Skip to content

Selfhosted - Not able to resolve NETBIRD_DOMAIN after netbird connects #3933

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
fxandrei opened this issue Jun 5, 2025 · 5 comments
Open

Selfhosted - Not able to resolve NETBIRD_DOMAIN after netbird connects #3933

fxandrei opened this issue Jun 5, 2025 · 5 comments
Labels
triage-needed

Comments

@fxandrei
Copy link

fxandrei commented Jun 5, 2025

I have installed netbird server (selfhosted) on a container (lxc).
I ran:
export NETBIRD_DOMAIN=vpn.domain.com; curl -fsSL https://github.com/netbirdio/netbird/releases/latest/download/getting-started-with-zitadel.sh | bash

Create peer1 and peer2.
Connect them.

Define nameservers for google and cloudflare.
Dont define anything in DNS Settings in the dashboard (so i did not select to disable dns management on any groups).

On peer1, while connected
i run nslookup, and i see this ip is answering the queries: 100.83.255.254
peer1.vpn.domain.com ----> it returns the ip
peer2.vpn.domain.com ----> it returns the ip

vpn.domain.com -------->

Server: UnKnown
Address: 100.83.255.254

*** UnKnown can't find vpn.domain.com: Non-existent domain

The biggest problem it creates is that i cannot access https://vpn.domain.com for that netbird dashboard after i connect netbird.
The workaround would be to manually add a host entry on each peer i need this.
@mlsmaycon
Copy link
Collaborator

@fxandrei it seems like you configured vpn.domain.com as DNS domain for your peers in your deployment.

This overlaps with your management server layer vpn.domain.com causing resolution issues.

You can update the domain in Settings > Network > DNS domain

Just use a domain that don't exist, for instance: peers.vpn.domain.com

@fxandrei
Copy link
Author

fxandrei commented Jun 5, 2025

So NETBIRD_DOMAIN should be a internal domain ? Thats what you are saying ?
If that is so, when installing it, where do i specify the management server domain ?
I mean it should he accessed via https://vpn.domain.com .
Im thinking that i need to specify both these domains somehow.
One is used for management gui, and one internal for the peers, right ?

@mlsmaycon
Copy link
Collaborator

No, NETBIRD_DOMAIN is the domain that should be used for the management service. But from your example:

On peer1, while connected
i run nslookup, and i see this ip is answering the queries: 100.83.255.254
peer1.vpn.domain.com ----> it returns the ip
peer2.vpn.domain.com ----> it returns the ip

It seems like you are using vpn.domain.com as a domain for your peers. Can you share how did you configure that?

@fxandrei
Copy link
Author

fxandrei commented Jun 5, 2025

The only thing i did is run this cmd:
export NETBIRD_DOMAIN=vpn.domain.com; curl -fsSL https://github.com/netbirdio/netbird/releases/latest/download/getting-started-with-zitadel.sh | bash

So i set NETBIRD_DOMAIN with the value vpn.domain.com, that has the public ip defined in the DNS (google, cloud flare, etc).
So vpn.domain.com resolves to correct public ip.

After that the only thing i did in the netbird ui dashbord is set nameservers (google and cloudflare).
Nothing else.

@fxandrei
Copy link
Author

fxandrei commented Jun 7, 2025

I reinstalled it and it seems that it uses the domain set in "--dns-domain=

So i changed that, restarted the containers, and its fine now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
triage-needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mlsmaycon @fxandrei and others