Communication between physical interfaces and ZT in windows?

marcelo_fares · May 19, 2023, 5:37pm

Hello.

I’m new to this platform and I’ve been testing the ZT technology recommended by a friend for a few days. I’m enjoying it and I’m quite satisfied with the simplicity, but I have a question that I need help from more experienced people.

I need communication between the physical network interfaces of Windows side A with side B through ZT. My scenario is this:

The routes I have created are these!

This device (FRB2-NT-MFARES(note) has physical IP address being 192.168.20.95 on the local network interface. I would like it to communicate with the other local network interface of the VM-FDMSVRSI-2019 device containing the IP address physical 172.28.201.2.

It is possible?

I even changed this registry key on both computers on both sides but I can’t get ICMP between their physical network interfaces through ZT

HKEY LOCAL MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters
Change the entry IPEnableRouter REG DWORD to 1

Can anybody help me?
Excuse my English mistakes, I’m from Brazil

Boilerplate4U · May 20, 2023, 5:11am

You have to enable “Packet Forwarding” on both the Ethernet and ZT interfaces. Search this forum for it.

marcelo_fares · May 20, 2023, 1:01pm

But isn’t packet forwarding the registry key I mentioned above being (IPEnableRouter REG DWORD to 1) ?
I’m sorry I’m new and I need help

Boilerplate4U · May 20, 2023, 2:20pm

Check this:

marcelo_fares · May 20, 2023, 9:08pm

I followed this step you put above, but I don’t know if I did it correctly. I just need bi-directional communication between the local (physical) network interfaces on both remote sides as captured below:

Could you see if everything is ok?

Both sides have this option enabled:

Remembering that I still have the registry key (IPEnableRouter) turned on both sides to 1. Do I still need it?

AndrewZ · May 21, 2023, 9:30am

Please see my attempt to explain the routing in a simple way: Zerotier router setup not working - #4 by AndrewZ

A few advices:

do not use 10.x.x.x in Managed IPs, there is a potential overlap with the mobile broadband IP assignments
do not use 192.168.x.x in Managed IPs, there is a potential overlap with LAN address space
use smaller subnet for Managed IPs, i.e. something like 172.28.4.0/24 and assign all the addresses manually/statically

Assuming you have a router or a PC acting as a router, create a managed route like this:
192.168.20.0/24 via 172.28.4.20

where 192.168.20.0/24 is a LAN behind the router and 172.28.4.20 is a ZT assigned IP

marcelo_fares · May 22, 2023, 11:48am

Do you advise having a computer or master router that plays the role of GATEWAY for end-to-end communication between physical interfaces on both sides?

AndrewZ · May 22, 2023, 9:53pm

If your main router can run ZeroTier, that will be probably the best option.
Alternatively you can have a computer (I suggest Linux) that will act as a router between ZeroTier network and LAN. The main router will need a static route for ZT network via that gateway computer.

marcelo_fares · June 2, 2023, 12:11pm

And when I have high latency only through the ZT tunnel?

The green station has IP 172.28.4.80 is trying to reach 4.10 and vice versa. The green station is a virtual machine but it does not have a CPU overload, and Internet browsing is normal, as well as Tracert directly to the IP of the destination operator where the green machine is hosted.

Note, I only have high latency on this green station. At the other stations, communication between them is normal. Does anyone have any tips on how to resolve this?

marcelo_fares · June 8, 2023, 2:51am

Any tips to avoid high latency without using Gateways, just VPN between end to end with hosts at both ends?

system · July 8, 2023, 2:51am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.