Bridge two different networks with the same address space

Suxsem · February 3, 2021, 8:24am

Hello guys!

I have two houses, both with an ISP provided gateway that uses the 192.168.1.1/24 subnet.

I have two linux boxes in both houses where ZeroTier is running and the two boxes can reach each other through ZeroTier.

Now, I want to two bridge the two subnet in order to let them communicate; it should be pretty easy using L3 bridging but the problem here is that both network uses the same address space and I cannot change that.

I was thinking about “software” 1-1 NAT on ZeroTier to map one 192.168.1.1/24 to 10.0.1.1/24 and the other one to 10.0.2.1/24 but I don’t know if ZeroTier allow such thing. I found the “redirect” command of the ZeroTier rules engine but I’m not sure it can be used dynamically.

Can you help me with this?

Thank you!

zt-grant · February 3, 2021, 8:45pm

So this is a general networking issue. You would have the same exact problem if you were using wires & a switch to bridge two networks that use the same /24. You’re just trying to use ZeroTier as the virtual wires & switch.

The best course of action would be to change the subnets on the two LANs so they don’t use the same /24. If you made changes to the LAN address spaces as follows it could work:

LAN 1:

Subnet: 192.168.0.0/23
DHCP Range: 192.168.0.0-192.168.0.255

LAN 2:

Subnet: 192.168.0.0/23
DHCP Range: 192.168.1.0-192.168.1.255

Then you’ll just need a single ZeroTier node bridged to the local LAN inside each network and everything will be able to reach each other from both sides. The ZeroTier network would be configured to use 192.168.0.0/23 as well. You’ll just have to make sure DHCP packets don’t go over the bridge, otherwise things might get a little interesting (and broken).

If you don’t have access to change LAN settings on your routers, then I don’t know what to tell you, unfortunately.

Suxsem · February 4, 2021, 9:18am

So there isn’t anything like a NAT engine in ZeroTier, right?

zt-travis · February 4, 2021, 4:35pm

Nope! It just makes interfaces/addresses/routes.

But then iptables, for example, can use those just like real interfaces and do things like NAT with them.

Suxsem · February 4, 2021, 6:01pm

good advice! I will try with iptables

system · February 11, 2021, 6:08pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.