I have two kinds of devices in my zerotier network, one is server and the other is client.
I want to make sure that clients can’t talk with other clients.
So this is what I did in rules engine:
drop not ethertype ipv4 and not ethertype arp ; tag membership id 100 enum 110 server enum 120 client default client ; drop teq membership 120 ; accept;
Above rules should only prohibit comms between clients right?
But with “drop teq membership 120;” line, none of my devices can talk to anyone.
Zerotier should drop packets only when both sender and receiver have membership tag of 120 (client)
What is happening?