V1.14.0 not compatible with 1.12.2?

Community Support Linux
, , ,
1

Some of my users found they could no longer connect to our ZeroTier network. Investigation showed that they had recently updated to zerotier-one v1.14.0. By rolling back to v1.12.2 they could connect again.

I have in-house users on one zerotier network. They ssh through central bastion servers to several separate zerotier networks, each containing a set of client machines. All nodes are currently at v1.12.2. Upgrading any node to v1.14.0 loses all of it’s connectivity to v1.12.2 nodes, be they bastions, client machines or in-house users.

I can’t upgrade everything in one go because some client machines only come online irregularly. I’d never be able to connect to any missed machines again, unless someone went to site and manually upgraded them.

1 Like
2

Are you using the rules engine on your network? I tried looking up networks on the account you posted under, but unfortunately there aren’t any.

There were some updates to bugs & quirks in the rules engine in 1.14 (see here) when using certain rules, and their behavior will be different in 1.14 than 1.12 and before.

3

You might be on to something there.

drop
    not ethertype ipv4
    and not ethertype arp
    and not ethertype ipv6
;

tag admin
  id 2
  enum 0 No
  enum 1 Yes
  default No;

break not tor admin 1;

accept;

I’ll have a read.

4

Turns out there may be an issue with using the break not tor admin 1; across versions. With a bit of help from support I managed to get it working by adding accept ethertype arp; to the top of my rules.

2 Likes
5

Try this steps

  1. Delete with file manager all files *.secret in c:\ProgramData\ZeroTier\One\
  2. Restart the “Zerotier One” service
  3. You have a new ID for your PC; please start in command line with administrative privilege:
    “C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe” -q status
    “C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe” -q listnetworks
    if status the node
6

I’ve encounter the same issue, had to roll back to 1.12.2. I am running a similar rule for “server”/“client”. Looking for a solution that will work, as I can update my servers to 1.14, however clients rollout will take time. But since its not cross-compatible I will just have to wait.

I’ve tried a clean install, joined the network, but no luck. It seem that some client (1.12.2) can access the server (1.14), but the server cannot access the client (shows destination unreachable).

7

I’m having this same problem. Had to roll back.

8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.