Adding section regarding Additional configurations for cloud providers (

#134)
netbirdio · Jan 25, 2024 · 710c2db · 710c2db
1 parent 456f280
commit 710c2db
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 2 deletions.
diff --git a/src/pages/selfhosted/selfhosted-guide.mdx b/src/pages/selfhosted/selfhosted-guide.mdx
@@ -184,6 +184,24 @@ Make sure your reverse-Proxy is setup to use the HTTP2-Protocol when forwarding.
     Simply replace the file `docker-compose.yml.tmpl` with the chosen version.
 </Note>
 
+## Advanced: Additional configurations for cloud providers
+
+### Hetzner
+Hetzner uses stateless [firewall](https://docs.hetzner.com/robot/dedicated-server/firewall/), which means it doesn't "keep track of" whether or not an incoming packet belongs to an established connection. In this case, you may add to this server firewall an UDP port range equals to the result of:
+```bash
+sudo cat /proc/sys/net/ipv4/ip_local_port_range
+```
+More info can be found at this GitHub [issue](https://github.com/netbirdio/netbird/issues/390#issuecomment-1185298689).
+
+### Oracle Cloud Infrastructure (OCI)
+Linux images provided by Oracle Cloud includes some default [firewall rules](https://docs.oracle.com/en-us/iaas/Content/Compute/References/bestpracticescompute.htm#Essentia) which block ingress UDP on port 3478. This is required by Coturn without which only peers in same LAN would be able to communicate with each other but not peers on different networks. Besides opening [required](#requirements) ports on _Security Rules_, you also need to run below command on the virtual machine.
+```bash
+sudo iptables -I INPUT -p udp -m udp --dport 3478 -j ACCEPT
+```
+<Note>
+Oracle Cloud discourages use of UFW. You will have to use IPTABLES.
+</Note>
+
 ## Backup
 To backup your NetBird installation, you need to copy the configuration files, and the Management service databases.
 

diff --git a/src/pages/selfhosted/selfhosted-quickstart.mdx b/src/pages/selfhosted/selfhosted-quickstart.mdx
@@ -25,7 +25,7 @@ as the identity provider for user management using a single-line setup script an
 
 **Infrastructure requirements:**
 - A Linux VM with at least **1CPU** and **2GB** of memory.
-- The VM should be publicly accessible on TCP ports **80** and **443** and UDP ports: **3478**, **49152-65535**.
+- The VM should be publicly accessible on TCP ports **80**, **443**, **33073** and **10000**; and UDP ports: **3478**, **49152-65535**.
 - **Public domain** name pointing to the VM.
 
 **Software requirements:**
@@ -109,4 +109,4 @@ Feel free to ping us on [Slack](https://join.slack.com/t/netbirdio/shared_invite
 
 - NetBird managed version: [https://app.netbird.io](https://app.netbird.io)
 - Make sure to [star us on GitHub](https://github.com/netbirdio/netbird)
-- Follow us [on Twitter](https://twitter.com/netbird)
+- Follow us [on Twitter](https://twitter.com/netbird)