Can I suggest a route to ZeroTier?

SirAdelaide · July 27, 2022, 8:47am

I’m working from home (in Adelaide), accessing a corporate network via the corporate vpn. The vpn server is half a continent away (in Sydney), with 30ms pings.

I access my office computer in my local city (Adelaide) via Remote Desktop. The when using the corporate vpn, the traffic route is me(Adelaide) to server (Sydney) to desktop (Adelaide), for total ping of 60 ms.

Both my laptop and work desktop can access the internet without going through the vpn server - only lan ip ranges are routed to the vpn server while internet traffic goes to local gateways.

I’ve installed ZeroTier on my home laptop and work desktop, and was hoping it would find a direct route via the internet that didn’t go through the corporate vpn, which would give me 10 ms pings. Instead, it finds a connection via the vpn server, and I still see 60 ms pings.

What should I change to help ZeroTier find a better route?

zt-travis · July 27, 2022, 4:18pm

Hello,
Thanks for asking. It should use the fastest route automatically. It might figure it out after some time.

You can look into what it’s doing by checking
zerotier-cli peers and zerotier-cli info --json (the listeningOn list)
zerotier-cli

The firewall at the office might be preventing zerotier from directly peering.
Router Config Tips Info for your friendly network administrator.

You can blacklist IP ranges by creating a local.conf file, but ideally you don’t need to.

The contents of local.conf would be like:

{
	"physical": {
		"1.2.3.4/16": {
			"blacklist": true
		}
	}
}

Replace 1.2.3.4/16 with your vpn subnet. Check zerotier-cli info -j again to see if it took.

system · August 26, 2022, 4:19pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.