Point to netbird.io

Rearrange readme
Add agent-network readme
2026-06-29 03:09:56 +00:00 · 2026-06-28 12:01:02 +02:00 · 2026-06-27 23:01:17 +02:00 · 2026-06-27 22:58:38 +02:00 · 2026-06-26 19:59:15 +02:00 · 2026-06-26 16:36:50 +02:00
4 changed files with 51 additions and 4 deletions
--- a/.github/workflows/golang-test-linux.yml
+++ b/.github/workflows/golang-test-linux.yml
@@ -579,10 +579,11 @@ jobs:
          CGO_ENABLED=1 GOARCH=${{ matrix.arch }} \
          NETBIRD_STORE_ENGINE=${{ matrix.store }} \
          CI=true \
          GIT_BRANCH=${{ github.ref_name }} \
          go test -tags devcert -run=^$ -bench=. \
          -exec 'sudo --preserve-env=CI,NETBIRD_STORE_ENGINE,GIT_BRANCH,GITHUB_RUN_ID' \
          -timeout 20m ./management/... ./shared/management/... $(go list ./management/... ./shared/management/... | grep -v -e /management/server/http)
        env:
          GIT_BRANCH: ${{ github.ref_name }}
  api_benchmark:
    name: "Management / Benchmark (API)"
@@ -673,12 +674,13 @@ jobs:
          CGO_ENABLED=1 GOARCH=${{ matrix.arch }} \
          NETBIRD_STORE_ENGINE=${{ matrix.store }} \
          CI=true \
          GIT_BRANCH=${{ github.ref_name }} \
          go test -tags=benchmark \
            -run=^$ \
            -bench=. \
            -exec 'sudo --preserve-env=CI,NETBIRD_STORE_ENGINE,GIT_BRANCH,GITHUB_RUN_ID' \
            -timeout 20m ./management/server/http/...
        env:
          GIT_BRANCH: ${{ github.ref_name }}
  api_integration_test:
    name: "Management / Integration"
--- a/README.md
+++ b/README.md
@@ -37,6 +37,11 @@
  </strong>
 </p>
 > ### 🤖 NetBird Agent Network (Beta)
 > Identity-aware access control for AI agents — keyless access to LLM APIs and private
 > resources over the encrypted NetBird tunnel. See [`agent-network/`](agent-network/) or
 > learn more at **[netbird.ai](https://netbird.ai)**.
 **NetBird combines a configuration-free peer-to-peer private network and a centralized access control system in a single platform, making it easy to create secure private networks for your organization or home.**
 **Connect.** NetBird creates a WireGuard-based overlay network that automatically connects your machines over an encrypted tunnel, leaving behind the hassle of opening ports, complex firewall rules, VPN gateways, and so forth.
--- a/agent-network/README.md
+++ b/agent-network/README.md
@@ -0,0 +1,39 @@
 # NetBird Agent Network
 Agent Network is NetBird's access control layer for AI agents and the people who run
 them. It gives every agent a real identity, tied to your identity provider (IdP), and
 governs what it can reach — the LLM APIs and AI gateways it can call, and the internal
 resources it can access. Traffic flows only over the encrypted NetBird tunnel, scoped by
 policy, with no API keys to leak.
 > **Beta.** Agent Network is open source and can be self-hosted on your own
 > infrastructure.
 ## How it works
 Agent Network is built on two existing NetBird capabilities:
 - **Overlay network** — the encrypted WireGuard mesh between peers.
 - **Reverse proxy** — a NetBird peer that terminates LLM requests, establishes the
  caller's identity, evaluates policies/limits/guardrails, injects the upstream provider
  key server-side, forwards to the API or gateway, and records usage.
 LLM traffic is routed through the proxy's identity-aware pipeline, while internal
 resources (databases, internal APIs, self-hosted models) are reached directly over
 peer-to-peer WireGuard tunnels, governed by the same identities and access policies.
 ## Where the code lives
 There is no separate "agent-network" service — it reuses the reverse-proxy and management
 components:
 - [`proxy/`](../proxy) — the NetBird reverse proxy that serves the agent network endpoint
  and runs the per-request middleware pipeline.
 - [`management/internals/modules/reverseproxy/`](../management/internals/modules/reverseproxy)
  — the management-side control plane: providers, policies, guardrails, limits, routing,
  and usage/access logs.
 ## Documentation
 Full documentation, architecture, and quickstart:
 **https://netbird.ai**
--- a/management/internals/shared/grpc/loginfilter.go
+++ b/management/internals/shared/grpc/loginfilter.go
@@ -11,9 +11,9 @@ import (
 const (
 	reconnThreshold   = 5 * time.Minute
-	baseBlockDuration = 30 * time.Minute // Duration for which a peer is banned after exceeding the reconnection limit
+	baseBlockDuration = 10 * time.Minute // Duration for which a peer is banned after exceeding the reconnection limit
 	reconnLimitForBan = 30               // Number of reconnections within the reconnTreshold that triggers a ban
-	metaChangeLimit   = 3                // Number of reconnections with different metadata that triggers a ban of one peer
+	metaChangeLimit   = 5                // Number of reconnections with different metadata that triggers a ban of one peer
 )
 type lfConfig struct {
@@ -142,6 +142,7 @@ func (l *loginFilter) addLogin(wgPubKey string, metaHash uint64) {
 func metaHash(meta nbpeer.PeerSystemMeta) uint64 {
 	h := fnv.New64a()
 	h.Write([]byte(meta.WtVersion))
 	h.Write([]byte(meta.OSVersion))
 	h.Write([]byte(meta.KernelVersion))
 	h.Write([]byte(meta.Hostname))
Author	SHA1	Message	Date
braginini	9ee43bd8fc	Point to netbird.io	2026-06-28 12:01:02 +02:00
braginini	3b52259a2b	Rearrange readme	2026-06-27 23:01:17 +02:00
braginini	390c4fe2fb	Add agent-network readme	2026-06-27 22:58:38 +02:00
dmitri-netbird	615631567a	small gh workflow fixes (#6546 ) Signed-off-by: Dmitri Dolguikh <dmitri.external@netbird.io>	2026-06-26 19:59:15 +02:00
Pascal Fischer	f4daf59bcd	[management] bring back client version check on login filter hash (#6552 )	2026-06-26 16:36:50 +02:00