MCP server that provides read-only access to Netbird network configuration and status, enabling LLMs to analyze network peers, groups, policies, posture checks, networks, nameservers, and port allocations.

Installation

From Source

git clone https://github.com/aantti/mcp-netbird
cd mcp-netbird && make install

Go Install

go install github.com/aantti/mcp-netbird/cmd/mcp-netbird@latest

Smithery

npx -y @smithery/cli install @aantti/mcp-netbird --client claude

Docker

docker build -t mcp-netbird-sse:v1 -f Dockerfile.sse .
docker run --name mcp-netbird -p 8001:8001 -e NETBIRD_API_TOKEN=<your-api-token> mcp-netbird-sse:v1

Configuration

Codeium Windsurf

{
  "mcpServers": {
    "netbird": {
      "command": "mcp-netbird",
      "args": [],
      "env": {
        "NETBIRD_API_TOKEN": "<your-api-token>"
      }
    }
  }
}

Available Tools

Tool	Description
`list_netbird_peers`	List all network peers
`list_netbird_port_allocations`	List all inbound ports for a specific peer ID
`list_netbird_groups`	List all groups
`list_netbird_policies`	List all policies
`list_netbird_posture_checks`	List all posture checks
`list_netbird_networks`	List all networks
`list_netbird_nameservers`	List all nameserver groups

Features

Uses Netbird API to access configuration and status
Configurable API endpoint
Secure token-based authentication for Netbird API
1:1 mapping of selected Netbird API resources to read-only tools

Environment Variables

Required

NETBIRD_API_TOKEN - Your Netbird API token

Optional

NETBIRD_HOST - Netbird API host (defaults to api.netbird.io)

Usage Examples

Can you explain my Netbird peers, groups and policies to me?

Notes

The project is still in development. Based on the Grafana MCP server from Grafana Labs and uses MCP Go from Mark III Labs. Requires a Netbird API token from the management console. Can be run via Docker, ToolHive, or manually for development.

Netbird MCP Server

Get this MCP server