I am trying to accomplish the following:
Networks A and B are both LANs with DHCP servers handing out unrestricted LAN IPs, with internet access available via a gateway using NAT. I can plug in unmanaged switches to either network, get assigned DHCP addresses, and reach the internet. I want to use Network A’s internet access to provide a physical network interface that behaves like it is on Network B, without changing the management configuration of either network.
I have attempted to do this by running a ZeroTier network which does no IP/route management of its own, but simply allows bridging between two members. I have also changed the flow rules to accept;.
On Network A I have a MikroTik RouterBOARD device with two ethernet ports. ether1 is plugged into the network and runs a DHCP client, which provides the default gateway. The device also runs an interface connected to ZeroTier (zt1), and a bridge interface (br1) which bridges zt1 and ether2. br1 also runs a DHCP client.
On Network B I have a Raspberry Pi 3 Model B running the standard (lite) raspbian/debian OS and following the Layer 2 Bridge guide to the letter. eth0 is plugged in to the network, and is bridged to the zerotier interface. br0 runs a dhcp client.
In practice, Network B’s DHCP server assigns IP addresses to the Pi’s br0, the RouterBOARD’s br1, and an additional device (laptop) plugged into the RouterBOARD’s ether2 interface. However, the laptop can only reach Network B’s gateway about 10% of the time. If I run a ping test every second, I will see long stretches with no connectivity, and then a few seconds of success where everything works (including internet access), and then another long stretch of failures.
So, I believe my plan is sound in theory, but is suffering in practice. I suspect NAT traversal and “layer 2 problems”, but I’m not sure what to investigate next or if those are sane suspicions. My assumption is that since I want my ZeroTier overlay to behave exactly the same as an unmanaged switch, I need only a minimal amount of configuration.
(The RouterBOARD device is running ZT version 1.10.3, which is the latest package available for RouterOS. The Pi is running 1.12.2.)