How does zerotier know my public ip address

Dear all,

Anyone knows how Zerotier know my machine’s Physical IP address? I guess some server check my machine’s request and learn its physical ip. If so, what’s the domain name or ip address for this server? And is the traffic through machine to machine directly or it will go to some relay server? Thanks

ZeroTier’s network controllers communicate with each member of a network. When joining a network on your machine, your instance of ZeroTier asks the network controller to join. It does that by communicating to the network controller. As part of IP communication, the packets sent to the network controller have a return address so we can send packets back. That’s how the network controllers know your IP address.

ZeroTier isn not a “privacy VPN”. It’s not meant to hide IP addresses. You can see the public IP/port combinations of all peers running ZeroTier that you’ve recently communicated with by using the command line zerotier-cli peers.

If you’d like more information on the how & why of things, please see our Design Whitepaper on how ZeroTier works under the hood.

Thank you zt-grant for your explanation. Do you have the domain name or ip address of ZeroTier network controller?

Nope. Our hosted network controllers are hosted within a cluster with ephemeral IP addresses, and the addresses change as needed.

if there’s no domain name or ip address, how can my machine access the network controller?

There’s no specific IP address I can give you that will say “Network Controller A is and will always be at IP address X”. It’s a pool of addresses that our hosting provider pulls from randomly as cluster nodes come and go.

The reason i want to know the network controller ip is because our network select route path based on the destination. So sometimes the physical ip is not the nearest one to other nodes. Do we have url for network controller that can be resolved by DNS server?

ZeroTier itself doesn’t use DNS to communicate. It uses UDP & IP addresses directly, received from the root servers. Root servers are also UDP over direct IP with no DNS involved. There is nothing done in DNS on your end that will affect which paths ZeroTier itself takes

so the moon server also a network controller?

No. Moons are equivalent to semi-private root servers

thank you for your sharing. Have a great day

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.