ZeroTier Relaying Public IP Port Question

I have a server on the cloud with a public ip address only behind the standard AWS firewall (security group). In order to avoid relaying, does a 9993 port need to be opened on the firewall?

Yes, you’ll likely have to allow incoming traffic on udp/9993 in the AWS security group

Thank you for your response grant. I’ve read this doc here: Router Config Tips | ZeroTier Documentation , the relaying part specifically, and none of those commands show as the nodes relaying even though I don’t have the udp/9993 port open so I’m puzzled really.

“zerotier-cli peers” and “zerotier-cli info -j” results look normal.

Then perhaps you don’t need it. Depends on how locked down your security group is. As long as things don’t end up in the RELAY state, then everything should be fine.

The security group is set up like:

AWS Security Group

  • Incoming - Allow None
  • Outgoing - Allow All

I’ll try and do a speedtest between nodes (with and without udp/9993) opened to see if it makes a difference. Thanks!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.