We have recently had a situation where every single one of our windows clients lost their DNS settings when connecting to a Zerotier network and we cannot explain what had caused it after working fine for a fairly long period of time.
Some of the clients were on domain joined machines and some of them were on stand alone machines. We even tried a new machine install and this was also doing the same. It was all working ok last Friday but not on the Monday, maybe a windows update? After some investigation and help from other topics we have established the following.
When the Zerotier client connects, it adds a network adapter to the interface list called “ZeroTier One []” and in this network adapter we were only seeing IP settings but not the DNS settings, they were blank, but this was a mis-understanding on our part as we thought the DNS settings not getting populated hence was causing the problem.
We set about connecting the Zerotier client, manually adding in the DNS settings into the otherwise blank interface and this worked ok as a work around but each time the client reconnected it lost the DNS settings again as it re-created the network interface.
I then discovered a helpful topic relating to the fact that Zerotier uses something called NPRT resolution and adds records into this NPRT system each time it connects instead of putting the DNS entries in the network interface, and removes them when it disconnects.
If you go into Powershell on the windows PC that has the Zerotier client on it and whilst the Zerotier client is disconnected run …
Get-DnsClientNrptpolicy -effective
you should get no feedback at all. If you run it with the Zerotier client connected you should see a multi-line response that contains your search domain and DNS server IP settings.
However in our case we got a blank response regardless of whether the Zerotier client was connected or not. If you disconnect Zerotier again and use the registry editor to go to …
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient and rename this to DNSClient-x
Now reconnect the Zerotier client and run …
Get-DnsClientNrptpolicy -effective
You will likely now discover the expected response.
We have no idea how this has happened or how it crept in but this looks like a viable solution for us. We have subsequently deleted this registry key and all seems fine. Hope this helps someone else.
Regards.