Zerotier not connecting correctly after upgrade to Fedora 35

peac · December 19, 2021, 12:30am

Hi there,

I’ve upgraded my workstation to Fedora 35 and zerotier stopped connecting properly.

After many tries of deleting and reinstalling and rejoining, i reliably see that:

fresh install of zerotier (/var/lib/zerotier-one removed)
join public network 200 ok
central adds the host and shows it as ONLINE with correct software version and auto-assigned IP but NO public IP
after a few minutes the host goes offline on central, but still shows ONLINE in zerotier-cli info
only one host has ipv6 public IP in that network and is reachable even though central sees my host as offline
private groups cannot be joined (stuck on requesting_configuration even when accepted from central)

I have set the zt* interfaces as unmanaged in NetworkManager config and systemd-resolved config and still no luck.

It was all working very reliably on Fedora 33 before the upgrade.

Any tips ?

matteo.morini · December 20, 2021, 2:27pm

+1, not necessarily related; upgraded to intel clear linux 35400 (confirmed up to 35440), something broke. zerotier-one core dumps; strace last line (partiallly masked) says

recvfrom(30, “L[…]:[…]|[…]”…, 131072, 0, {sa_family=AF_INET, sin_port=htons(41019), sin_addr=inet_addr(“35.193.102.199”)}, [128 => 16]) = 748
— SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} —
+++ killed by SIGSEGV (core dumped) +++

peac · December 20, 2021, 3:08pm

There don’t seem to be a segfault in my case, at least journalctl doesn’t indicate so and the zerotier-one service doesn’t seem to stop.

matteo.morini · December 20, 2021, 3:17pm

Ouch, the plot thickens. Modulo the segfault, and sticking to your tidy checklist, as soon as the node joins my private network, the problem appears (went back up to v. 1.6.6, unsuccesfully, I couldn’t find any clue in my OS updated version).

zt-travis · December 20, 2021, 4:14pm

Hello,
Some other guesses:

did upgrading change the firewall somehow?
did selinux get turned on?
any coincidental changes in the internet router/gateway?

Check zerotier-cli peers
-Troubleshooting & FAQ | ZeroTier Documentation

peac · December 20, 2021, 4:28pm

No upgrade has been performed apart from the system OS. SELinux may have been modified by the upgrade. What should I check for ?

$ sudo zerotier-cli peers
200 peers
<ztaddr>   <ver>  <role> <lat> <link> <lastTX> <lastRX> <path>
4bc88b0bfd -      LEAF      -1 RELAY
61d294b9cb -      PLANET   145 DIRECT -1       160      50.7.73.34/9993
62f865ae71 -      PLANET   151 DIRECT 305      155      50.7.252.138/9993
778cde7190 -      PLANET   105 DIRECT -1       201      103.195.103.66/9993
992fcf1db7 -      PLANET    17 DIRECT 305      638      195.181.173.159/9993
abfd31bd47 1.8.0  LEAF     115 DIRECT 205      205      35.192.218.11/43821
c055db3841 -      LEAF      -1 RELAY

zt-travis · December 20, 2021, 6:44pm

thanks.

abfd31bd47 is a network controller, so all of the ZeroTier necessary infrastructure stuff is being connected to.

It looks like 4bc88b0bfd was deleted from the network, so it won’t be working.

From looking around on your network, it all looks pretty normal and working as far as we can tell from here.

I only mention selinux because it came up in some quick searches about fedora 35. I don’t know much about it other than I need to disable to get the computer to work

It appears like your node can’t talk your other nodes from it’s os firewall or it’s router’s nat/firewall.

system · January 19, 2022, 6:45pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.