Troubleshooting

Currently meshing one of these devices is not supported, however, it will be soon. For now, you can connect to your VPN by making one of the nodes a Remote Access Gateway, then create an Ext Client for each device. Finally, use the official WG app or another WG configuration app to connect via QR or download the device’s WireGuard configuration.

Please allow your nodes to complete a check-in or two, in order to reconfigure themselves. In some cases, it could take up to a minute or so.

Although keys are the preferred way to join a network, Netmaker does allow for manual node sign-ups. Simply turn on “allow manual signups” on your network and nodes will not connect until you manually approve each one.

Yes, we have an active Discord community and issues on our GitHub are answered frequently! You can also sign-up for updates at our gravitl site!

Check out our business support subscriptions at https://gravitl.com/plans. Subscription holders can also purchase consulting credits via the site.

Default nodes appear in each network with the “netmaker” name. These nodes are created by, and attached to, the server. The server is contained in docker, meaning these clients are also contained in docker. Their networking stack is also contained in docker. The “netmaker” nodes are meant to function as network utilities. They assist with UDP Hole Punching and can run Relays, Egresses and Remote Access Gateways. However, they are meant to stay contained in the server. They do not touch the host networking stack.

If you want to give the physical server / VM a private IP in the netmaker network, you must deploy an additional node using the standard netclient. The only note here is that the server consumes ports 51821-51831, so you will need to give it a port outside this range, e.x.

You may also need to add --udpholepunch no.

Once a netclient is deployed to the underlying server/VM, you will be able to use the private address to reach other nodes from the host, or to reach the server over the private network.

In 0.8, SQLite becomes the default database. If you were running with rqlite, you must set the DATABASE environment variable to rqlite in order to continue using rqlite.

This can be fairly simple to achieve assuming you have access to a domain and are familiar with Nginx. Please refer to the quick-start guide to see!

As of v0.18.0, netmaker now uses a stun server (Session Traversal Utilities for NAT). This provides a tool for communications protocols to detect and traverse NATs that are located in the path between two endpoints.

We recommend at least 1 CPU and 2 GB Memory.

Yes, Netmaker supports IPv6 addressing. When you create a network, just make sure to turn on Dual Stack. Nodes will be given IPv6 addresses along with their IPv4 address. It does not currently support IPv6 only.

Netmaker does not directly support it, but it uses rqlite (which supports Raft) as the database.

There is no official uninstall script for the Netmaker server at this time. If you followed the quick-start guide, simply run:

to completely wipe your server. Otherwise kill the running binary and it’s up to you to remove database records/volumes.

The most common issue as of 0.13 is with MQ. There have been some architecture changes that are very important to account for in the upgrade.

Please follow this Gist if you are encountering issues with 0.13+: https://gist.github.com/mattkasun/face2a7c1f32031a2126ff7243caad12

Simply navigate to the UI (as an admin account). Select users in the top left and create an account for them. Select the network(s) to give them and they should be good to go! They are an admin of that network(s) only now.

Simply navigate to the UI (as an admin account). Select your network of interest, then select the Access Keys tab. Then delete the rogue access key.

You MUST remove all nodes in a network before you can delete it.

Yes, nodes can share names without issue. It may just be harder for you to know which is which.

First get your access token (not just access key), then run:

NOTE: netclient may be under /etc/netclient/, i.e.:

In order to leave a Netmaker network, run:

You will need sudo/root permissions, but you can run:

or:

Note for journalctl: you should hit the End key to get to view the most recent logs quickly or use:

Yes, on the node simply run:

and you should see what your current configuration is. You can also see the current WireGuard configuration with:

Yes, on the node simply run:

If you’re running SELinux, it will interfere with systemd’s ability to restart the client properly. Therefore, please run the following:

This is commonly due to incorrect MTU settings. Typically, it will be because MTU is too high. Try setting MTU lower on the node. This can be done via netconfig, or by editing the node in the UI.

Note: We recommend a minimum MTU of 1280 due to most router configs having an expectation of a standard MTU setting and IPv6 requiring 1280 as a minimum. Going lower than that may cause issues.

In this situation, you can use the Relay Server functionality introduced in Netmaker v0.8 to designate a node as a relay to your “stuck” machine. Simply click the button to make a node into a relay and tell it to relay traffic to this hard-to-reach peer.

Older versions of Windows and/or virtualized environments may not support the Netclient UI. To fix this, download and install Mesa 3D. One way is to follow these steps:

• Download Mesa 3D (e.g., from here) to get OpenGL for your OS

• Get 7-zip, install it and extract the .7z Mesa 3D download (unless you download outside of Windows and extract there)

• Drop the resulting .dll in the location of the .exe you’re trying to run

• Double click the netclient.exe

• Netclient should start normally (the Fyne error should not appear)

CoreDNS is not required. Simply start your server with:

Netmaker supports down to two characters for DNS names for your networks domains.