Even when I’m using a different wireless or mobile data?
Would it be just a matter of making the openwrt router on the same zt subnet as well?
Once ZT client on OpenWrt router is successfully connected to ZT network, it will automatically join the same ZT subnet, nothing to configure.
However, your TV lives on the different subnet and you need to configure routing as advised.
If your goal stays the same - “TV reach my home server”, you do not need to create 0.0.0.0/0 route in ZT.
I’ve authorized the zerotier client on the openwrt on the zerotier central, so they should be on the same subnet, right?
Why can’t the TV still reach the server?
You should be able to verify this by checking IP addresses on all the devices.
I guess you have not followed all my recommendations.
I suggest temporarily replacing the TV with a PC, so you can run ping, traceroute, etc.; and draw a diagram with all the IP addresses.
I didnt’t had the chance yet. The router is already on my parent’s I will go there with a laptop in 2 days, and will try your suggestions.
Thanks in advance!
I’ve just installed zerotier on a desktop on my parents. After joining the network, I couldn’t reach my home server, but after enabling “Allow default route override”, I can reach it just fine. So I’m assuming all my managed routes are properly set on zerotier central, as both a desktop and my mobile work.
This is the output of route print on said desktop:
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.68 35
0.0.0.0 0.0.0.0 25.255.255.254 172.23.37.218 10034
0.0.0.0 128.0.0.0 172.23.154.239 172.23.37.218 291
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
128.0.0.0 128.0.0.0 172.23.154.239 172.23.37.218 291
172.23.0.0 255.255.0.0 On-link 172.23.37.218 291
172.23.37.218 255.255.255.255 On-link 172.23.37.218 291
172.23.255.255 255.255.255.255 On-link 172.23.37.218 291
192.168.1.0 255.255.255.0 On-link 192.168.1.68 291
192.168.1.68 255.255.255.255 On-link 192.168.1.68 291
192.168.1.255 255.255.255.255 On-link 192.168.1.68 291
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 192.168.1.68 291
224.0.0.0 240.0.0.0 On-link 172.23.37.218 291
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 192.168.1.68 291
255.255.255.255 255.255.255.255 On-link 172.23.37.218 291
I strongly believe that everything is around this command on the openwrt router:
zerotier-cli set <networkId> allowDefault=1
Everytime I perfom it, the zerotier service simply goes down. I’ve tried to mimic that behaviour by performing:
uci set zerotier.sample_config.allowDefault='1'
I think it worked, as if I perform a:
uci show zerotier
It shows:
zerotier.sample_config=zerotier
zerotier.sample_config.enabled='1'
zerotier.sample_config.join='mynetwork'
zerotier.sample_config.secret='mysecret'
zerotier.sample_config.allowDefault='1'
This is the openwrt router -n output before zerotier is able to join the network:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 br-lan
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 br-lan
And this is what it shows after it joins the network:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 br-lan
172.23.0.0 0.0.0.0 255.255.0.0 U 0 0 0 zt0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 br-lan
Any idea what I might be missing?
You may have to restart the zerotier process after making that change. You should receive these into your routing table:
0.0.0.0/1
128.0.0.0/1
I did, even rebooted the router 
Well, the issue may be with
uci set zerotier.sample_config.allowDefault='1'
It might just not do anything. As I’ve tried to add a dummy value, for example:
uci set zerotier.sample_config.teste='1'
And that option got added to the zerotier config file. So it seems it does not check for sintax or valid parameters of any source.
Really struggling to understand why the allowdefault via zerotier-cli is failing
Is there anything in /var/lib/zerotier-one, /etc/zerotier, or /etc/zerotier-one? You’re mostly looking for the networks.d folder.
I did. Basically, /var/lib/zerotier-one/networks.d/.local.conf
Has the following:
allowManaged=1
allowGlobal=0
allowDefault=0
If I replace allowDefault to 1 and restart zerotier service, it never comes up again.
Though to move the folders across, following the doc:
mkdir /etc/zerotier
cp -r /var/lib/zerotier-one/* /etc/zerotier/
uci set zerotier.sample_config.config_path='/etc/zerotier'
uci set zerotier.sample_config.copy_config_path='1'
uci commit zerotier
service zerotier restart
But If I try to perfom a
uci set zerotier.sample_config.allowDefault='1'
The file that gets changed, is still on /var/lib/zerotier-one instead of /etc/zerotier
Can you manually modify the <networkid>.local.conf manually with vi or something?
Yes, but even after manually changing the allowDefault to 1 and then restart zerotier, it never starts back
Sorry, yeah saw that after rereading it.
There may be a way to get this working, but I would honestly just create 2 static routes for these routes, with a next-hop of your remote ZT node:
0.0.0.0/1
128.0.0.0/1
This will do what you’re hoping for ZeroTier to do.
After replacing allowdefault to 1, and restarting zerotier service.
zerotier-cli info (or any other args) returns:
200 info ef084d4bee OFFLINE 1.1.14
For a while.
But as soon as it must get online, it just fails with:
0 info connection failed
and everything stops working
Could you elaborate on how to manually create those routes?
Sorry, very new to this.
Thanks for all the help so far!
EDIT:
If you meant by zerotier central. I tried the following:
Where 172.23.100.214 is the ip address of the router.
But it is giving me that warning : "Not private IP space. Clients will need to set Allow Global
Nothing change on route -n as well
No I meant in OpenWRT.
You can start with these, they are just runtime commands that will put the routes in the routing table, but they won’t be persistent.
ip route add 0.0.0.0/1 via zt_gateway_ip
ip route add 128.0.0.0/1 via zt_gateway_ip
Use ip route show or route -n to see the routing table afterwards.
If those work, you can remove them with this:
ip route del 0.0.0.0/1 via zt_gateway_ip
ip route del 128.0.0.0/1 via zt_gateway_ip
Then add them using uci:
uci add network route
uci set network.@route[-1].interface='zt1' # Replace 'zt1' with the ZeroTier interface
uci set network.@route[-1].target='0.0.0.0'
uci set network.@route[-1].netmask='128.0.0.0'
uci set network.@route[-1].gateway='your_gateway_ip' # Replace 'your_gateway_ip' with the gateway ZeroTier IP
uci add network route
uci set network.@route[-1].interface='zt1' # Replace 'zt1' with the ZeroTier interface
uci set network.@route[-1].target='128.0.0.0'
uci set network.@route[-1].netmask='128.0.0.0'
uci set network.@route[-1].gateway='your_gateway_ip' # Replace 'your_gateway_ip' with the gateway ZeroTier IP
uci commit network
/etc/init.d/network restart
I should also add you’re going to need a return route for the subnet that TV is on unless you NAT from the OpenWRT router at your parents house.
Another note if you like OpenWRT and are open to spending a little bit of money, you can look into Gl.iNet routers, which are inexpensive but feature rich little OpenWRT routers.
I wasn’t sure if zt_gateway_ip, is where I have the zerotier working as a full tunnel on my home server or the ip address of the router.
So I tried both (one at a time)
ip route add 0.0.0.0/1 via 172.23.100.214
ip route add 128.0.0.0/1 via 172.23.100.214
then
ip route add 0.0.0.0/1 via 172.23.154.239
ip route add 128.0.0.0/1 via 172.23.154.239
172.23.100.214 is the ip address assigned to the router, and 172.23.154.239 the one on my local server.
Neither worked. I still can’t ping a service runnign on my local server at 192.168.1.132