttl=63 time=137 ms
64 bytes from 100.73.149.194 (100.73.149.194): icmp_seq=3 ttl=63 time=63.0 ms
64 bytes from 100.73.149.194 (100.73.149.194): icmp_seq=4 ttl=63 time=163 ms
^C64 bytes from 100.73.149.194: icmp_seq=5 ttl=63 time=60.5 ms

--- gitlab.mycompany.vpn ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4609ms

Note that in my client.log, the route is switching from one to another endlessly, maybe this is why it's working sometimes.

2024-05-15T12:18:52+02:00 INFO client/internal/peer/conn.go:388: connected to peer IBP0umyGvrcmp48XUe4a18wkLnkVBzGo5IUtrDv5XBg=, endpoint address: 10.220.220.203:51820
2024-05-15T12:18:52+02:00 INFO client/internal/routemanager/client.go:165: new chosen route is cocfipmijnec73et6b2g:cocfdamijnec73et6av0 with peer IBP0umyGvrcmp48XUe4a18wkLnkVBzGo5IUtrDv5XBg= with score 2.860692 for network 10.230.230.0/24
2024-05-15T12:18:52+02:00 INFO client/internal/routemanager/client.go:165: new chosen route is cocfe8uijnec73et6avg:cocfdamijnec73et6av0 with peer IBP0umyGvrcmp48XUe4a18wkLnkVBzGo5IUtrDv5XBg= with score 2.860692 for network 10.220.220.0/24
2024-05-15T12:18:52+02:00 INFO client/internal/routemanager/client.go:165: new chosen route is cp284muijnec73b1n4ig:cocfdamijnec73et6av0 with peer IBP0umyGvrcmp48XUe4a18wkLnkVBzGo5IUtrDv5XBg= with score 2.860692 for network 10.220.220.1/32
2024-05-15T12:18:58+02:00 INFO client/internal/routemanager/client.go:165: new chosen route is cocfe8uijnec73et6avg:cocj5q6ijnec73et6b30 with peer hSrRxPSUMOJK37zj2k8OkPtiYlGw7V6rqxlB3Hgngms= with score 0.927682 for network 10.220.220.0/24
2024-05-15T12:18:58+02:00 INFO client/internal/routemanager/client.go:165: new chosen route is cocfipmijnec73et6b2g:cocj5q6ijnec73et6b30 with peer hSrRxPSUMOJK37zj2k8OkPtiYlGw7V6rqxlB3Hgngms= with score 0.927682 for network 10.230.230.0/24
2024-05-15T12:18:58+02:00 INFO client/internal/routemanager/client.go:165: new chosen route is cp284muijnec73b1n4ig:cocj5q6ijnec73et6b30 with peer hSrRxPSUMOJK37zj2k8OkPtiYlGw7V6rqxlB3Hgngms= with score 0.927682 for network 10.220.220.1/32
2024-05-15T12:19:00+02:00 INFO client/internal/peer/conn.go:388: connected to peer IBP0umyGvrcmp48XUe4a18wkLnkVBzGo5IUtrDv5XBg=, endpoint address: 10.220.220.203:51820
2024-05-15T12:19:00+02:00 INFO client/internal/routemanager/client.go:165: new chosen route is cocfipmijnec73et6b2g:cocfdamijnec73et6av0 with peer IBP0umyGvrcmp48XUe4a18wkLnkVBzGo5IUtrDv5XBg= with score 2.860692 for network 10.230.230.0/24
2024-05-15T12:19:00+02:00 INFO client/internal/routemanager/client.go:165: new chosen route is cp284muijnec73b1n4ig:cocfdamijnec73et6av0 with peer IBP0umyGvrcmp48XUe4a18wkLnkVBzGo5IUtrDv5XBg= with score 2.860692 for network 10.220.220.1/32

Expected behavior

I want to access my gitlab server through gitlab.mycompany.net

Are you using NetBird Cloud?

I'm using a self-hosted NetBird instance.

NetBird version

Both client and server version are 0.27.7

Additional context

It's perfectly working on Linux clients.

MonadMaverick commented 1 week ago

temporary workaround that works for me: in windows: netbird service restart in netbird admin panel: DNS -> Nameservers -> toggle off and on