github netbirdio/netbird v0.63.0
on GitHub

11 hours ago

Release Notes for v0.63.0

What's New

Custom DNS Zones

NetBird now supports private DNS zones, allowing you to host DNS records directly within your network without external DNS servers.

Create zones like internal.company.io, add A, AAAA, or CNAME records, and distribute them to specific peer groups. Resolution happens locally on peers, and records propagate automatically when group membership
changes. With search domain support enabled, peers can query short names like api instead of the full api.internal.company.io.

Custom zones take precedence over nameserver configurations, giving you control over how specific domains resolve within your network. This works well with routed networks—map friendly names to private IPs behind
routing peers, and NetBird handles both DNS resolution and traffic routing. Your teams access postgres.internal instead of remembering 192.168.0.68.

Zone distribution is group-based, so different teams can see different records for the same zone, or have access to entirely separate zones.

Use Cases
  • Environment separation — Distinct zones for production, staging, and development, distributed only to relevant teams
  • Routed network resources — DNS names for services in data centers or cloud VPCs accessed through routing peers
  • Split-horizon DNS — Internal-only resolution for domains that resolve differently outside your network
Screenshots

Create a new Zone:
image

Create a new record:
image

View all records:
image

Learn more at:

Custom Zones
DNS Aliases for Routed Networks

DNS & Networking Improvements

  • Ensured musl compatibility by chasing CNAMEs in the local resolver.
    #5046
  • Improved DNS resolution flow by falling through the DNS chain for custom DNS zones.
    #5081
  • Changed priority between local and DNS route handlers for more predictable routing.
    #5106
  • Fixed netstack upstream DNS handling and added WASM debug methods.
    #4648

Client Improvements

  • Fixed WASM peer connections to lazy peers.
    #5097
  • Added fallback handling for invalid loginuid in ui-post-install.sh.
    #5099
  • Removed duplicate audience checks in the client.
    #5117

Management Enhancements

  • Added Custom DNS zones support.
    #4849
  • Added configuration compatibility checks during startup.
    #5087
  • Optimized external cache access by fetching all users in a single request.
    #5104
  • Adapted rate limiting behavior.
    #5080
  • Fixed SSH server audience validation across management and client.
    #5105
  • Skipped email_verified validation when not present in IdP responses.
    #5118
  • Added IdP timeout configuration via environment variable.
    #4647

Infrastructure & Security

  • Introduced embedded STUN support for relay and STUN components.
    #5062
  • Added a Quickstart reverse proxy assistant to simplify initial setup.
    #5100
  • Upgraded Alpine Linux from 3.22.2 to 3.23.2 for security hardening.
    #5119

Other Changes

  • Added a hiring announcement with a link to careers.netbird.io.
    #5095

New Contributors

Full Changelog: v0.62.2...v0.63.0

Check out latest releases or
releases around netbirdio/netbird v0.63.0

Don't miss a new netbird release

NewReleases is sending notifications on new releases.

Get notifications