Netbird LXC: Connection loss after reboot due to Docker/Netbird race condition #2415

New Issue

Open

opened 2026-02-05 04:46:26 +03:00 by OVERLORD · 1 comment

OVERLORD commented 2026-02-05 04:46:26 +03:00

Owner

Copy Link

Originally created by @Koliham on GitHub (Jan 30, 2026).

✅ Have you read and understood the above guidelines?

yes

🔎 Did you run the script with verbose mode enabled?

Yes, verbose mode was enabled and the output is included below

📜 What is the name of the script you are using?

Netbird

📂 What was the exact command used to execute the script?

bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/tools/addon/add-netbird-lxc.sh)"

⚙️ What settings are you using?

• Default Settings
• Advanced Settings

🖥️ Which Linux distribution are you using?

Ubuntu 24.04

📈 Which Proxmox version are you on?

8.4.14

📝 Provide a clear and concise description of the issue.

Hi everyone,
I encountered an issue with the Netbird LXC (when Docker is also installed/running inside).
After a reboot, the Netbird connection was established, but traffic routing failed (peers could not reach the LXC services).

The Problem:
It seems to be a race condition between docker.service and netbird.service.
Docker initializes its iptables rules upon start and sets the FORWARD chain policy to DROP. If Netbird starts before Docker has finished this initialization, Docker overrides or blocks the Netbird routing rules, causing the connection to drop/timeout despite the tunnel being "up".

The Solution:
Manually restarting Netbird (netbird down && netbird up) fixed it temporarily.
The permanent fix is to ensure Netbird starts after Docker.
I added a systemd override: systemctl edit netbird

[Unit]
After=docker.service
Wants=docker.service

After this change, the routing works perfectly immediately after a reboot. Maybe this dependency could be added to the installation script or the default service file?

Best regards!

🔄 Steps to reproduce the issue.

Step 1. Configure and run Netbird that it works, that you can reach another service within the network with your smartphone.
Step 2: Restart the Netbird LXC Container: Try to reach the service again. It should fail.
Step 3: Run netbird down and then netbird up, it should work again.

❌ Paste the full error output (if available).

iptables -L FORWARD -v -n

Chain FORWARD (policy DROP 134 packets, 8040 bytes)

 pkts bytes target     prot opt in     out     source               destination         

  134  8040 DOCKER-USER  0    --  *      *       0.0.0.0/0            0.0.0.0/0           

  134  8040 DOCKER-FORWARD  0    --  *      *       0.0.0.0/0            0.0.0.0/0     

🖼️ Additional context (optional).

No response

Originally created by @Koliham on GitHub (Jan 30, 2026). ### ✅ Have you read and understood the above guidelines? yes ### 🔎 Did you run the script with verbose mode enabled? Yes, verbose mode was enabled and the output is included below ### 📜 What is the name of the script you are using? Netbird ### 📂 What was the exact command used to execute the script? bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/tools/addon/add-netbird-lxc.sh)" ### ⚙️ What settings are you using? - [ ] Default Settings - [x] Advanced Settings ### 🖥️ Which Linux distribution are you using? Ubuntu 24.04 ### 📈 Which Proxmox version are you on? 8.4.14 ### 📝 Provide a clear and concise description of the issue. Hi everyone, I encountered an issue with the Netbird LXC (when Docker is also installed/running inside). After a reboot, the Netbird connection was established, but traffic routing failed (peers could not reach the LXC services). **The Problem:** It seems to be a race condition between `docker.service` and `netbird.service`. Docker initializes its iptables rules upon start and sets the FORWARD chain policy to DROP. If Netbird starts before Docker has finished this initialization, Docker overrides or blocks the Netbird routing rules, causing the connection to drop/timeout despite the tunnel being "up". **The Solution:** Manually restarting Netbird (netbird down && netbird up) fixed it temporarily. The permanent fix is to ensure Netbird starts after Docker. I added a systemd override: `systemctl edit netbird` ``` toml [Unit] After=docker.service Wants=docker.service ``` After this change, the routing works perfectly immediately after a reboot. Maybe this dependency could be added to the installation script or the default service file? Best regards! ### 🔄 Steps to reproduce the issue. Step 1. Configure and run Netbird that it works, that you can reach another service within the network with your smartphone. Step 2: Restart the Netbird LXC Container: Try to reach the service again. It should fail. Step 3: Run `netbird down` and then `netbird up`, it should work again. ### ❌ Paste the full error output (if available). iptables -L FORWARD -v -n ``` Chain FORWARD (policy DROP 134 packets, 8040 bytes) pkts bytes target prot opt in out source destination 134 8040 DOCKER-USER 0 -- * * 0.0.0.0/0 0.0.0.0/0 134 8040 DOCKER-FORWARD 0 -- * * 0.0.0.0/0 0.0.0.0/0 ``` ### 🖼️ Additional context (optional). _No response_

OVERLORD added the bug label 2026-02-05 04:46:26 +03:00

OVERLORD commented 2026-02-05 04:46:28 +03:00

Author

Owner

Copy Link

@michelroegl-brunner commented on GitHub (Jan 30, 2026):

Can you open a PR for that?

@michelroegl-brunner commented on GitHub (Jan 30, 2026): Can you open a PR for that?

OVERLORD referenced this issue 2026-02-05 05:51:50 +03:00

[PR #2415] [MERGED] [GH] Update script-test Workflow #3633

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

automated/update-github-versions

github-action-update-changelog

github-action-archive-changelog

MickLesk-patch-1

fix/dawarich-install-deps

fix/pangolin-build-deps

pr-update-app-files

fix/recovery-menu-read-tty

fix/gramps-web-relationship-diagram

add-script-strapi-1772029107

fix/apt-update-graceful-fallback

fix/improve-error-outputs

fix/dispatcharr-libgl

fix/booklore-ffmpeg

CrazyWolf13-patch-4

new_script_block

tailscale_addon_alpine

adgu_fix

CrazyWolf13-patch-3

add-script-kima-hub-1772029092

fix/github-api-error-messages

fix/vm-sdn-bridge-validation

fix/wger-nginx-host-header

CrazyWolf13-patch-2

add-script-zerobyte-1772029126

refactor/docker-tools-to-addon

ref_api

tremor021-patch-2

fix/node-drift-workflow-improvements

fix/databasus-mariadb-path-and-update-12255

add_sources

fix/error-handler-recovery

ci/check-node-version-drift

add-script-arcane-1771922925

bump/node-22-to-24

refactor/n8n-update-simplify-12250

feat/get-latest-gh-tag

CrazyWolf13-patch-1

add-script-seaweedfs-1771858324

add-script-sonobarr-1771858339

michelroegl-brunner-patch-1

michelroegl-brunner-patch-2

memos_update

booklore_v2

fix/stuck-installing-configuring-status

fix/error-handling-and-apt-signedby

add-script-sparkyfitness-1771771576

fix-vm-disk-space-checks

feature/vm-smart-recovery

CrazyWolf13-patch-5

alpine-teamspeak-fix

wealthfolio-v3

feat/unattended-whiptail-handling

tremor021-patch-1

fix/version-display

fix/debian13-root-ownership

feat/interactive_prompts

core_stable

refactor/tools-func-stability

certbot_npm

2026-02-28

2026-02-27

2026-02-26

2026-02-25

2026-02-24

2026-02-23

2026-02-22

2026-02-21

2026-02-20

2026-02-19

2026-02-18

2026-02-17

2026-02-16

2026-02-15

2026-02-14

2026-02-13

2026-02-12

2026-02-11

2026-02-10

2026-02-09

2026-02-08

2026-02-07

2026-02-06

2026-02-05

2026-02-04

2026-02-03

2026-02-02

2026-02-01

2026-01-31

2026-01-30

2026-01-29

2026-01-28

2026-01-27

2026-01-26

2026-01-25

2026-01-24

2026-01-23

2026-01-22

2026-01-21

2026-01-20

2026-01-19

2026-01-18

2026-01-17

2026-01-16

2026-01-15

2026-01-14

2026-01-13

2026-01-12

2026-01-11

2026-01-10

2026-01-09

2026-01-08

2026-01-07

2026-01-06

2026-01-05

2026-01-04

2026-01-03

2026-01-02

2026-01-01

2025-12-31

2025-12-30

2025-12-29

2025-12-28

2025-12-27

2025-12-26

2025-12-25

2025-12-24

2025-12-23

2025-12-22

2025-12-21

2025-12-20

2025-12-19

2025-12-18

2025-12-17

2025-12-16

2025-12-15

2025-12-14

2025-12-13

2025-12-12

2025-12-11

2025-12-10

2025-12-09

2025-12-08

2025-12-07

2025-12-06

2025-12-05

2025-12-04

2025-12-03

2025-12-02

2025-12-01

2025-11-30

2025-11-29

2025-11-28

2025-11-27

2025-11-26

2025-11-25

2025-11-24

2025-11-23

2025-11-22

2025-11-21

2025-11-20

2025-11-19

2025-11-18

2025-11-17

2025-11-16

2025-11-15

2025-11-14

2025-11-13

2025-11-12

2025-11-11

2025-11-10

2025-11-09

2025-11-08

2025-11-07

2025-11-06

2025-11-05

2025-11-04

2025-11-03

2025-11-02

2025-11-01

2025-10-31

2025-10-30

2025-10-29

2025-10-28

2025-10-27

2025-10-26

2025-10-25

2025-10-24

2025-10-23

2025-10-22

2025-10-21

2025-10-20

2025-10-19

2025-10-18

2025-10-17

2025-10-16

2025-10-15

2025-10-14

2025-10-13

2025-10-12

2025-10-11

2025-10-10

2025-10-09

2025-10-08

2025-10-07

2025-10-06

2025-10-05

2025-10-04

2025-10-03

2025-10-02

2025-10-01

2025-09-30

2025-09-29

2025-09-28

2025-09-27

2025-09-26

2025-09-25

2025-09-24

2025-09-23

2025-09-22

2025-09-21

2025-09-20

2025-09-19

2025-09-18

2025-09-17

2025-09-16

2025-09-15

2025-09-14

2025-09-13

2025-09-12

2025-09-11

2025-09-10

2025-09-09

2025-09-08

2025-09-07

2025-09-06

2025-09-05

2025-09-04

2025-09-03

2025-09-02

2025-09-01

2025-08-31

2025-08-30

2025-08-29

2025-08-28

2025-08-27

2025-08-26

2025-08-25

2025-08-24

2025-08-23

2025-08-22

2025-08-21

2025-08-20

2025-08-19

2025-08-18

2025-08-17

2025-08-16

2025-08-15

2025-08-14

2025-08-13

2025-08-12

2025-08-11

2025-08-10

2025-08-09

2025-08-08

2025-08-07

2025-08-06

2025-08-05

2025-08-04

2025-08-03

2025-08-02

2025-08-01

2025-07-31

2025-07-30

2025-07-29

2025-07-28

2025-07-27

2025-07-26

2025-07-25

2025-07-24

2025-07-23

2025-07-22

2025-07-21

2025-07-20

2025-07-19

2025-07-18

2025-07-17

2025-07-16

2025-07-15

2025-07-14

2025-07-11

2025-07-10

2025-07-09

2025-07-08

2025-07-07

2025-07-06

2025-07-05

2025-07-04

2025-07-03

2025-07-02

2025-07-01

2025-06-30

2025-06-29

2025-06-28

2025-06-27

2025-06-26

2025-06-25

2025-06-24

2025-06-23

2025-06-22

2025-06-21

2025-06-20

2025-06-19

2025-06-18

2025-06-17

2025-06-16

2025-06-15

2025-06-14

2025-06-13

2025-06-12

2025-06-11

2025-06-10

2025-06-09

2025-06-08

2025-06-07

2025-06-06

2025-06-05

2025-06-04

2025-06-03

2025-06-02

2025-06-01

2025-05-31

2025-05-30

2025-05-29

2025-05-28

2025-05-27

2025-05-26

2025-05-25

2025-05-24

2025-05-23

2025-05-22

2025-05-21

2025-05-20

2025-05-19

2025-05-18

2025-05-17

2025-05-16

2025-05-15

2025-05-14

2025-05-13

2025-05-12

2025-05-11

2025-05-10

2025-05-09

2025-05-08

2025-05-07

2025-05-06

2025-05-05

2025-05-04

2025-05-03

2025-05-02

2025-05-01

2025-04-30

2025-04-29

2025-04-28

2025-04-27

2025-04-26

2025-04-25

2025-04-24

2025-04-23

2025-04-22

2025-04-20

2025-04-21

2025-04-19

2025-04-18

2025-04-17

2025-04-15

2025-04-16

2025-04-14

2025-04-13

2025-04-12

2025-04-11

2025-04-10

2025-04-09

2025-04-08

2025-04-07

2025-04-06

2025-04-05

2025-04-04

2025-04-03

2025-04-02

2025-04-01

2025-03-31

2025-03-30

2025-03-29

2025-03-28

2025-03-27

2025-03-26

2025-03-25

2025-03-24

2025-03-23

2025-03-22

2025-03-21

2025-03-20

2025-03-19

2025-03-18

2025-03-17

2025-03-16

2025-03-15

2025-03-14

2025-03-13

2025-03-12

2025-03-11

2025-03-10

2025-03-09

2025-03-08

2025-03-07

2025-03-06

2025-03-05

2025-03-04

2025-03-03

2025-03-02

2025-03-01

2025-02-28

2025-02-27

2025-02-26

2025-02-25

2025-02-24

2025-02-23

2025-02-21

2025-02-20

2025-02-19

2025-02-18

2025-02-17

2025-02-16

2025-02-15

2025-02-14

2025-02-13

2025-02-12

2025-02-11

2025-02-10

2025-02-09

2025-02-08

2025-02-07

2025-02-06

2025-02-05

2025-02-04

2025-02-03

2025-02-02

2025-02-01

2025-01-31

2025-01-30

2025-01-29

2025-01-28

2025-01-27

2025-01-26

2025-01-24

2025-01-23

2025-01-22

2025-01-21

2025-01-20

2025-01-19

2025-01-18

2025-01-17

2025-01-16

2025-01-15

2025-01-14

2025-01-13

2025-01-11

2025-01-10

2025-01-09

2025-01-08

2025-01-07

2025-01-06

2025-01-05

2025-01-04

2025-01-03

2025-01-02

2025-01-01

2024-12-31

2024-12-30

2024-12-29

2024-12-28

2024-12-27

2024-12-26

2024-12-25

2024-12-23

2024-12-21

2024-12-20

2024-12-19

2024-12-18

2024-12-17

2024-12-16

2024-12-13

2024-12-12

2024-12-09

2024-12-08

2024-12-07

2024-12-06

2024-12-05

2024-12-04

2024-12-03

2024-12-02

2024-11-30

2024-11-29

2024-11-28

2024-11-27

2024-11-26

2024-11-25

2024-11-24

2024-11-23

Labels

Clear labels

Implemented in VED waiting push to Main

breaking change

bug

bug

bugfix

deferred

delete script

dependencies

enhancement

external

feature

github

help wanted

in project pipeline

invalid

investigation

json

maintenance

needs triage

new script

new script

nice to have

not a script issue

not planned

organization

pull-request

Mirrored from GitHub Pull Request

question

refactor

rename script

security

update script

website

wontdo

🛑 Failure to comply with the guidelines

No Label bug

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/ProxmoxVE#2415