Good day everyone.
I’m a beginner and haven’t figured it out with a firewall yet.
Hasplm works on my host. From sends packets to ztr
10.147.20.100 → 255.255.255.255.1947
On another host 10.147.20.150 I am listening to ztr
tcpdump -i ztrtaqwnol
I am not receiving broadcast package.
Help what needs to be done
thanks
Hello,
make sure you are on zerotier version 1.8.4
I’m not familiar with Hasplm. If it as a Windows app, it may need to be convinced to broadcast on ZeroTier adapters. See: https://zerotier.atlassian.net/wiki/spaces/SD/pages/7536695/Problems+With+LAN+Game+Announcements+and+Broadcasts+on+Windows
Thanks for your reply
At the moment I am using l2tp and everything works for me. But I want to go to Zirotiyer
“Make sure Broadcast is enabled on your ZeroTier network’s settings.”
I do not know how to do it. I have a default kofig and I added a broadcast. How I did it I don’t know whether it is true or not
# Allow only IPv4, IPv4 ARP, and IPv6 Ethernet frames.
#
drop
not ethertype ipv4
and not ethertype arp
#and not ethertype ipv6
and not broadcast
The default rules allow broadcast.
There is a checkbox for allow broadcast in the network settings. This is also checked by default.
Thank you very much for your attention for my person.
Yes, I understand you, I checked what is allowed by default.
But that doesn’t work.
I have a Linux host. For the test, I sent broadcast packets over the network, but the ztr does not see them. I’ve already broken my head, I don’t know what to do.
How are you testing? Maybe we can reproduce.
Last time I tried, I just turned on avahi-daemon.
Hey
Thank you for not leaving me. I am really having a big problem because of this.
On Linux host vps (pub-ip), the hasplmd daemon works for me.
He sends a broadcast packet for Sharing Key. The package goes only to eth0, but it does not get into ztr0 (10.147.20.10). I test this way hping3 -1 -a any-ip 255.255.255.255
I created bridge br0 and added eth0 and ztr0 to it
Now ztr0 sees the broadcast (tcpdump -i ztr0)
But I don’t know why the broadcast packet doesn’t go through the tunnel ztr0
The second host ztr0 (10.147.20.50) does not accept broadcasts. icmp packets go through.
I know what avahi is, but how will he help? I do not understand how ztr0 L2 cannot walk this package on the tunnel
I was using avahi just for an example or test.
hping3 -1 255.255.255.255 doesn’t work for me either. It also doesn’t work on my physical lan. I’m not sure.
hping3 -1 10.147.20.255 does work for me. (zerotier)
Maybe you need to configure hasplmd to use the zerotier address.
This broadcast address network 10.147.20.0/24, it is the last address on the subnet
255.255.255.255 is a restricted broadcast address. All hosts from any subnets within the L2 domain must respond to a packet with such a destination address.
And so my brain explodes why it doesn’t work. Perhaps the problem is that it is necessary to configure the ztr network config. I’m not a zirotayer specialist. Most likely, this requires the help of a specialist ztr.
Hasplm binding on ztr will not work.
- When the demon hasplm rises, then ztr0 does not exist yet.
but that’s not really a problem yet. - no config for hasplm. It sounds silly, but I haven’t found it.
There are no such problems in the L2TP network. If it is not possible to solve this problem, then I will leave such a beautiful solution as ztr.
It’s a shame, but true.
Thank you
What version of ZeroTier? Please use 1.8.4
see also:
sysctl net.ipv4.icmp_echo_ignore_broadcasts=0
ping -I zt5u4uptmb -b 255.255.255.255
is working for me too.
If I don’t specify the interface, it send out on only one address. It’s the one that is the default gateway. It’s the same with hping3.
So I guess it has to do with interface or route metrics.
ip route get 255.255.255.255
broadcast 255.255.255.255 dev eth0 src 192.168.82.67 uid 0
cache <local,brd>
1 Like
You are a magician. Packages went to the second host.
I didn’t do that.
But in hping3 I specified the ztr interface and it did not work for me.
Next, I think we need to deal with routing
Thank you
I don’t think this is the correct way to do this, but
ip route add 255.255.255.255/32 dev zt5u4uptmb
root@raspberrypi:/etc/systemd/network# ip route get 255.255.255.255
broadcast 255.255.255.255 dev eth0 src 192.168.82.67 uid 0
cache <local,brd>
root@raspberrypi:/etc/systemd/network# ping -c 1 -b 255.255.255.255
WARNING: pinging broadcast address
PING 255.255.255.255 (255.255.255.255) 56(84) bytes of data.
64 bytes from 192.168.82.102: icmp_seq=1 ttl=63 time=0.847 ms
--- 255.255.255.255 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.847/0.847/0.847/0.000 ms
root@raspberrypi:/etc/systemd/network# ip route add 255.255.255.255/32 dev zt5u4uptmb
root@raspberrypi:/etc/systemd/network# ping -c 1 -b 255.255.255.255
WARNING: pinging broadcast address
PING 255.255.255.255 (255.255.255.255) 56(84) bytes of data.
64 bytes from 10.147.17.212: icmp_seq=1 ttl=64 time=94.1 ms
--- 255.255.255.255 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 94.087/94.087/94.087/0.000 ms
root@raspberrypi:/etc/systemd/network# ip route get 255.255.255.255
broadcast 255.255.255.255 dev zt5u4uptmb src 10.147.17.94 uid 0
cache <local,brd>
1 Like
ZeroTier Version
1.8.4
Sorry for the trouble. Please make
publish-workstation=yes
in
/etc/avahi/avahi-daemon.conf
to make it more chatty.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.