Starting zt causes loss of internet

After starting the zt network, the routing table will add two default routes to the zt network interface, causing the system to disconnect from the Internet.

I have set allowdefault is false.

Continuing the discussion from Internet routing stops several seconds after starting zerotier on Debian 12:

I have the same problem he has. :man_facepalming:

if allowDefault is set to false, then it’s not ZeroTier adding the default route. Might be something else on your system adding it. Perhaps NetworkManager or systemd-networkd are interfering?

@zt-grant
Thank you for your reply.
The operation process is as follows:

$ sudo zerotier-cli listpeers
200 listpeers <ztaddr> <path> <latency> <version> <role>
200 listpeers 62f865ae71 - -1 - PLANET
200 listpeers 778cde7190 - -1 - PLANET
200 listpeers cafe04eba9 - -1 - PLANET
200 listpeers cafe9efeb9 - -1 - PLANET

$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,DYNAMIC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:18:20:f0 brd ff:ff:ff:ff:ff:ff
    inet 10.0.2.15/24 brd 10.0.2.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::a00:27ff:fe18:20f0/64 scope link 
       valid_lft forever preferred_lft forever

$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.0.2.2        0.0.0.0         UG    0      0        0 eth0
10.0.2.0        0.0.0.0         255.255.255.0   U     0      0        0 eth0
10.0.2.2        0.0.0.0         255.255.255.255 UH    0      0        0 eth0
202.115.128.33  10.0.2.2        255.255.255.255 UGH   0      0        0 eth0
202.115.128.34  10.0.2.2        255.255.255.255 UGH   0      0        0 eth0

$ sudo zerotier-cli join 0cccb752f71*****
200 join OK

$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,DYNAMIC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:18:20:f0 brd ff:ff:ff:ff:ff:ff
    inet 10.0.2.15/24 brd 10.0.2.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::a00:27ff:fe18:20f0/64 scope link 
       valid_lft forever preferred_lft forever
5: ztly52zd27: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 2800 qdisc pfifo_fast state UNKNOWN group default qlen 1000
    link/ether aa:53:91:9e:2e:38 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::ac8a:9bff:fe56:fd48/64 scope link 
       valid_lft forever preferred_lft forever

$ sudo zerotier-cli info
200 info 8e8a697c8f 1.14.0 ONLINE

$ sudo zerotier-cli listnetworks
200 listnetworks <nwid> <name> <mac> <status> <type> <dev> <ZT assigned ips>
200 listnetworks 0cccb752f71*****  aa:53:91:9e:2e:38 ACCESS_DENIED PRIVATE ztly52zd27 -

$ sudo zerotier-cli listpeers
200 listpeers <ztaddr> <path> <latency> <version> <role>
200 listpeers 0cccb752f7 35.209.48.234/21028;4632;4369 270 1.14.0 LEAF
200 listpeers 62f865ae71 50.7.252.138/9993;4632;61856 32937 - PLANET
200 listpeers 778cde7190 103.195.103.66/9993;4632;48763 32729 - PLANET
200 listpeers cafe04eba9 84.17.53.155/9993;4632;62142 32651 - PLANET
200 listpeers cafe9efeb9 104.194.8.134/9993;4632;48872 446 - PLANET

$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         0.0.0.0         255.255.255.255 UH    0      0        0 ztly52zd27
0.0.0.0         0.0.0.0         0.0.0.0         U     0      0        0 ztly52zd27
0.0.0.0         10.0.2.2        0.0.0.0         UG    0      0        0 eth0
10.0.2.0        0.0.0.0         255.255.255.0   U     0      0        0 eth0
10.0.2.2        0.0.0.0         255.255.255.255 UH    0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 ztly52zd27
202.115.128.33  10.0.2.2        255.255.255.255 UGH   0      0        0 eth0
202.115.128.34  10.0.2.2        255.255.255.255 UGH   0      0        0 eth0

$ sudo service zerotier-one stop
Stopping ZeroTier One: zerotier-one.

$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.0.2.2        0.0.0.0         UG    0      0        0 eth0
10.0.2.0        0.0.0.0         255.255.255.0   U     0      0        0 eth0
10.0.2.2        0.0.0.0         255.255.255.255 UH    0      0        0 eth0
202.115.128.33  10.0.2.2        255.255.255.255 UGH   0      0        0 eth0
202.115.128.34  10.0.2.2        255.255.255.255 UGH   0      0        0 eth0

$ sudo service zerotier-one start
Starting ZeroTier One: zerotier-one.

$ sudo zerotier-cli listnetworks
200 listnetworks <nwid> <name> <mac> <status> <type> <dev> <ZT assigned ips>
200 listnetworks 0cccb752f71*****  aa:53:91:9e:2e:38 ACCESS_DENIED PRIVATE ztly52zd27 -

$ sudo zerotier-cli listpeers
200 listpeers <ztaddr> <path> <latency> <version> <role>
200 listpeers 0cccb752f7 35.209.48.234/21028;4272;4006 256 1.14.0 LEAF
200 listpeers 62f865ae71 - -1 - PLANET
200 listpeers 778cde7190 - -1 - PLANET
200 listpeers cafe04eba9 - -1 - PLANET
200 listpeers cafe9efeb9 - -1 - PLANET

$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         0.0.0.0         255.255.255.255 UH    0      0        0 ztly52zd27
0.0.0.0         0.0.0.0         0.0.0.0         U     0      0        0 ztly52zd27
0.0.0.0         10.0.2.2        0.0.0.0         UG    0      0        0 eth0
10.0.2.0        0.0.0.0         255.255.255.0   U     0      0        0 eth0
10.0.2.2        0.0.0.0         255.255.255.255 UH    0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 ztly52zd27
202.115.128.33  10.0.2.2        255.255.255.255 UGH   0      0        0 eth0
202.115.128.34  10.0.2.2        255.255.255.255 UGH   0      0        0 eth0

How to find which program is interfering with the network?
What can I do to make the zerotier network work properly?

Thank you again.

1 Like

Hello,

  • Manually adjust the routing table to remove unintended default routes.
  • Verify and prioritize your system’s network interfaces to ensure proper connectivity.
  • Restart networking services to apply changes and test internet access to confirm resolution.
    Thank you

[quote=“share, post:6, topic:21067, full:true”]

@dc6945560
Thank you for your reply.
I obtained a similar approach when seeking solutions on the Antix support forum.

But I encountered a new problem during execution.
The two default routes on the ztn interface will automatically be added again after I manually delete them.

$ ip route
0.0.0.0 dev ztly52zd27 scope link 
default dev ztly52zd27 scope link 
default via 10.0.2.2 dev eth0 
10.0.2.0/24 dev eth0 proto kernel scope link src 10.0.2.15 
10.0.2.2 dev eth0 scope link 
169.254.0.0/16 dev ztly52zd27 proto kernel scope link src 169.254.110.178 
202.115.128.33 via 10.0.2.2 dev eth0 
202.115.128.34 via 10.0.2.2 dev eth0 
$ sudo ip route del 0.0.0.0 dev ztly52zd27
$ sudo ip route del default dev ztly52zd27
$ ip route
default dev ztly52zd27 scope link 
default via 10.0.2.2 dev eth0 
10.0.2.0/24 dev eth0 proto kernel scope link src 10.0.2.15 
10.0.2.2 dev eth0 scope link 
169.254.0.0/16 dev ztly52zd27 proto kernel scope link src 169.254.110.178 
202.115.128.33 via 10.0.2.2 dev eth0 
202.115.128.34 via 10.0.2.2 dev eth0 
1 Like

我自己弄出一个临时的解决办法如下:
经过我反复测试,开机正常后需要等待一会,zt网络才能建立好连接,zt网络连接好之后路由表就会改变。
这时在终端中运行一个修复脚本可以在本次使用时修复问题,下次重启还需要重新操作一遍。
把如下文本保存为一个文件然后在终端中使用sudo bash filename即可。
里面的interface和ipaddress换成自己的就可以了。
运行过程中不能关闭终端窗口,如果不想一直开一个终端窗口,可以在screen中运行。

#!/bin/bash
ip route del 0.0.0.0 dev ztly52zd27
ip route del default dev ztly52zd27
ip addr del 169.254.110.178 dev ztly52zd27
ip route replace default via 192.168.101.1 dev ztly52zd27
echo -n "1"
ip route replace default via 192.168.101.1 dev ztly52zd27
echo -n ",2"
ip route replace default via 192.168.101.1 dev ztly52zd27
echo -n ",3"
x=3
while true
do
  sleep 30
  ip route replace default via 192.168.101.1 dev ztly52zd27
  $x+=1
  echo -n ","$x
done

要想彻底解决问题还是需要找出问题出在哪个地方才可以。
有可能是connman的问题。
由于禁用connman服务后我不会手动配置网络,连接WiFi,所以我没有测试。

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.