ZeroTier Bridging Configuration
-
So... I figured out how to get ZeroTier working as an Ethernet bridge thanks to some help from @adam-ierymenko and the initial guide that another user posted at :
https://www.zerotier.com/community/topic/5/bridging-ethernet-to-zerotier-virtual-networks-on-linuxI did this using Ubuntu 15.10.
Install Ubuntu however you wish. I'd recommend at least 1gb of RAM and 16GB of hard drive space (My current install has 1gb of ram and 32gb of hard drive space).
You only need one interface actually connected to the physical network for both Management and the bridged traffic.
After you have created your VM, before powering it on, you should take care that your Hypervisor will allow Mac Spoofing.
In VMware, this is called Forged Transmits, and is done at a vSwitch level from what I understand. ( A little info is located here: https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vsphere.networking.doc%2FGUID-74E2059A-CC5E-4B06-81B5-3881C80E46CE.html)In Hyper-V this is fixed on a per VM basis using the following powershell commands all typed on one line. Just replace MYVMNAME and MY_HYPERV_SWITCH with the values that are used from your own setup.
get-vmnetworkadapter -VMName MYVMNAME|where {$_.SwitchName -eq "MY_HYPERV_SWITCH"}| set-vmnetworkadapter -MacAddressSpoofing onIn VMware
While Ubuntu is installing, create an account or log in to https://my.zerotier.com and create your network (or use your existing one). Things you need to make sure of:- Your ZeroTier IP range is set to be part of your Network Subnet. IE: If your subnet is 192.168.10.0/23, you should make sure that ZeroTier is configured to be in the same range... For instance, my home network is configured as 192.168.10.0/23. ZeroTier is configured:
Note: The IP Autoassign settings are outside of the DHCP Scope of my DHCP server. IE: My DHCP server at home is set to hand out IPs between 192.168.10.100 and 192.168.10.150. Note here my Autoassign settings are 192.168.11.100 to 192.168.11.200.
Note 2: This would theoretically work, even if you are on a /24 network, as long as the ZT autoassign settings are outside the scope of your LAN's DHCP server. I have not tested this.
- The device that you want to be designated as the bridge is marked as both Allowed AND bridge in the ZT interface...
After you have installed Ubuntu, execute the following commands, which updates the package list, and ensures that the bridge-utils are installed. It also downloads and installs the ZeroTier binaries. Check the website: https://www.zerotier.com/product-one.shtml for the latest version.
All commands should be executed as root
apt-get update apt-get install bridge-utils wget https://download.zerotier.com/dist/zerotier-one_1.1.4_amd64.deb dpkg -i zerotier-one_1.1.4_amd64.debAfter ZeroTier is installed, you need to start it:
service zerotier-one startThen you need to get the Client ID for making sure you select the right one as the bridge.
zerotier-cli infoIt will output something similar to :
200 info ee88c712ab ONLINE 1.1.4The third item is your client's ID.
Next up, you will need to join the client to your ZeroTier network via:
zerotier-cli join your_network_idYou should see the Network ID in the top left corner of your screen after you click on your Network on the ZT Web Portal.
If you read through the guide at the site I posted above, he shows a network configuration guide using /etc/interfaces, which is the proper way to set it up. I went about it a different way by using a script that starts when the VM is rebooted, and waits for 30 seconds to ensure network connectivity...
Place the script in /usr/local/bin
Adjust the BRIDGE_IP and GATEWAY_IP, and SLEEP_TIMER to the correct values.
The script removes ALL IP addresses and routes related to eth0, br0, and zt0, and then sets them according to the parameters you set up.#!/bin/bash LAN_INT="eth0" #Internal LAN Interface BR_INT="br0" #Bridge Interface ZT_INT="zt0" #ZeroTier Interface BRIDGE_IP="192.168.10.100/23" GATEWAY_IP="192.168.10.1" SLEEP_TIMER="30s" RUN_TIME=`date` #Delay Timer to give the system a chance to finish booting sleep $SLEEP_TIMER echo $RUN_TIME > /var/log/bridge.log #Disable Interfaces, Remove IP addresses echo "Disabling Interface" >> /var/log/bridge.log /sbin/ifconfig $LAN_INT down >> /var/log/bridge.log /sbin/ifconfig $ZT_INT down >> /var/log/bridge.log /sbin/ip addr flush dev $LAN_INT >> /var/log/bridge.log /sbin/ip addr flush dev $ZT_INT >> /var/log/bridge.log echo "Setting up Bridging..." >> /var/log/bridge.log /sbin/brctl addbr $BR_INT >> /var/log/bridge.log /sbin/brctl addif $BR_INT $ZT_INT $LAN_INT >> /var/log/bridge.log /sbin/ifconfig $LAN_INT promisc up >> /var/log/bridge.log /sbin/ifconfig $ZT_INT promisc up >> /var/log/bridge.log /sbin/ifconfig $BR_INT up >> /var/log/bridge.log /sbin/ip addr add $BRIDGE_IP dev br0 >> /var/log/bridge.log /sbin/route add default gateway $GATEWAY_IP echo "Finished!" >> /var/log/bridge.logI have the script configured to run at reboot via crontab -e
# m h dom mon dow command @reboot sh /usr/local/bin/bridge-startA few quick ping tests should reveal that your bridge can communicate on your LAN, as well as your ZT Network.
From your ZT Network, ping towards a LAN IP address, and everything should work.
It should be noted that if you are actually changing an existing ZeroTier network to make this work, all of the linux clients need to be stopped, and then started. Not restarted (the IP address doesn't change if you do service zerotier-one restart). Windows systems can restart the ZeroTier service from the services.msc file.
If you have any issues or find any typos or recommend a better format, feel free to leave a comment below!
-
Thanks! I'll be trying this soon!
-
@aaronstuder said:
Thanks! I'll be trying this soon!
Keep me posted! If you find any of my instructions incorrect or too wordy, just let me know.
-
@dafyre Only 1 NIC needed? I could use my Raspberry Pi?
-
@aaronstuder said:
@dafyre Only 1 NIC needed? I could use my Raspberry Pi?
I don't see any reason why not. I don't think there's any special (non-default) settings that the kernel requires for this to work. It'd be worth a shot, I think.
-
@dafyre I forget the Raspberry Pi has terrible Distro choices
-
@aaronstuder said:
@dafyre I forget the Raspberry Pi has terrible Distro choices
Raspbian is a Debian based distro, yea?
-
-
@aaronstuder said:
I seriously need to come up with $5 to get the Pi Zero, or $35 and just get me a dang Pi.
-
@aaronstuder said:
@dafyre I forget the Raspberry Pi has terrible Distro choices
It does? What more do you need than CentOS 7?
-
And FreeBSD, too.
https://wiki.freebsd.org/FreeBSD/arm/Raspberry Pi
Really, pretty much any OS you'd actually want for production on a Pi is available.
-
Even Windows 10 is available.
http://techcrunch.com/2015/04/30/how-to-install-windows-10-iot-on-your-raspberry-pi-2/
-
-
@scottalanmiller said:
Even Windows 10 is available.
A Windows suggestion from you seems strange. =P
BTW Where are my emojis!
-
@aaronstuder said:
@scottalanmiller said:
Even Windows 10 is available.
A Windows suggestion from you seems strange. =P
BTW Where are my emojis!
Not suggesting it, just pointing out that the selection of OSes for the Pi is pretty good. CentOS, FreeBSD, Ubuntu, Windows... and those are just the ones that I found quickly. NetBSD is almost certainly available. Pretty much any OS you would reasonably want is available.
-
Hoping to get started in a few minutes
-
@aaronstuder said:
Hoping to get started in a few minutes
/me hands @aaronstuder a helmet.
-
Does this still work?
-
@Curtis said in ZeroTier Bridging Configuration:
Does this still work?
It sill works but I ended up not using bridge and went with this.
-
@black3dynamite ??? I donβt see anything about bridging in here...
