when start zerotier in freebsd 14.0,
#zerotier-cli info
401 info{}
zerotier-cli peers
401 peers {}
Error connecting to the ZeroTier service: {}
Please check that the service is running and that TCP port 9993 can be contacted via 127.0.0.1.
open 127.0.0.1:9993 in browser return only
{}
i test on freebsd 13.2(vm), it’s ok.
anyone else encounter this problem?
:Same problem. It is only the cli that’s not working, the daemon does configure the interfaces and routes properly.
Checking with curl shows that connecting using to ‘::1’ instead of ‘127.0.0.1’ works:
curl -H "X-ZT1-Auth: $(cat /var/db/zerotier-one/authtoken.secret )" http://[::1]:9993/status -v
* Trying [::1]:9993...
* Connected to ::1 (::1) port 9993
> GET /status HTTP/1.1
> Host: [::1]:9993
> User-Agent: curl/8.4.0
> Accept: */*
> X-ZT1-Auth: 2x1nkf8t9u0x9c791mfjrxrw
>
< HTTP/1.1 200 OK
< Content-Length: 1589
< Content-Type: application/json
< Keep-Alive: timeout=5, max=5
<
* Connection #0 to host ::1 left intact
...
Using IPv4 127.0.0 gets you 401 Unauthorized:
curl -H "X-ZT1-Auth: $(cat /var/db/zerotier-one/authtoken.secret )" http://127.0.0.1:9993/status -v
* Trying 127.0.0.1:9993...
* Connected to 127.0.0.1 (127.0.0.1) port 9993
> GET /status HTTP/1.1
> Host: 127.0.0.1:9993
> User-Agent: curl/8.4.0
> Accept: */*
> X-ZT1-Auth: 2x1nkf8t9u0x9c791mfjrxrw
>
< HTTP/1.1 401 Unauthorized
< Content-Length: 2
< Content-Type: application/json
< Keep-Alive: timeout=5, max=5
<
* Connection #0 to host 127.0.0.1 left intact
A quick comparison of the packets with tcpdump shows no differences in the payload.
Update: It looks like in FreeBSD 14 getpeername() return sockaddr{AF_INET6, [::ffff:127.0.0.1]:9993} whereas prior versions returned sockaddr{AF_INET, 127.0.0.1:9993}
For a workaround add the following to your “local.conf” and restart zerotier-one:
"settings": {
"allowManagementFrom": [ "127.0.0.1", "::1", "10.0.0.0/8", "ffff:127.0.0.1" ]
}
solved.
thank you very much.