[plug] Zerotier and Ubuntu 18.04

Dean Bergin dean.bergin at gmail.com
Fri Apr 3 18:04:30 AWST 2020 

Hello Shanon,

While I'm a big fan of the ZeroTier model and its ease of use, I haven't
had much chance to fully evaluate it now setup a Linux box (only because I
can't get buyin with my fellow gamer friends).

It's my understanding however that ZeroTier simply punches through NAT (I
forget the technical term for this), so I don't beleive that you need to
open up NAT rules unless you want to look into becoming your own moon -
which is not particularly easilly done nor supported when I last looked
into that.

As for the tun device, zerotier appears to create its own interface
(probably linked to or tun/tap device) which looks like the following once
you are on the network and authorised:

ubuntu:~$ ip addr show dev ztbpapt2fl
4: ztbpapt2fl: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 2800 qdisc fq_codel
state UNKNOWN group default qlen 1000
    link/ether 3a:3e:9d:92:77:00 brd ff:ff:ff:ff:ff:ff
    inet ***REMOVED*** brd ***REMOVED*** scope global ztbpapt2fl
       valid_lft forever preferred_lft forever
    inet6 ***REMOVED*** scope link
       valid_lft forever preferred_lft forever


I did nothing special to get it working just now (no port forwarding or
NAT) except for following the install instructions at
https://www.zerotier.com/download/ and then ran:

ubuntu:~$ sudo zerotier-cli info
200 info 555702f433 1.4.6 ONLINE

ubuntu:~$ sudo zerotier-cli join <myztnetwork>
200 join OK

I suspect that either the snap install isn't working as expected or you
have some restriction or application/URL filtering in place preventing the
session from establishing as the applicatio seems to indicate that it
operates over HTTP/HTTPS:

ubuntu:~$ sudo zerotier-cli -h | grep HTTP
  -p<port>                - HTTP port (default: auto)


I'd also suggest installing as per the instructions at
https://www.zerotier.com/download/ to rule that out.

Lastly, I stronly suggest TURNING OFF uPNP due to its numerous
vulnerabilities.


Regards,

*Dean Bergin*


On Fri, 3 Apr 2020 at 15:49, Shanon Loughton <autobot at iinet.net.au> wrote:

> Hi
>
> Im trying to just join a friends network on zerotier with Ubuntu 18.04.
> Anyone know how to get the TUN device working? It seems to be there. I just
> cant get a zt0 interface. Router is forwarding 9993, and other UPNP
> zerotier connections are active. See PORT_ERROR.
>
> Thanks for any help.
> Shanon
>
>
> Router Upnp active
> ZeroTier/**********@22875 22875 UDP 192.168.1.102 22875
> ZeroTier/**********@26603 26603 UDP 192.168.1.102 26603
>
> Router NAT
> Zerotier 9993 192.168.1.102 9993 UDP
>
> user at host:~$ uname -a
> Linux cgltower-gamer 5.3.0-7625-generic
> #27~1576774585~18.04~c7868f8-Ubuntu SMP Thu Dec 19 20:37:47 UTC  x86_64
> x86_64 x86_64 GNU/Linux
>
> user at host:~$ ls -la /dev/net/tun
> crw-rw-rw- 1 root root 10, 200 Apr  3 16:48 /dev/net/tun
>
> user at host:~$ lsmod | grep tun
> xfrm4_tunnel           16384  0
> tunnel4                16384  1 xfrm4_tunnel
> ip6_udp_tunnel         16384  1 l2tp_core
> udp_tunnel             16384  1 l2tp_core
>
> user at host:~$ sudo snap install zerotier-one
> zerotier-one 1.4.6 from Lance Hartung (lh) installed
>
> user at host:~$ sudo zerotier-one.zerotier-cli join fffffffffffffff
> 200 join OK
>
> user at host:~$ sudo zerotier-one.zerotier-cli listnetworks
> 200 listnetworks <nwid> <name> <mac> <status> <type> <dev> <ZT assigned
> ips>
> 200 listnetworks fffffffffffffff  12:68:5d:31:08:0d PORT_ERROR PRIVATE  -
>
> user at host:~$ ifconfig
> enp111s0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
>         ether xx:xx:xx:xx:xx:xx  txqueuelen 1000  (Ethernet)
>         RX packets 0  bytes 0 (0.0 B)
>         RX errors 0  dropped 0  overruns 0  frame 0
>         TX packets 0  bytes 0 (0.0 B)
>         TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
>
> lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
>         inet 127.0.0.1  netmask 255.0.0.0
>         inet6 ::1  prefixlen 128  scopeid 0x10<host>
>         loop  txqueuelen 1000  (Local Loopback)
>         RX packets 794  bytes 80452 (80.4 KB)
>         RX errors 0  dropped 0  overruns 0  frame 0
>         TX packets 794  bytes 80452 (80.4 KB)
>         TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
>
> wlo1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
>         inet 192.168.1.102  netmask 255.255.255.0  broadcast 192.168.1.255
>         inet6 xxxx::xxxx:xxxx:xxxx:xxxx  prefixlen 64  scopeid 0x20<link>
>         ether xx:xx:xx:xx:xx:xx  txqueuelen 1000  (Ethernet)
>         RX packets 37035  bytes 33206291 (33.2 MB)
>         RX errors 0  dropped 0  overruns 0  frame 0
>         TX packets 30989  bytes 7421066 (7.4 MB)
>         TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
> _______________________________________________
> PLUG discussion list: plug at plug.org.au
> http://lists.plug.org.au/mailman/listinfo/plug
> Committee e-mail: committee at plug.org.au
> PLUG Membership: http://www.plug.org.au/membership
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.plug.org.au/pipermail/plug/attachments/20200403/7a9c261d/attachment.html>

More information about the plug mailing list