Description
We try to get netbird running using Linux yocto for an embedded device (arm64) using Linux kernel 5.4.193 with patches.
The node is connected to the netbird cloud servers, and can see all the peers in the network. The strange thing is that I can ping from my node only to some of the peers. For the peers that don't work, I see that the wireguard handshake isn't working and the transfer status shows that the transfer works only in one direction.
Further investigation shows errors in the netbird client.log:
2024-01-30T10:11:48Z ERRO client/firewall/nftables/route_linux.go:82: failed to create containers for route: nftables: unable to initialize table: conn.Receive: netlink receive: operation not supported
2024-01-30T10:11:48Z ERRO client/firewall/create_linux.go:54: failed to create nftables manager: nftables: unable to initialize table: conn.Receive: netlink receive: operation not supported
2024-01-30T10:11:48Z ERRO client/internal/engine.go:266: failed creating firewall manager: nftables: unable to initialize table: conn.Receive: netlink receive: operation not supported
We were able to workaround the issue by setting NB_SKIP_NFTABLES_CHECK=true when starting netbird. With that setting, the error entries disapear from the log and we can access all peers.
For further info, see https://netbirdio.slack.com/archives/C02KHAE8VLZ/p1706609731470089
To Reproduce
I can reproduce it easily on my machine, by just starting netbird.
Expected behavior
Peers should be accessible.
Are you using NetBird Cloud?
NetBird Cloud
NetBird version
0.25.5