Private Root (aka Moons) No longer suggested in Zerotier Docs

All,

As per the docs page regarding Private Roots, it looks like Moons are no longer the suggested path for creating a private root server. The docs outline to contact zerotier for guidance. Well, this is the only way I can find to reach out to anyone at zerotier.

So Zerotier staff or anyone that has been down this road before me lurking the forum; what is the supported and suggested method to host our own root servers now?

2 Likes

I totally agree with this question.

First of all, if you want to have your:

  1. self-managed own root server with many limitations
    or
  2. self-managed moon server (compatible with default=original mobile apps)

I would recommend to read this.


own root (1.):

I think the first solution has little to do with ZT’s factory-network.
My experience during this last 2 month, (since I’ve installed it and testing ever since) :

  • It is stable. Even if I read continously here on the forum that people had problems.
  • A bit faster, because the location of it is in the same country, and nobody else is using it, except my clients only.
  • Win7 client installation is difficult. (Win10/11 a bit less.) = overwriting planet file.
  • Can use unique configured port ! Not just the factory one.
  • If your server (VPS) gets new IP → you need to change planet files at all clients !
  • You need high linux knowledge + high networking experience! (SSH, log overflow, DoS attacks, firewall configurations, etc. It’s sometimes a nightmare!)
  • iOS / iPad / iMac does not work at all !

own moon (2.)

  • This is the default setup of ZTNET (if you do not click the “Create own …” button.
  • I feel it has a bit independence, but not completely.
  • ZT will be able to use your server too, and that’s OK, because You will “give back” a little for the development of this app.
  • You can use “default” planet file at clients, but that means you can not operate your service on a specific port. It will be all default.
  • If your country’s ISPs starting to block default ZT’s port, you will be blocked.
  • Same VPS setup + maintenance problems as with “1.”

vs. Factory network (3. ZT’s company)

  • all apps work out of the box
  • very easy to setup
  • same problem with default port as “2.”
  • easy web-manage system, much more setup possibilities!

But (of course) you have to pay for it. And IMHO that’s OK too.

Summary

I don’t fully understand the decision of the owner/company either.
This sentence drops up too many negative questions.
There are two sides of this blade:

Pozitive for ZT company:

  • maybe a bit more money
  • less support problems. (currently this forum does not distinguish between 1/2/3)

Negative aspects:

  • If users start to feel forced / bind hands → they will simply drop ZT and head to an other solution. (Netmaker / Headscale / WireGuard / SoftEther / … other 100+ solutions )
  • without self-hosted moons ZT has to install+maintain new servers over the whole word by themselves.
  • The network will be overstressed. Especially “relayed” clients.
  • Companies who has to comply strict data-protection policies will not be able to use ZT.
  • Those, who own their own server, but still want to “donate” for the great app (like me :wink: ) → will drop this.
1 Like

A Solution:

would be, if :

  • the company would keep the “allow self-hosted” policy,
  • allow to pay a donation
  • allow to register + buy a (freemium) code, that would allow mobile apps to use unique planet file on a unique port.

That would be a “fair play”, and also increase money income.

Personally I would definitely pay for allowing iOS clients to connect to my own self-hosted server:

  • up to $100 one-time free / server (planet file).
  • or $40/year with continuous update of the clients
  • or $10-15 per client (per phone) once._

How would it work:

  • The client app would allow to read a QR code for the servers’s planet file’s url, or set it manually.
  • Maybe even enhance the planet config to allow to download a server-hosted own company logo.
  • The app would verify a HASH code in the planet file that must be included after paying for this freemium feature.

Pizza,

I too have installed my own root server. And it works great and gives you full control over your data, IMO - this should always remain an FOSS aspect of zerotier. I get that they are a company and they need to make money and they rightly deserve to. And perhaps this statement is for the normie IT admin or user that doesn’t take the time to understand how ZT works and says I want to make my own root and it fails because they don’t take the time to update all of their clients to use it.

With that said - I’ve not found anything in the source code that changes the way private roots work. So perhaps they are leaving the ability in the software but not supporting the FOSS users that are failing to get a private root setup and having to walking them through how to build zerotier from source specifying their own root servers instead of zerotier’s roots without said users paying a fee. Which makes sense to me.

My main concern around this was the removal of being able to make your own roots from the source code. I feel this would lead to a fork of the project. However, that doesn’t appear to be the case right now. I do have concerns regarding their roadmap for this as I use this feature now in production.

PS- ZTNET is a project I am watching closely. It’s a pretty sweet platform and I’m excited about its future. I wish I had the time to assist in it’s development but sadly a full time job and being the dad of 2 young boys keeps me very occupied. lol

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.