Using ZeroTier interface in KVM bridge

cowszero · February 8, 2022, 6:22pm

I have a colocated server that is part of my zerotier network. It’s physical ethernet interface has a public IP address. I run virtual machines on this this server and would like to create a kvm bridge network to allow other computers on my zerotier network to access the VMs directly but not have them accessible to the public internet.

Instructions like Step 7. Create Bridge Network detail how to create the bridge network (on Debian) with the physical ethernet interface, eno1 in my case. I want to create this with the zerotier interface, ztwful4csq, instead. Since the zerotier interface is not configured using /etc/networks/interfaces, I am at a loss as how to get started.

-Scott

cowszero · February 8, 2022, 8:23pm

Or would it make more sense to install the ZeroTier client on each VM to which I need access outside the host server?

bernhard · March 2, 2022, 3:00pm

We exactly have the setup of bridging kvm virtual machines via a linux bridge to the zt interface. Works good so far until you have a lot of packets per second.

Example for /etc/network/interfaces:

auto br1
iface br1 inet static
        bridge_ports zt1
        address 10.0.0.1
        netmask 255.255.255.0
        bridge_stp off
        bridge_fd 0
        bridge_maxwait 0

In /var/lib/zerotier-one/devicemap you can define the interface name for network:

98awef91389wef=zt1

Then you only have to bridge the virtual interfaces of your virtual machines into br1 - and it should work. Don’t forget to allow bridging for the physical server and disable assignment of any IP address.

Best
Bernhard

system · April 1, 2022, 3:01pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.