Code Monkey home page Code Monkey logo

Comments (3)

pascal-fischer avatar pascal-fischer commented on August 17, 2024

HI @Berndinox, do you have a chance to test this from any other external network that is not mobile? We had a case where the iOS app did not work with a certain mobile carrier. This way we know if the mobile network is the issue or something in your setup.

from netbird.

Berndinox avatar Berndinox commented on August 17, 2024

UPDATE: The Raspi is in my DMZ where i just allow 80/443 outbound via Forward-Proxy.
What outgoing Ports do Clients need? I just find a list for the MGMT Parts: https://docs.netbird.io/about-netbird/faq

@pascal-fischer - thanks for your replay.
I was able to test with different devices and was able to isolate the issue.

Devices: iPhone1, iPhone2, Windows Client, Raspberry Pi

I cann connect every devices with each other via Mobile or Wifi connection but never with the Raspberry Pi.
So the issue seems to be on this specific device.

The stats on the afected raspi:

OS: linux/arm64
Daemon version: 0.27.7
CLI version: 0.27.7
Management: Connected
Signal: Connected
Relays: 0/2 Available
Nameservers: 0/0 Available
FQDN: home-raspbi.netbird.selfhosted
NetBird IP: 100.119.191.160/16
Interface type: Kernel
Quantum resistance: false
Routes: -
Peers count: 0/3 Connected

The Netbird shows the devices as connected.

Details on Raspi Agent:

Peers detail:
 iphone-bernd-comp.netbird.selfhosted:
  NetBird IP: 100.119.12.202
  Public key: xxxx
  Status: Disconnected
  -- detail --
  Connection type:
  Direct: false
  ICE candidate (Local/Remote): -/-
  ICE candidate endpoints (Local/Remote): -/-
  Last connection update: 9 seconds ago
  Last WireGuard handshake: -
  Transfer status (received/sent) 0 B/0 B
  Quantum resistance: false
  Routes: -
  Latency: 0s

 iphone-bernd-priv.netbird.selfhosted:
  NetBird IP: 100.119.87.208
  Public key: xxxxxx
  Status: Disconnected
  -- detail --
  Connection type:
  Direct: false
  ICE candidate (Local/Remote): -/-
  ICE candidate endpoints (Local/Remote): -/-
  Last connection update: 24 seconds ago
  Last WireGuard handshake: -
  Transfer status (received/sent) 0 B/0 B
  Quantum resistance: false
  Routes: -
  Latency: 0s

 thinkpad.netbird.selfhosted:
  NetBird IP: 100.119.142.139
  Public key: xxxxx
  Status: Connecting
  -- detail --
  Connection type:
  Direct: false
  ICE candidate (Local/Remote): -/-
  ICE candidate endpoints (Local/Remote): -/-
  Last connection update: 4 seconds ago
  Last WireGuard handshake: -
  Transfer status (received/sent) 0 B/0 B
  Quantum resistance: false
  Routes: -
  Latency: 0s

OS: linux/arm64
Daemon version: 0.27.7
CLI version: 0.27.7
Management: Connected to https://connect.xxx.onl:443
Signal: Connected to https://connect.xxx.onl:443
Relays:
  [stun:connect.xxx.onl:3478] is Unavailable, reason: stun request: context deadline exceeded
  [turn:connect.xxx.onl:3478?transport=udp] is Unavailable, reason: allocate: all retransmissions failed for ID-replaced
Nameservers:
FQDN: home-raspbi.netbird.selfhosted
NetBird IP: 100.119.191.160/16
Interface type: Kernel
Quantum resistance: false
Routes: -
Peers count: 0/3 Connected

However, TURN config seems to be fine (see above msg)

Logs look normal (DNS not configured yet, but should not be required for TURN)

2024-05-21T19:49:20+02:00 INFO management/client/grpc.go:147: connected to the Management Service stream
2024-05-21T19:49:20+02:00 WARN client/internal/engine.go:551: running SSH server is not permitted
2024-05-21T19:49:20+02:00 ERRO client/internal/dns/server.go:322: unable to configure DNS for this peer using resolvconf manager without a nameserver group with all domains configured
2024-05-21T19:49:20+02:00 INFO client/internal/acl/manager.go:52: ACL rules processed in: 2.420723ms, total rules count: 0
2024-05-21T19:50:33+02:00 WARN client/internal/engine.go:551: running SSH server is not permitted
2024-05-21T19:50:33+02:00 INFO client/internal/acl/manager.go:52: ACL rules processed in: 1.976112ms, total rules count: 0
2024-05-21T19:51:06+02:00 WARN client/internal/engine.go:551: running SSH server is not permitted
2024-05-21T19:51:06+02:00 ERRO client/internal/dns/server.go:322: unable to configure DNS for this peer using resolvconf ma


from netbird.

Berndinox avatar Berndinox commented on August 17, 2024

@pascal-fischer - Solved, sorry for the inconvenience...
For reference, if someone comes arround.
Outbound: UDP and TCP ports 3478, and UDP/TCP ports 49152-65535.

from netbird.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.