Wanting to use Zerotier for a project, currently spent two days trying to figure it out, might step back and rethink and get some feedback on the best ways of getting it done.
What I’m after is to create a simple box WAN in and LAN out with ZT that can be deployed on multiple sites. The WAN connecting straight into whatever router/ internet is available onsite and the LAN port acting as a transparent virtual wire/ switch connecting to the LAN on the boxes at the other sites. I have included a diagram of what I’m after.
The tricky bit is that the particular clients that I want on the LAN can only broadcast (255.255.255.255 or sometimes 10.255.255.255) the data that needs to be routed to all the sites and received by the clients.
What software/ OS (Linux distro, OPNSense etc) is recommended to be paired with ZT, and what sort of configs do I need to get this working.
Opnsense is where I started with this project. I have two opnsense boxes running at the moment. Got any details for their configuration? Still having no luck getting devices communicating via them.
Make your zerotier subnet/managed route 10.0.0.0/23, to avoid a conflict people sometimes run into (but still use addresses only in 10.0.0.0/24)
Make sure to block dhcp in the zerotier network’s rules engine. Otherwise it’ll get broadcast to the other sites. Only needed once you have more than one bridge/site set up.
Make sure “allow bridge” is checked in the little wrench icon in the members list for the bridge devices.
On the bridge devices, sometimes you need set allowManaged to false zerotier-cli set $networkid allowManaged=0 so zerotier doesn’t try to manage the ip address of the bridge device.
I’m not familiar enough with opnsense to help with its config.
