ZeroTier + Active Directory Authentication
-
@Dashrender said:
I just had a thought.
This is just a wacky solution to the multi IP's for a single host problem that @dafyre was able to solve by telling a NIC to not register with DNS, but I couldn't get to work.
What if you install a bridge on the network, and make your default gateway aware of that network? then if your PC gets a ZT IP from DNS, it can still communicate, only it will be through the bridge.
It's ugly.. but provides a path.
Why does the gateway need to be aware of it?
-
@scottalanmiller He might mean that the ZT clients would need to know which gateway to use if it is a different gateway on the same network.
-
@scottalanmiller said:
@Dashrender said:
I just had a thought.
This is just a wacky solution to the multi IP's for a single host problem that @dafyre was able to solve by telling a NIC to not register with DNS, but I couldn't get to work.
What if you install a bridge on the network, and make your default gateway aware of that network? then if your PC gets a ZT IP from DNS, it can still communicate, only it will be through the bridge.
It's ugly.. but provides a path.
Why does the gateway need to be aware of it?
Well.. hmm.. OK I was going to say because that way it knows where to forward the packets to internal bridge/router...
But I just read the ZT forum post about the bridge, it's a bridge, not a router between two networks.. it's assumed (bridge) that all devices are on the same network, so there won't be any involvement of the default gateway.. so you can disregard my earlier comments.
-
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
I just had a thought.
This is just a wacky solution to the multi IP's for a single host problem that @dafyre was able to solve by telling a NIC to not register with DNS, but I couldn't get to work.
What if you install a bridge on the network, and make your default gateway aware of that network? then if your PC gets a ZT IP from DNS, it can still communicate, only it will be through the bridge.
It's ugly.. but provides a path.
Why does the gateway need to be aware of it?
Well.. hmm.. OK I was going to say because that way it knows where to forward the packets to internal bridge/router...
But I just read the ZT forum post about the bridge, it's a bridge, not a router between two networks.. it's assumed (bridge) that all devices are on the same network, so there won't be any involvement of the default gateway.. so you can disregard my earlier comments.
That's what I was wondering about
A bridge is just like another switch port. -
@scottalanmiller said:
@Dashrender said:
@scottalanmiller said:
@Dashrender said:
I just had a thought.
This is just a wacky solution to the multi IP's for a single host problem that @dafyre was able to solve by telling a NIC to not register with DNS, but I couldn't get to work.
What if you install a bridge on the network, and make your default gateway aware of that network? then if your PC gets a ZT IP from DNS, it can still communicate, only it will be through the bridge.
It's ugly.. but provides a path.
Why does the gateway need to be aware of it?
Well.. hmm.. OK I was going to say because that way it knows where to forward the packets to internal bridge/router...
But I just read the ZT forum post about the bridge, it's a bridge, not a router between two networks.. it's assumed (bridge) that all devices are on the same network, so there won't be any involvement of the default gateway.. so you can disregard my earlier comments.
That's what I was wondering about
A bridge is just like another switch port.And now I understand why in that ZT post that they wanted an open unused nic port to act like a switch port.. that's what ZT grabs onto to form the bridge...lol weird.
-
I'm thankful that my installation would be simple and only require editing the hosts file to point at the right DNS server.
-
@scottalanmiller you can not so respectfully piss off.
I can tell you that your opinion of how ZT should work is your opinion and nothing more than that. The developer told you to post your information to that thread.
My goal has nothing to do with making everything work for AD. That thread has nothing to do with my desire to make AD be the only piece that works.
-
@Dashrender said:
@wrx7m said:
@FATeknollogee said:
@Dashrender You have a "how to" instruction set?
I think @dafyre created a script for it. I am pretty sure you can only install the bridge on a connector, which has to be a Linux box.
Doh! you're right it was @dafyre
It wasn't a script... Esentially what I did was build a Linux router.
I have been unable to get the Official Bridged mode to work for some reason or another... It sounds like that is more involved than what @JaredBusch wants to do though.
-
@dafyre said:
@Dashrender said:
@wrx7m said:
@FATeknollogee said:
@Dashrender You have a "how to" instruction set?
I think @dafyre created a script for it. I am pretty sure you can only install the bridge on a connector, which has to be a Linux box.
Doh! you're right it was @dafyre
It wasn't a script... Esentially what I did was build a Linux router.
I have been unable to get the Official Bridged mode to work for some reason or another... It sounds like that is more involved than what @JaredBusch wants to do though.
I'd agree - bridge mode is like a huge pain. Putting all devices into a /16 network? WOW - no thanks. Of course I realize you could just as easily do with with a /23 or /22.
I'm curious though.. what happens when two NICs have IPs in the same range? This would be the case when a laptop is in the office.
-
@Dashrender said:
I'm curious though.. what happens when two NICs have IPs in the same range? This would be the case when a laptop is in the office.
Why would that happen with laptops?
-
@scottalanmiller said:
@Dashrender said:
I'm curious though.. what happens when two NICs have IPs in the same range? This would be the case when a laptop is in the office.
Why would that happen with laptops?
He means if they use the same IP range for both the LAN and the ZT network... what would happen if a laptop got 192.168.16.16 on the LAN, as well as 192.168.16.16 on the ZT network.
-
@dafyre said:
@scottalanmiller said:
@Dashrender said:
I'm curious though.. what happens when two NICs have IPs in the same range? This would be the case when a laptop is in the office.
Why would that happen with laptops?
He means if they use the same IP range for both the LAN and the ZT network... what would happen if a laptop got 192.168.16.16 on the LAN, as well as 192.168.16.16 on the ZT network.
Oh, you can't do that. The devices would freak out. It's as simple as... you can't.
But... when would this happen? Why would you choose a ZT network that overlaps with the LAN?
-
Oh, you can't do that. The devices would freak out. It's as simple as... you can't.
But... when would this happen? Why would you choose a ZT network that overlaps with the LAN?Couldn't you create two separate reservations--one for the LAN and one for ZT?
-
@scottalanmiller said:
@dafyre said:
@scottalanmiller said:
@Dashrender said:
I'm curious though.. what happens when two NICs have IPs in the same range? This would be the case when a laptop is in the office.
Why would that happen with laptops?
He means if they use the same IP range for both the LAN and the ZT network... what would happen if a laptop got 192.168.16.16 on the LAN, as well as 192.168.16.16 on the ZT network.
Oh, you can't do that. The devices would freak out. It's as simple as... you can't.
But... when would this happen? Why would you choose a ZT network that overlaps with the LAN?
I think that may have been something that someone read a little too much into what @adam-ierymenko was saying about bridging (either in this thread, or another).
-
@wirestyle22 said:
Oh, you can't do that. The devices would freak out. It's as simple as... you can't.
But... when would this happen? Why would you choose a ZT network that overlaps with the LAN?Couldn't you create two separate reservations--one for the LAN and one for ZT?
Right, but then how does the computer know which IP range to actually talk from?
-
@wirestyle22 said:
Oh, you can't do that. The devices would freak out. It's as simple as... you can't.
But... when would this happen? Why would you choose a ZT network that overlaps with the LAN?Couldn't you create two separate reservations--one for the LAN and one for ZT?
DHCP would not work, you'd have a mess.
-
@scottalanmiller said:
@wirestyle22 said:
Oh, you can't do that. The devices would freak out. It's as simple as... you can't.
But... when would this happen? Why would you choose a ZT network that overlaps with the LAN?Couldn't you create two separate reservations--one for the LAN and one for ZT?
DHCP would not work, you'd have a mess.
I was thinking statically assigned IP's
-
@dafyre said:
@scottalanmiller said:
@Dashrender said:
I'm curious though.. what happens when two NICs have IPs in the same range? This would be the case when a laptop is in the office.
Why would that happen with laptops?
He means if they use the same IP range for both the LAN and the ZT network... what would happen if a laptop got 192.168.16.16 on the LAN, as well as 192.168.16.16 on the ZT network.
uh.. no - that shouldn't happen.
So looking at the ZT docs on creating a bridge: The LAN will use 192.168.0.x and ZT will use 192.168.1.x. DHCP on the LAN will only provide 192.168.0.x addresses so you'll never have a conflict of IPs (wasn't part of my concern)
But since this is all in the same /22 you now have two adapters on the same network. -
@wirestyle22 said:
@scottalanmiller said:
@wirestyle22 said:
Oh, you can't do that. The devices would freak out. It's as simple as... you can't.
But... when would this happen? Why would you choose a ZT network that overlaps with the LAN?Couldn't you create two separate reservations--one for the LAN and one for ZT?
DHCP would not work, you'd have a mess.
I was thinking statically assigned IP's
Bottom line, you cannot overlap the same network. It conceptually doesn't even make sense. The machine would have no idea how to differentiate between the two because they are literally the same network.
Static, dynamic, reservations.. doesn't matter. You can't layer the same network on itself.
-
@Dashrender said:
@dafyre said:
@scottalanmiller said:
@Dashrender said:
I'm curious though.. what happens when two NICs have IPs in the same range? This would be the case when a laptop is in the office.
Why would that happen with laptops?
He means if they use the same IP range for both the LAN and the ZT network... what would happen if a laptop got 192.168.16.16 on the LAN, as well as 192.168.16.16 on the ZT network.
uh.. no - that shouldn't happen.
So looking at the ZT docs on creating a bridge: The LAN will use 192.168.0.x and ZT will use 192.168.1.x. DHCP on the LAN will only provide 192.168.0.x addresses so you'll never have a conflict of IPs (wasn't part of my concern)
But since this is all in the same /22 you now have two adapters on the same network.I don't have the docs in from of me, but why is it making two addresses on the same LAN?
