search

netbirdio / netbird

Connect your devices into a secure WireGuard®-based overlay network with SSO, MFA and granular access controls.
https://netbird.io
BSD 3-Clause "New" or "Revised" License
11.19k stars 515 forks source link

My client can't connect to peers #2674

Open cleveHEX opened 1 month ago

cleveHEX commented 1 month ago

Describe the problem

My client does not want to connect to the peers

To Reproduce

Steps to reproduce the behavior:

  1. Connect netbird

Expected behavior

Peers will connect

Are you using NetBird Cloud?

Self-hosted

NetBird version

0.29.4

NetBird status -dA output:

PS C:\Users\cleve> netbird status -dA
Peers detail:
 unipi-master.anon-9tQ9E.domain:
  NetBird IP: 10.220.0.1
  Public key: yWNLQJao71YDGBGZ98+23ALWoUjitpsX/tDqJkb4LkM=
  Status: Disconnected
  -- detail --
  Connection type:
  ICE candidate (Local/Remote): -/-
  ICE candidate endpoints (Local/Remote): -/-
  Relay server address:
  Last connection update: -
  Last WireGuard handshake: -
  Transfer status (received/sent) 0 B/0 B
  Quantum resistance: false
  Routes: -
  Latency: 0s

 unipi-tester.anon-9tQ9E.domain:
  NetBird IP: 10.220.0.22
  Public key: Do+8cpueC+IFIQa28We9vy0JRa+Pp2kUi21eko7ehFg=
  Status: Disconnected
  -- detail --
  Connection type:
  ICE candidate (Local/Remote): -/-
  ICE candidate endpoints (Local/Remote): -/-
  Relay server address:
  Last connection update: -
  Last WireGuard handshake: -
  Transfer status (received/sent) 0 B/0 B
  Quantum resistance: false
  Routes: -
  Latency: 0s

 unipi-pikr.anon-9tQ9E.domain:
  NetBird IP: 10.220.0.23
  Public key: c/n2JymNw4BaYLxBhstERXiH7+MtezCYX2h8njgC/Hs=
  Status: Disconnected
  -- detail --
  Connection type:
  ICE candidate (Local/Remote): -/-
  ICE candidate endpoints (Local/Remote): -/-
  Relay server address:
  Last connection update: -
  Last WireGuard handshake: -
  Transfer status (received/sent) 0 B/0 B
  Quantum resistance: false
  Routes: -
  Latency: 0s

 unipi-backup.anon-9tQ9E.domain:
  NetBird IP: 10.220.0.24
  Public key: IiWIzqCyF+xL4e815WP3uz/E+LXWBv6EOM0zMyBNxnM=
  Status: Disconnected
  -- detail --
  Connection type:
  ICE candidate (Local/Remote): -/-
  ICE candidate endpoints (Local/Remote): -/-
  Relay server address:
  Last connection update: -
  Last WireGuard handshake: -
  Transfer status (received/sent) 0 B/0 B
  Quantum resistance: false
  Routes: -
  Latency: 0s

 unipi-eshop.anon-9tQ9E.domain:
  NetBird IP: 10.220.0.50
  Public key: r/a/HtqmXyyiwRg53wV/og/r0utAxis/5sOGt4vTQ1s=
  Status: Disconnected
  -- detail --
  Connection type:
  ICE candidate (Local/Remote): -/-
  ICE candidate endpoints (Local/Remote): -/-
  Relay server address:
  Last connection update: -
  Last WireGuard handshake: -
  Transfer status (received/sent) 0 B/0 B
  Quantum resistance: false
  Routes: -
  Latency: 0s

 unipi-stock.anon-9tQ9E.domain:
  NetBird IP: 10.220.0.51
  Public key: xueXfE/kcoSuaXddkH5apRUa6JsGSmduC+1XN/NppS8=
  Status: Disconnected
  -- detail --
  Connection type:
  ICE candidate (Local/Remote): -/-
  ICE candidate endpoints (Local/Remote): -/-
  Relay server address:
  Last connection update: -
  Last WireGuard handshake: -
  Transfer status (received/sent) 0 B/0 B
  Quantum resistance: false
  Routes: -
  Latency: 0s

 unipi-gitlab.anon-9tQ9E.domain:
  NetBird IP: 10.220.0.52
  Public key: qANe7lR8BUaq1wXWsaTBO/Kw5Z8DDSXXyzSzMNZD5UE=
  Status: Disconnected
  -- detail --
  Connection type:
  ICE candidate (Local/Remote): -/-
  ICE candidate endpoints (Local/Remote): -/-
  Relay server address:
  Last connection update: -
  Last WireGuard handshake: -
  Transfer status (received/sent) 0 B/0 B
  Quantum resistance: false
  Routes: -
  Latency: 0s

 unipi-01.anon-9tQ9E.domain:
  NetBird IP: 10.220.0.59
  Public key: z+KbBxrUiL8FTa777IX78Og6HMOjlkU7OoCKZBNygk0=
  Status: Disconnected
  -- detail --
  Connection type:
  ICE candidate (Local/Remote): -/-
  ICE candidate endpoints (Local/Remote): -/-
  Relay server address:
  Last connection update: -
  Last WireGuard handshake: -
  Transfer status (received/sent) 0 B/0 B
  Quantum resistance: false
  Routes: -
  Latency: 0s

 unipi-harbor.anon-9tQ9E.domain:
  NetBird IP: 10.220.0.64
  Public key: rhgvKUa5Y+B1I4+GdiC+SBXBLA926TyLU0i73I5Dbls=
  Status: Disconnected
  -- detail --
  Connection type:
  ICE candidate (Local/Remote): -/-
  ICE candidate endpoints (Local/Remote): -/-
  Relay server address:
  Last connection update: -
  Last WireGuard handshake: -
  Transfer status (received/sent) 0 B/0 B
  Quantum resistance: false
  Routes: -
  Latency: 0s

 lesna.anon-9tQ9E.domain:
  NetBird IP: 10.220.162.48
  Public key: 4gXuGoXdKp11TWd2s6T3+EFeDWDzJ0GWD0V04rLvTFg=
  Status: Disconnected
  -- detail --
  Connection type:
  ICE candidate (Local/Remote): -/-
  ICE candidate endpoints (Local/Remote): -/-
  Relay server address:
  Last connection update: -
  Last WireGuard handshake: -
  Transfer status (received/sent) 0 B/0 B
  Quantum resistance: false
  Routes: -
  Latency: 0s

OS: windows/amd64
Daemon version: 0.29.4
CLI version: 0.29.4
Management: Connected to https://netbird.anon-s9gyV.domain:443
Signal: Connected to https://netbird.anon-s9gyV.domain:443
Relays:
  [stun:netbird.anon-s9gyV.domain:3478] is Available
  [turn:netbird.anon-s9gyV.domain:3478?transport=udp] is Available
Nameservers:
  [10.220.0.53:53] for [anon-s9gyV.domain] is Unavailable, reason: 1 error occurred:
        * read udp 10.220.49.85:50655->10.220.0.53:53: i/o timeout
  [8.8.8.8:53, 8.8.4.4:53] for [.] is Available
FQDN: zam-cerny.anon-9tQ9E.domain
NetBird IP: 10.220.49.85/16
Interface type: Userspace
Quantum resistance: false
Routes: -
Peers count: 0/10 Connected

Do you face any (non-mobile) client issues?

anon.txt

Screenshots

-

Additional context

-

cleveHEX commented 1 month ago

Issue can be resolved by disconnecting the client, removing groups from the client, reconnect it, disconnect again, readding the groups and connecting again. Any ideas how to prevent this from happening?

tomashora commented 1 month ago

This is happennig regullary for multiple users also using linux clients. It can be fixed just by adding or removing one group to the user and immediately after that the client refreshes (probably routes) and can reach the netbird ip universe.

tomashora commented 1 month ago

Just noticed that we are getting some errors in the server logs image

tkolaski commented 1 month ago

same problem ;(

tomashora commented 1 month ago

After updating server to 0.30 (without deploying the new relay service) and client to 0.30 as well, the behavior is still the same including the hotfix (changing group assignment).

cleveHEX commented 1 month ago

Netbird log.zip

mgarces commented 5 days ago

does this issue remains after 0.31.1 ?

cleveHEX commented 5 days ago

We weren't able to reproduce it on this version, I will eventually add an update to this thread.