Is it possible for ZT client to retrieve configuration directly from self hosting network controller?

Hi there, here in china.

About 20 hours ago, all the ZT clients on all openwrt routers suddenly got offline; it showed that " *REQUESTING_CONFIGURATION" in the output of listnetworks.

I captured pcap on wan interface, all packets sent to zerotier related ip addresses with destination udp port 9993 got no response, and subsequently, either failed on pinging;

I tried to start ZT client on iPhone with data traffic, it got online and assigned private ip successfully; I also tried wireless relay on openwrt from iphone hotspot, all ZT clients on openwrts got online back again.

So it seems that the ccp(chinese communist party)-controlled broadband ISP has banned all zerotier service, but telecommunication service provider has not yet.

I have also tried creating a self hosting network controller on the VPS that located far away from ccp-controlled area, and joined the network, it showed the same output as “REQUESTING_CONFIGURATION”.

I have no idea how exactly ZT client retrieves its configurations from network controller by network id, but I wonder if it is possible for ZT client to get configurations from self hosted network controller directly?

1 Like

I’ve tried pinging our IPs from several places in China and all appears normal. We also have a very large population of users in China and haven’t seen this complaint from anyone else.

It sounds like something in your router configuration, or ISP’s configuration has possibly changed and that isn’t allowing ZeroTier traffic to reach back to you. Beyond that, I can’t see why you can’t connect to the controllers. Best I can do is send you over to our Troubleshooting & FAQ. Perhaps something there can help.

I disscused this issue with some other guys, they checked their ZT, some of them had the same issue. but the broadbands we use are from different Internet ISPs that respectively are CMCC, CUCC, CTCC.

For now, only those who use the broadband from CMCC encountered this issue; users of CUCC AND CTCC are not affected yet;

My broadband ISP is CMCC, but my cell phone service provider is CUCC, so the result is consistent with my tests above.

I didn’t change any related configurations on my routers, and I also tested on my neighbour’s broadband that is also CMCC, as expected, failed as well.

I have no resources to test from every province of every ISP, but I tested on a chinese ping test website, the results are basically consistent with the test on my router and other guys…

ping ZT from CTCC, almost all requests from different provinces got responses;
#screenshot omitted, new users can only embed one pic, I am fresh new.

ping ZT from CMCC, abviously many packets lost in majority of provinces;

ping ZT from CUCC, much the same with CTCC, obviously better than CMCC.
#screenshot omitted, new users can only embed one pic.

This screenshot is what I caputured on my router’s wan interface.
#screenshot omitted, new users can only embed one pic.

Ping ZT from CTCC of available provinces china: ZT is reachable for most provinces.
#the screen may be too small too read, you can test with yourself on

Ping ZT from CMCC of available provinces china: failed for most provinces.

Ping ZT from CUCC of available provinces china: alomost the same with CTCC, ZT is reachable for most provinces.

#CST, 202207291919, bad news, finally, the ccp began to ban ZT on CTCC.

You can try to use IPv6 address. IPv6 is not blocked, but there are too many restrictions. Many devices do not get IPv6 address

China Telecom can success,But Can’t connect on CMCC(Mobie data),
CMCC like ban more address over GFW,

Hey, I suffer from this problem as well. As depicted in the Figure, all planet is in “RELAY” status (CMCC network). It seems that ZT client getting configurations from self hosted network controller directly is a compelling alernative. Best regards!


20220807, I just restarted ZT service, connection Recovered for ALL ISP, CMCC/CUCC/CTCC;
I don’t know why, anyway, thanks for such a great service.

I found out the resean why my clinets could not retrieve config from self hosted controller, because they have different IP versions, my routers work in IPv4, but self hosted controller works in only IPv6.