So I have struggled with trying to get a ZT bridge working on Debian 11 with a basic deployment.
There are many tutorials out there and they vary from just setup the bridge in the interfaces file and add a delay to bring up the bridge to removing standard base networking packages and doing all kinds of modifications. I never could really get any of them to easily work on a plain layer 2 with no IP forwarding.
I finally figured out a way to do a base install of Debian 11, will probably work for other distros also, and only have to add the bridge-utils package in order, you of course have to install ZT and do all the normal setup for it also, to get this to work.
Once you add the bridge-utils, decide which interface(s) you want as part of the bridge besides the ZT interface. Then, setup your interfaces files like below. I have two interfaces on the systems, ens18 and ens19. Ens18 is my LAN connected interface for internet connectivity and ens19 is tied to a vlan dedicated for ZT throughout my network.
auto br0
iface br0 inet manual
bridge_ports ens19
bridge_stp off # disable Spanning Tree Protocol
bridge_waitport 0 # no delay before a port becomes available
bridge_fd 0 # no forwarding delay
After to interfaces file in done, in crontab as root, put in the line:
@reboot sleep 15 && /usr/sbin/brctl addif br0 ztppi72fvl
The above, on every boot, will wait for 15 seconds, this gives the ZT service and interface time to be run and be created, then manually add the ZT interface to the bridge.
Since setting this up and have gone through multiple updates and reboots with no issues. It just works…
I think the biggest hurdle with ZT in a bridge is the timing of when network components get initialized and when the ZT interface becomes available. So this just ensures that the ZT interface has time to show up so it can be added to the bridge. To me, this is so much more simple than the ZT docs for setting up where you have to add shell variables, remove networking components, and setup custom systemd configs. Yes, it does depend on cron for the addition of the ZT interface to the bridge, but isn’t that what built in tools like cron are for?