ZeroTier Review
-
@dafyre said:
I think the listpeers command is for listing other "nearby" controllers that can be used when necessary.
It listed all of the devices on the network, but the only IP it showed was the public WAN, and it only showed the zerotier ID.
-
Your devices also won't be assigned an IP address until you have authorized them into your network.
-
@dafyre said:
Your devices also won't be assigned an IP address until you have authorized them into your network.
I checked right after I ran the authorize script you wrote, but I must have needed to wait a little longer.
-
@johnhooks Thanks for the heads up. I'll keep that in mind.
-
Thanks for the code snippets to create a network and authorize a client. I modified the PHP script to change a client IP. I disconnected my client and reconnected to be safe and client started using the new IP.
<?PHP $secret=file_get_contents('authtoken.secret'); echo "Connecting with secret of $secret\n\r"; $networkID="aaaaaaaaaaaaaaaa"; $memberID="bbbbbbbbbb"; $NewIP=array("192.168.50.10/24"); $url="http://localhost:9993/controller/network/$networkID/member/$memberID?auth=$secret"; $networkOption=array( 'ipAssignments'=>$NewIP ); //echo json_encode($networkOption); $curl=curl_init(); $curlOptions=array( CURLOPT_URL=>$url, CURLOPT_POSTFIELDS=>json_encode($networkOption), CURLOPT_RETURNTRANSFER=>true ); curl_setopt_array($curl,$curlOptions); $result=curl_exec($curl); print_r($result); /* echo "Sent Data: \n\r"; print_r($curlOptions); */
-
@quicky2g Welcome to the community!
-
@scottalanmiller Thanks! Co-worker put me onto this article and seems like a pretty cool site. Might have to stick around
-
Awesome! Great to see people starting to steer others over here!
-
@quicky2g said:
@scottalanmiller Thanks! Co-worker put me onto this article and seems like a pretty cool site. Might have to stick around
Welcome aboard & Thanks for the code update!
-
I'm really liking how easy it is to setup. Just want to see some security review by a trusted security person before I go ahead and roll it out. Anyone seen a review on it from someone like Steve Gibson, Brian Krebs, or the like?
-
@travisdh1 said:
I'm really liking how easy it is to setup. Just want to see some security review by a trusted security person before I go ahead and roll it out. Anyone seen a review on it from someone like Steve Gibson, Brian Krebs, or the like?
If you haven't read up in the FAQ yet, check it out here: https://www.zerotier.com/tech_faq.shtml -- especially the security section.
What kind of use case are you seeing for it?
-
@dafyre said:
@travisdh1 said:
I'm really liking how easy it is to setup. Just want to see some security review by a trusted security person before I go ahead and roll it out. Anyone seen a review on it from someone like Steve Gibson, Brian Krebs, or the like?
If you haven't read up in the FAQ yet, check it out here: https://www.zerotier.com/tech_faq.shtml -- especially the security section.
What kind of use case are you seeing for it?
I did Wireshark on the traffic yesterday. All I saw was encrypted data inside a UDP packet. Not sure if there are any vulnerabilities or security holes in the dependent applications.
-
@dafyre said:
@travisdh1 said:
I'm really liking how easy it is to setup. Just want to see some security review by a trusted security person before I go ahead and roll it out. Anyone seen a review on it from someone like Steve Gibson, Brian Krebs, or the like?
If you haven't read up in the FAQ yet, check it out here: https://www.zerotier.com/tech_faq.shtml -- especially the security section.
What kind of use case are you seeing for it?
I've got two locations, one with the worst "high-speed" internet you're likely to find outside of satellite (good riddance to satellite!) 1 vm host and 1 backup target at each location. Ether XenServer or ProxMox running on the servers. I'm thinking I'll be able to manage most things at both sites with a jumpbox vm. Maybe even make xrdp available as well, tho that would be painful with the DSL connection (756kb/250kb actual measured 600kb/300kb.)
-
@dafyre said:
What kind of use case are you seeing for it?
The use case I see is a primarily mobile workforce. But also something like more modern offices mostly seen on the west coast - just let anyone on the network because the network is just a connection medium. ZT over the physical is what would actually allow you access to services for the company.
-
@travisdh1 said:
@dafyre said:
@travisdh1 said:
I'm really liking how easy it is to setup. Just want to see some security review by a trusted security person before I go ahead and roll it out. Anyone seen a review on it from someone like Steve Gibson, Brian Krebs, or the like?
If you haven't read up in the FAQ yet, check it out here: https://www.zerotier.com/tech_faq.shtml -- especially the security section.
What kind of use case are you seeing for it?
I've got two locations, one with the worst "high-speed" internet you're likely to find outside of satellite (good riddance to satellite!) 1 vm host and 1 backup target at each location. Ether XenServer or ProxMox running on the servers. I'm thinking I'll be able to manage most things at both sites with a jumpbox vm. Maybe even make xrdp available as well, tho that would be painful with the DSL connection (756kb/250kb actual measured 600kb/300kb.)
ZeroTier must use some kind of compression so might help with your speed issues. I have 5mbps upload at home. Did an upload test with iPerf between my house and my work office and saw 5mbps with Hamachi:
Did the same test with ZeroTier between the same endpoints:
-
@quicky2g said:
@travisdh1 said:
@dafyre said:
@travisdh1 said:
I'm really liking how easy it is to setup. Just want to see some security review by a trusted security person before I go ahead and roll it out. Anyone seen a review on it from someone like Steve Gibson, Brian Krebs, or the like?
If you haven't read up in the FAQ yet, check it out here: https://www.zerotier.com/tech_faq.shtml -- especially the security section.
What kind of use case are you seeing for it?
I've got two locations, one with the worst "high-speed" internet you're likely to find outside of satellite (good riddance to satellite!) 1 vm host and 1 backup target at each location. Ether XenServer or ProxMox running on the servers. I'm thinking I'll be able to manage most things at both sites with a jumpbox vm. Maybe even make xrdp available as well, tho that would be painful with the DSL connection (756kb/250kb actual measured 600kb/300kb.)
ZeroTier must use some kind of compression so might help with your speed issues. I have 5mbps upload at home. Did an upload test with iPerf between my house and my work office and saw 5mbps with Hamachi:
Did the same test with ZeroTier between the same endpoints:
O.o. That'd be some crazy compression!
-
@quicky2g said:
@travisdh1 said:
@dafyre said:
@travisdh1 said:
I'm really liking how easy it is to setup. Just want to see some security review by a trusted security person before I go ahead and roll it out. Anyone seen a review on it from someone like Steve Gibson, Brian Krebs, or the like?
If you haven't read up in the FAQ yet, check it out here: https://www.zerotier.com/tech_faq.shtml -- especially the security section.
What kind of use case are you seeing for it?
I've got two locations, one with the worst "high-speed" internet you're likely to find outside of satellite (good riddance to satellite!) 1 vm host and 1 backup target at each location. Ether XenServer or ProxMox running on the servers. I'm thinking I'll be able to manage most things at both sites with a jumpbox vm. Maybe even make xrdp available as well, tho that would be painful with the DSL connection (756kb/250kb actual measured 600kb/300kb.)
ZeroTier must use some kind of compression so might help with your speed issues. I have 5mbps upload at home. Did an upload test with iPerf between my house and my work office and saw 5mbps with Hamachi:
Did the same test with ZeroTier between the same endpoints:
That makes me go "What is going on here, something is not right."
-
Something seems flawed with the test - shouldn't doing speed test with compressible data.
-
@Dashrender said:
Something seems flawed with the test - shouldn't doing speed test with compressible data.
True. I haven't seen similar results, although a thought just hit me.
@quicky2g -- Were you running this test on ZeroTier to another device that is connected to the same physical lan?
(IE: Two ZeroTier devices in the same building?)
-
@dafyre said:
@Dashrender said:
Something seems flawed with the test - shouldn't doing speed test with compressible data.
True. I haven't seen similar results, although a thought just hit me.
@quicky2g -- Were you running this test on ZeroTier to another device that is connected to the same physical lan?
(IE: Two ZeroTier devices in the same building?)
Was going across a WAN.
When I did a LAN test between 2 devices on the same Gigabit switch I also got better results than Hamachi and almost as good as LAN IP's.
Gig LAN iPerf (Regular LAN IP’s):
Hamachi LAN iPerf:
ZeroTier LAN iPerf: