<div dir="ltr">Thanks Dean<div><br></div><div>I missed a step.</div><div><br></div><div>When I did </div><div><br></div><div>user@host:~$ sudo snap connect <span>zerotier</span>-one:network-control</div><div><br></div><div>after the snap install command, other steps created the interface and it worked. <br></div><div><br></div><div>Im not quite sure what that step is - am I connecting to a moon or something? If so do I need to find my closest one first?</div><div><br></div><div>cheers</div><div>Shanon</div><div><br></div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, 3 Apr 2020 at 19:34, Dean Bergin <<a href="mailto:dean.bergin@gmail.com" target="_blank">dean.bergin@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div class="gmail_default" style="font-family:verdana,sans-serif">Hello Shanon,</div><div class="gmail_default" style="font-family:verdana,sans-serif"><br></div><div class="gmail_default" style="font-family:verdana,sans-serif">While I'm a big fan of the ZeroTier model and its ease of use, I haven't had much chance to fully evaluate it now setup a Linux box (only because I can't get buyin with my fellow gamer friends).</div><div class="gmail_default" style="font-family:verdana,sans-serif"><br></div><div class="gmail_default" style="font-family:verdana,sans-serif">It's my understanding however that ZeroTier simply punches through NAT (I forget the technical term for this), so I don't beleive that you need to open up NAT rules unless you want to look into becoming your own moon - which is not particularly easilly done nor supported when I last looked into that.</div><div class="gmail_default" style="font-family:verdana,sans-serif"><br></div><div class="gmail_default" style="font-family:verdana,sans-serif">As for the tun device, zerotier appears to create its own interface (probably linked to or tun/tap device) which looks like the following once you are on the network and authorised:</div><div class="gmail_default" style="font-family:verdana,sans-serif"><br></div><div class="gmail_default" style="font-family:verdana,sans-serif"><blockquote style="margin:0px 0px 0px 40px;border:none;padding:0px"><div class="gmail_default">ubuntu:~$ ip addr show dev ztbpapt2fl</div><div class="gmail_default">4: ztbpapt2fl: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 2800 qdisc fq_codel state UNKNOWN group default qlen 1000</div><div class="gmail_default"> link/ether 3a:3e:9d:92:77:00 brd ff:ff:ff:ff:ff:ff</div><div class="gmail_default"> inet
***REMOVED*** brd ***REMOVED*** scope global ztbpapt2fl</div><div class="gmail_default"> valid_lft forever preferred_lft forever</div><div class="gmail_default"> inet6
***REMOVED***
scope link</div><div class="gmail_default"> valid_lft forever preferred_lft forever</div></blockquote><div><div dir="ltr"><div dir="ltr"></div></div></div></div><div class="gmail_default" style="font-family:verdana,sans-serif"><br></div><div class="gmail_default" style="font-family:verdana,sans-serif">I did nothing special to get it working just now (no port forwarding or NAT) except for following the install instructions at <a href="https://www.zerotier.com/download/" style="font-family:Arial,Helvetica,sans-serif" target="_blank">https://www.zerotier.com/download/</a> and then ran:</div><div class="gmail_default" style="font-family:verdana,sans-serif"><br></div><blockquote style="margin:0px 0px 0px 40px;border:none;padding:0px"><div class="gmail_default" style="font-family:verdana,sans-serif">ubuntu:~$ sudo zerotier-cli info</div>200 info 555702f433 1.4.6 ONLINE<div class="gmail_default" style="font-family:verdana,sans-serif"><br></div><div class="gmail_default" style="font-family:verdana,sans-serif">ubuntu:~$ sudo zerotier-cli join <myztnetwork></div><div class="gmail_default" style="font-family:verdana,sans-serif">200 join OK</div><div class="gmail_default" style="font-family:verdana,sans-serif"><br></div><div class="gmail_default" style="font-family:verdana,sans-serif"></div></blockquote><div><div dir="ltr"><div dir="ltr"><span style="font-family:verdana,sans-serif">I suspect that <span class="gmail_default" style="font-family:verdana,sans-serif">either </span>the snap install isn't working as expected<span class="gmail_default" style="font-family:verdana,sans-serif"> or you have some restriction or application/URL filtering in place preventing the session from establishing as the applicatio seems to indicate that it operates over HTTP/HTTPS:</span></span></div><div dir="ltr"><span style="font-family:verdana,sans-serif"><span class="gmail_default" style="font-family:verdana,sans-serif"><br></span></span></div></div></div><blockquote style="margin:0px 0px 0px 40px;border:none;padding:0px"><div><div><div><span class="gmail_default" style="font-family:verdana,sans-serif">ubuntu</span>:~$ sudo zerotier-cli -h | grep HTTP</div></div></div><div><div><div> -p<port> - HTTP port (default: auto)</div></div></div></blockquote><div><div dir="ltr"><div dir="ltr"><span style="font-family:verdana,sans-serif"><span class="gmail_default" style="font-family:verdana,sans-serif"><br></span></span></div><div dir="ltr"><span style="font-family:verdana,sans-serif">I'd <span class="gmail_default" style="font-family:verdana,sans-serif">also </span>suggest installing as per the instructions at
<a href="https://www.zerotier.com/download/" target="_blank">https://www.zerotier.com/download/</a><span class="gmail_default" style="font-family:verdana,sans-serif"> to rule that out.</span></span><br></div><div dir="ltr"><div class="gmail_default" style="font-family:verdana,sans-serif"><br></div><div class="gmail_default" style="font-family:verdana,sans-serif">Lastly, I stronly suggest TURNING OFF uPNP due to its numerous vulnerabilities.</div><div class="gmail_default" style="font-family:verdana,sans-serif"><br></div><br><span class="gmail_default" style="font-family:verdana,sans-serif"></span>Regards,<br><br><i>Dean Bergin</i></div></div></div><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, 3 Apr 2020 at 15:49, Shanon Loughton <<a href="mailto:autobot@iinet.net.au" target="_blank">autobot@iinet.net.au</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div dir="ltr"><div dir="ltr">Hi<div><br></div><div>Im trying to just join a friends network on zerotier with Ubuntu 18.04. Anyone know how to get the TUN device working? It seems to be there. I just cant get a zt0 interface. Router is forwarding 9993, and other UPNP zerotier connections are active. See PORT_ERROR.</div><div><br></div><div>Thanks for any help.</div><div>Shanon</div><div><br></div><div><br></div><div>Router Upnp active<br> ZeroTier/**********@22875 22875 UDP 192.168.1.102 22875<br> ZeroTier/**********@26603 26603 UDP 192.168.1.102 26603<br><br>Router NAT<br> Zerotier 9993 192.168.1.102 9993 UDP<br></div><div><br></div><div>user@host:~$ uname -a<br>Linux cgltower-gamer 5.3.0-7625-generic #27~1576774585~18.04~c7868f8-Ubuntu SMP Thu Dec 19 20:37:47 UTC x86_64 x86_64 x86_64 GNU/Linux<br><br>user@host:~$ ls -la /dev/net/tun <br>crw-rw-rw- 1 root root 10, 200 Apr 3 16:48 /dev/net/tun</div><div><br>user@host:~$ lsmod | grep tun<br>xfrm4_tunnel 16384 0<br>tunnel4 16384 1 xfrm4_tunnel<br>ip6_udp_tunnel 16384 1 l2tp_core<br>udp_tunnel 16384 1 l2tp_core<br><br>user@host:~$ sudo snap install zerotier-one<br>zerotier-one 1.4.6 from Lance Hartung (lh) installed<br><br>user@host:~$ sudo zerotier-one.zerotier-cli join fffffffffffffff<br>200 join OK<br><br>user@host:~$ sudo zerotier-one.zerotier-cli listnetworks<br>200 listnetworks <nwid> <name> <mac> <status> <type> <dev> <ZT assigned ips><br>200 listnetworks fffffffffffffff 12:68:5d:31:08:0d PORT_ERROR PRIVATE -<br></div><div><br></div><div>user@host:~$ ifconfig<br>enp111s0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500<br> ether xx:xx:xx:xx:xx:xx txqueuelen 1000 (Ethernet)<br> RX packets 0 bytes 0 (0.0 B)<br> RX errors 0 dropped 0 overruns 0 frame 0<br> TX packets 0 bytes 0 (0.0 B)<br> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0<br><br>lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536<br> inet 127.0.0.1 netmask 255.0.0.0<br> inet6 ::1 prefixlen 128 scopeid 0x10<host><br> loop txqueuelen 1000 (Local Loopback)<br> RX packets 794 bytes 80452 (80.4 KB)<br> RX errors 0 dropped 0 overruns 0 frame 0<br> TX packets 794 bytes 80452 (80.4 KB)<br> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0<br><br>wlo1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500<br> inet 192.168.1.102 netmask 255.255.255.0 broadcast 192.168.1.255<br> inet6 xxxx::xxxx:xxxx:xxxx:xxxx prefixlen 64 scopeid 0x20<link><br> ether xx:xx:xx:xx:xx:xx txqueuelen 1000 (Ethernet)<br> RX packets 37035 bytes 33206291 (33.2 MB)<br> RX errors 0 dropped 0 overruns 0 frame 0<br> TX packets 30989 bytes 7421066 (7.4 MB)<br> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0<br></div></div></div></div>
_______________________________________________<br>
PLUG discussion list: <a href="mailto:plug@plug.org.au" target="_blank">plug@plug.org.au</a><br>
<a href="http://lists.plug.org.au/mailman/listinfo/plug" rel="noreferrer" target="_blank">http://lists.plug.org.au/mailman/listinfo/plug</a><br>
Committee e-mail: <a href="mailto:committee@plug.org.au" target="_blank">committee@plug.org.au</a><br>
PLUG Membership: <a href="http://www.plug.org.au/membership" rel="noreferrer" target="_blank">http://www.plug.org.au/membership</a></blockquote></div>
</blockquote></div>