First, I am really impressed with this product. My use case is that I have T-mobile 5G home internet and want to link a remote machine (Linode) to take advantage of a static IP address. Ideally I would just want to route any traffic that hits the public IP on the Linode box and then it will forward over the Zerotier tunnel to my on premise network and traffic would be routed accordingly. I’m not sure what the networking name is for “forward everything from one IP to another IP and have responses go back through the original IP” but let me try asking a more simple question.
I want to forward all port 80 / 443 web requests to the Public IP (linode box) to my web server on premise (and have responses go back out through the linode box. I have installed Zerotier services on both machines and I can confirm that both machines can ping one another over the IPs at each end of the tunnel.
Let’s say the public IP is 1.2.3.4 and the tunnel IPs are 192.168.194.1 (Linode public side) and 192.168.194.2 (On premise web server). What I would like is all requests to 1.2.3.4:80 and 1.2.3.4:443 get routed through the tunnel to the web server and responses from the web server get routed back through the tunnel to go back to the end user through the linode public IP. From my (poor) memory of a networking class over a year ago, I know I need to enable “net.ipv4.ip_forward=1” on both machines in /etc/sysctl.conf. This part has been completed successfully. Another part that I (barely) remember is that there are probably post-routing IP table rules that need to be created and probably masquerading needs to be enabled so responses are sent back correctly.
Can someone point me to something in the knowledge base that goes step by step how to forward traffic for a port over the tunnel (or show it here for extra points).
My last question is – can I have all traffic transparently routed to a machine on-premise (port 22 would go to port 22 on-premise, etc.) – is that much different than the previous scenario?
Thanks again for all your help!