Incorrect Classifying of Bogon addresses?

localknight · December 6, 2021, 2:57pm

Hi,

I’m watching the traffic through a pfsense device, and I’m looking at traffic getting blocked. Whilst usually I will see the zerotier devices sending from their local LAN IP out to the public IP of the receiver, I have one curious case where the local LAN IP of the device, is trying to communicate with a Bogon IP which of course it cannot as Bogon IP is not routable over the internet.

Given that usually ZT is sending UDP traffic to the public IP, is this a case where ZT is incorrectly classifying a Bogon IP as a publicly routable IP? Surely it shouldn’t be trying to transmit over the wire to that IP? (10.11.200.21)

zt-travis · December 7, 2021, 6:04am

It talks to peers over the lan too.

localknight · December 7, 2021, 6:16am

Thanks Travis, I understand however that is not my LAN.

The 10.11.200.0/24 network there is someone else’s LAN across the internet, so there is no route from 192.168.2.0/24 to 10.11.200.0/24 and so the communication it is attempting is not possible.

zt-travis · December 7, 2021, 3:04pm

sorry about that.

what OS and version of zerotier are 192.168.2.29, 10.11.200.21, and 10.11.200.14?
I’m not seeing similar on my router.

localknight · December 7, 2021, 3:57pm

All 3 are macOS 12.0.1

---------------------- LAN A ---------------------------

192.168.2.29 is v1.8.4 (Intel Mac)

---------------------- Internet -------------------------

----------------------- LAN B -------------------------

10.11.200.21 is v1.8.1 (M1 Mac)

10.11.200.14 is v1.8.4 (M1 Mac)

system · January 5, 2022, 2:58pm

This topic was automatically closed after 30 days. New replies are no longer allowed.