Routes not propagated for additional Zerotier networks on Windows 10

I’ve followed the instructions for routing out of Zerotier to another network. And it works when I have Network A sending 192.168.1.100/32 say for a single device on a network.

But if I try and send an entire public network like 11x.2x.3x.0/22 say, it shows up in the ZeroTierGUI as a route over ZeroTier network B (i.e. I have multiple ZeroTier networks on this test laptop), but not if I do a route print on Windows, nor do tracert show it routing over the proper zerotier network.

I’m really not at all sure what’s different in the config here, unless it’s something to do with multiple zerotier networks (but the IPs do not overlap, and the routing info would be workable if it ended up in the routing table)…

For reference, from the controller:

"routes": [
  {
   "target": "1xx.2x.3x.0/22",
   "via": "172.20.175.126"
  },
  {
   "target": "172.20.160.0/19",
   "via": null
  }
 ],

Doesn’t seem to work, while

"routes": [
  {
   "target": "192.168.1.122/32",
   "via": "172.16.153.159"
  },
  {
   "target": "172.16.153.0/24",
   "via": null
  }
 ],

Does. Any ideas?

In order to push a public route, each machine joined to the network must have the “Allow Global” setting enabled for the network. You can do this from the UI, or the command line via

zerotier-cli set $network_id allowGlobal=1

Ok - that would be nice to have in the routing doc to let us know. One other question - is this something we can put in a config file (I’m planning to use puppet to manage this, and while I can use an exec, it would be cleaner to just drop a file.

You can create a file in the ZeroTier working directory under networks.d/$network_id.local.conf with the contents:

allowManaged=1
allowGlobal=1

Additionally if you create networks.d/$network_id.conf and ZeroTier will automatically join that network on startup.

The work directory varies by platform.

  • Windows: C:\ProgramData\ZeroTier\One
  • MacOS: /Library/Application Support/ZeroTier/One
  • Linux: /var/lib/zerotier-one

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.