Layer 2 bridging with Gl.Inet routers

Sk0003 · July 6, 2023, 10:37pm

Hello, I need some help with layer 2 bridging on a Gl.Inet router. It has luci and openWrt and I currently have it in layer 3 on my ZeroTier network. Can anyone assist please?

Sk0003 · July 9, 2023, 7:59pm

@zt-travis can you please assist with layer2 bridging?

zt-travis · July 10, 2023, 4:21pm

Check this older article:
https://zerotier.atlassian.net/wiki/spaces/SD/pages/7438339/Layer+2+Bridging+with+LEDE+OpenWRT

This will help with some of the networking concepts and zerotier config:
https://zerotier.atlassian.net/wiki/spaces/SD/pages/193134593/Bridge+your+ZeroTier+and+local+network+with+a+RaspberryPi

more info

Sk0003 · July 10, 2023, 4:42pm

Hi @zt-travis

Thanks for responding. I know all of those articles but am confused about the IP setting of the router. For example, at the moment I have a 4 different routers from 4 different locations connected into my zerotier network but I think it’s layer3. I have managed routes for each one forwarding their subnet to their zerotier IP.

How can I make all of them a part of one zerotier layer2 bridge? That’s my goal.

zt-travis · July 10, 2023, 4:54pm

If you’re routing between different subnets, that’s layer 3. This is the more typical way to do it. Unless you have specific needs that require broadcast or multicast.

If you want them all bridged, they all need to be in the same subnet. Each site’s physical network and the zerotier network need to be in a same subnet. This might be hard to do.

Remember, any broadcast packets will be sent (behind the scenes by zerotier) to every other node -over the internet to the other 3 sites.

Pick a big subnet, say:

ipcalc 10.10.0.0/20                                                                                                                                                         ~/repos/tmp/typespec
Network:	10.10.0.0/20
Netmask:	255.255.240.0 = 20
Broadcast:	10.10.15.255

Address space:	Private Use
HostMin:	10.10.0.1
HostMax:	10.10.15.254
Hosts/Net:	4094

The have each site use a different range for ip address assignment
zerotier: 10.10.0.1 - 10.10.0.254
site1: 10.10.1.1 - 10.10.1.254
site2: 10.10.2.1 - 10.10.2.254
etc…

DHCP will make it across the bridges, so you’d probably want to block dhcp in the zerotier network’s flow rules.

Sk0003 · July 10, 2023, 5:45pm

I’m not really sure how to set that all up. I am confused as to which would be the DHCP server? Can you give more concise step by step instructions starting with zerotier and the first network for example? All routers would be using openwrt.

By the way, I can currently use broadcast, because I can use wake-on-lan from my phone connected to Zerotier and it wakes up my computer at another location.

Thanks

Sk0003 · July 13, 2023, 4:52pm

@zt-travis any update brother?

gerry.manley · July 20, 2023, 5:29am

You should look at buying the GL Inet security gateway as it has zerotier builtin with an easy to use GUI:

system · August 19, 2023, 5:30am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.