I’m currently running an Ubuntu 22.04 VM on Proxmox, with a Zerotier docker container (successfully for the better part of 2 years). The Zerotier container had been using version 1.8.10. Unfortunately, recently, I have been unable to ping or access this particular VM via other Zerotier peers.
Interestingly, this device is visible and enabled, with an IP assigned, in the ZT web console. Running zerotier-cli listnetworks shows a successful status, and zerotier-cli peers successfully shows other devices on the network.
Pinging this specific device returns “Destination Host Unreachable”, while pinging other devices on the network successfully returns a response.
I have tried deleting and recreating the Zerotier docker container, used a newer version of the image (1.10.2), and have countlessly rebooted the machine to no avail.
My docker-compose is as follows:
zerotier:
container_name: zerotier
image: zerotier/zerotier:latest
devices:
- /dev/net/tun
network_mode: host
volumes:
- '${_VOLUME_ZEROTIER}:/var/lib/zerotier-one'
cap_add:
- NET_ADMIN
- SYS_ADMIN
restart: always
I’ve tried to narrow down the issue by eliminating docker, by natively installing ZT via the install script. Everything is configured and detected (ZT IP assigned), but unfortunately no other ZT devices can reach this particular machine.
Eliminating the fact that there are issues with the docker container, or configuration in the ZT web portal (as it has been working successfully for 2 years), I suspected that there may be something wrong with /dev/net/tun (which I may be wrong, as this is not something I’m too familiar with). Upon comparison with another device with ZT running (a raspberry pi), when running lsmod | grep tun, the working device returns an entry (tun 53248 2), whereas the Ubuntu 22.04 VM returns empty. I had tried re-enabling tun via modprobe tun, which unfortunately had no effect (empty output).
Tracerouting to the Ubuntu VM didn’t complete (30 hops), whereas tracerouting to my raspberry pi (also on the ZT network) completed in one hop.
ICMP has also always been unblocked, can be pinged via local IP (in fact, all hosted services on this VM is accessible locally, just not via ZT anymore).
I have read somewhere that another user has to insmod the tun.ko module to get VPN tunneling working again, however this was on an Arch distro, not Ubuntu… there doesn’t seem to be any tun.ko module found on Ubuntu. As this is outside my knowledge, is there a way to reset or test /dev/net/tun?
At this time, I’m not quite sure how to proceed, and seeking guidance. Would be happy to provide any additional information necessary.
Edit: Well apparently all I had to do was update my packages (apt upgrade). Still don’t know which package that was outdated that was the issue…