Home
Docs
API
Learn
Github
Support

ABOUT

GET STARTED

MANAGE NETBIRD

Control Center
Peers
Access Control
Networks
Reverse Proxy
Network Routes
DNS
Team
Activity
Settings
Integrations
Public API
For Partners

SELF-HOST NETBIRD

Quickstart Guide
Maintenance
Authentication
Advanced Guide
Management geolocation
Troubleshooting
Migration Guides

CLIENT

Profiles

USE CASES

Overview
Remote Access
Homelab
Cloud
Security

GET MORE HELP

Sign in

Routing traffic to multiple IP resources

This guide shows how to route traffic to multiple IP resources using NetBird Networks with IP resources. This is a common scenario for DevOps and Platform teams who need to provide differentiated access to on-premises or cloud infrastructure.

Example scenario

In this example, you will configure access to an internal network (172.16.0.0/15) with these requirements:

All users need access to DNS servers at 172.16.30.2 and 172.17.100.2 (UDP port 53 only)
The DevOps team needs full access to the entire network range

Traffic will be routed through routing peers running inside the network.

Create a network

Navigate to Networks > Networks in the NetBird dashboard:

new-net-1

Click Add Network to open the setup wizard. Enter a name and description for the network, then click Continue:

new-net2

Add a routing peer

Click Add routing peer and select a peer from your network:

new-example-routing-peer-1

Click Continue, then accept the defaults and click Add Routing Peer:

new-routing-peer-2

Add the network resource

Click Add Resource and enter Office network as the name with IP range 172.16.0.0/15 as the address:

new-example-resource-1

Assign the group office-network to this resource. This group will be used in the access policy for the DevOps team.

Create an access policy for the network resource

Create a policy that grants the DevOps group full access to the office-network resource group.

Click Create Policy and configure the fields as shown:

new-resource-acl-1

Click Continue twice, then click Add Policy:

new-resource-acl-2

Add the DNS server resources

Add the first DNS server as a resource. Click Add Resource and enter the IP address:

new-example-resource-2

Assign the group office-dns-servers to this resource. When prompted to create a policy, click Later since you will add another DNS server first.

Add the second DNS server resource:

new-example-resource-3

Create an access policy for DNS servers

Create a policy that grants the All users group access to the office-dns-servers resource group on UDP port 53 only.

Click Create Policy and configure the fields:

new-resource-acl-3

Click Continue twice, then click Add Policy. Use a generic policy name to cover both DNS server addresses:

new-resource-acl-4

View the network

After completing the wizard, the network appears in the Networks list:

view-example-network-1

Click the network name to view details:

view-example-network-2

From this view, you can edit or add resources and routing peers using the Edit buttons in each section.

You have now created a network with multiple resources that provide different access levels to different user groups within your organization.

Get started

Make sure to star us on GitHub
Follow us on X
Join our Slack Channel
NetBird latest release on GitHub

Edit on Github