I have 2 Pi running ZeroTier, on different networks, and each Pi, can see devices on the other network. Now I want to extend this, so that other devices on each network, can see each other. For Example a TV on network A, can see a router on Network B. Is this possible? Can someone point me to a guide or atleast in the right direction?
I am convinced this must be a routing issue on the local pi/network.
My iptables on the local network are as follows
*nat
:PREROUTING ACCEPT [1:61]
:INPUT ACCEPT [1:61]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A PREROUTING -d 192.168.2.0/24 -i ztbtorrkxt -j NETMAP --to 192.168.1.0/24
-A POSTROUTING -o wlan0 -j MASQUERADE
-A POSTROUTING -s 192.168.1.0/24 -o ztbtorrkxt -j NETMAP --to 192.168.2.0/24
COMMIT
# Completed on Mon Dec 28 11:06:50 2020
# Generated by xtables-save v1.8.2 on Mon Dec 28 11:06:50 2020
*filter
:INPUT ACCEPT [87:14051]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [93:13569]
-A FORWARD -i wlan0 -o ztbtorrkxt -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i ztbtorrkxt -o wlan0 -j ACCEPT
My remote network is on 192.168.40/24 how does the pi know to listen for that range and forward it, I can access that newtwork from the pi, just not from elsewhere on the network?
Thanks bryn. That’ll work, but takes some coordination on both sides and has some gotchas, like dhcp offers flying in all directions.
If you want to route back and forth, the devices need to know that their pi is the route to that other network. You could try manually adding static routes to test. Or it may be possible to add that route to your internet router. Or maybe you can add the routes to your computers via your dhcp server. I don’t think you need masquerade anymore if you do something like this. Just ip_forward enabled.
Thanks Travis,
In the example given static routes on the devices won’t work, (i.e. I can’t set a static route on the TV)
My internet router, doesn’t appear to allow static routes, so I think my best option is probably look into setting up a “Fake Router” with a raspberry pi, using something like OpenWRT or RaspAP, that way different devices can be routed differently, or IP can be routed appropiately.
I have tried both these setup’s previously but I vaguely remember that OpenWRT struggled, having the WAN and LAN on the same subnet, and RaspAP was always a fudge as it was intended as a wireless router.
Okay, I’m getting somewhere, by using the local pi as a gateway, then traffic it all works, apart from one thing.
Devices using the gateway can see devices on the other network. However a few devices, I want to appear to be on the other network, For example I want the TV on my local network to use the router on the remote network. Obviously I’m setting the gateway to be the pi, so how can I get the pi to route internet traffic over the remote router. I would guess I’m missing a line in my Iptables.
EDIT: For anyone else adding a default route in ZeroTier, then enabling that on the relevant clients, enables traffic to be routed to the remote network.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.