Cryptic error message on Linux

Been using ZeroTier for a while and after updating the host OS, I checked the logs and noticed it was full of constantly repeating message like these:

Jul 22 08:54:50 myserver zerotier-one[7211]: connect: Connection refused
Jul 22 08:54:50 myserver zerotier-one[7211]: connect: Connection refused
Jul 22 08:54:50 myserver zerotier-one[7211]: connect: Connection refused
Jul 22 08:54:50 myserver zerotier-one[7211]: connect: Connection refused
Jul 22 08:54:50 myserver zerotier-one[7211]: connect: Connection refused
Jul 22 08:49:42 myserver zerotier-one[7211]: connect: Connection refused
Jul 22 08:49:42 myserver zerotier-one[7211]: connect: Connection refused
Jul 22 08:49:42 myserver zerotier-one[7211]: connect: Connection refused
Jul 22 08:49:42 myserver zerotier-one[7211]: connect: Connection refused
Jul 22 08:49:42 myserver zerotier-one[7211]: connect: Connection refused
Jul 22 08:44:35 myserver zerotier-one[7211]: connect: Connection refused
Jul 22 08:44:35 myserver zerotier-one[7211]: connect: Connection refused
Jul 22 08:44:35 myserver zerotier-one[7211]: connect: Connection refused
Jul 22 08:44:35 myserver zerotier-one[7211]: connect: Connection refused
Jul 22 08:44:35 myserver zerotier-one[7211]: connect: Connection refused
Jul 22 08:39:27 myserver zerotier-one[7211]: connect: Connection refused
Jul 22 08:39:27 myserver zerotier-one[7211]: connect: Connection refused
Jul 22 08:39:27 myserver zerotier-one[7211]: connect: Connection refused
Jul 22 08:39:27 myserver zerotier-one[7211]: connect: Connection refused
Jul 22 08:39:27 myserver zerotier-one[7211]: connect: Connection refused
Jul 22 08:34:19 myserver zerotier-one[7211]: connect: Connection refused
Jul 22 08:34:19 myserver zerotier-one[7211]: connect: Connection refused
Jul 22 08:34:19 myserver zerotier-one[7211]: connect: Connection refused
Jul 22 08:34:19 myserver zerotier-one[7211]: connect: Connection refused
Jul 22 08:34:19 myserver zerotier-one[7211]: connect: Connection refused

I think I managed to calm it down but how would one troubleshoot exactly where zerotier was trying to connect ?

Hello,
That doesn’t look familiar. Is it still doing that? Is ZeroTier working?
You may want to reinstall zerotier with apt if you upgraded the distro.

What I did was use the command ss to indentify which interface/ports Zerotier was using like
ss -tlnp

and found out it was binding to all interfaces including another tunneling interface.
Consulting the ArchWiki, I added a local.conf like this:


{
    "settings": {
        "interfacePrefixBlacklist": [ "docker", "br-" , "tun-"]
    }
}

to have zerotier only use the physical interface and loopback.

After that, I was still getting these error messages so that lead me verify what was happeing to the port 9993 and the other ports ZeroTier binds to.
It turns out a port is being opened automatically via UPNP each time ZeroTier service starts; I can see the request in my router and somehow I think this UPNP port openeing isn’t functionning properly. That’s where an error message with a specific address and port number would be helpful.

What solved the issue was configuring a manual port redirection in my router and disabling portMapping in ZeroTier.

Thanks. I think that message might be coming from the upnp library, which we don’t really control the messages.

zerotier-cli info -j shows the addresses and ports zerotier is listening on. Just another way to get the same info as ss -ltnp

tun and tap devices should be blacklisted by default on linux.

You might not need to manual port redirection. UDP whole punching can work without upnp.