Is there a way to set up the netmaker server / ingress node to forward the external client IP address? I have a bunch of web servers in a private network, and all access logs show the ingress node's IP address instead of the client IP address.

you need to remove the masquerade. You'll have to add RCE=on to your config, restart the server, edit the node, and remove the masquerade from the postup/postdown commands, and then run a "netclient pull" from the ingress node

I removed the masquerade setting from the ingress node, and restarted the netmaker server, but requests still come in with the ingress node IP address. Just for clarification, the netmaker server is also the ingress node. I installed the Docker version of Netmaker, and netclient is not installed on the Netmaker server. Should I do that?

that shouldn't be necessary

Still no luck so far... I tried to find matching iptables rules on both the host machine and inside the running netmaker Docker container. I'm now at a point where I believe it must be the

docker-compose.yml

configuration. I used the default template and followed the quick start instructions. Could it be the

HOST_NETWORK

setting (off by default)? The

docker-compose.reference.yml

references a template named

docker-compose.hostnetwork.yml

, which doesn't seem to exist anymore on Github.