And everything seems to be in order, I have authenticated my router in the zerotier homepage and If I call on the status it’s online, as shown below.
root@pcwrt:~# zerotier-cli info
200 info d0xxxxxxx 1.6.5 ONLINE
Now, whatever device I connect to my router I want it to get a ZeroTier IP-adress. That was the purpose of the whole thing. I suspect my ‘Manage routes’ needs changing but I’m getting nowhere.
I currently have it set to this. My other device connected to router still gets 192.168.10.XXX IP. What is wrong?
Managed Routes
10.144.223.0/24 VIA 192.168.10.1
192.168.10.0/24 (LAN)
ZeroTier IP = 10.144.223.179
Router homepage = 192.168.10.1
With the configuration example you mentioned only your router supposed to receive the address from the ZeroTier network.
Until you have a very specific use case in mind, your LAN devices do not need to obtain new addresses. If you have some devices behind 2 or more routers (acting as ZT clients) and you want them to communicate over ZeroTier network you will need to configure the routes on the Controller and setup the firewall rules on your routers.
I am trying to reach 192.168.10.94. Because I have ZeroTier on the router it’s connected to I am trying to configure settings so that can reach that from my laptop which is running ZeroTier but from another network/away from home. I thought that the connected LAN devices to the ZeroTier router would automatically get assigned an ZeroTier IP that I could reach but seems I was wrong.
But I don’t know how to setup ‘Manage Routes’ correctly to achieve that.
How do I connect to 192.168.10.94 from another network?
Think of ZeroTier network as a generic router.
What you have is something like this:
LAN1–R1—R3–R2–LAN2 or LAN1–R1—R3–PC
R1 (and R2) is your router. R3 is Zerotier.
“Managed Routes” is equivalent of the static route configured on R3:
LAN1 (192.168.10.0/24) is reachable via “R1 ZT address”
LAN2 (…) is reachable via “R2 ZT address”
Once configured these routes will be automatically propagated to all the ZT network members like routers and standalone PCs.
Because according to that, all that would be needed is:
$PHY_SUB via $ZT_ADDR (in my case: 192.168.10.0/24 via 10.144.223.179)
Along with the added iptables rules and enable ipv4 forward for everything to work?
Some minor changes. Like “-m state --state” to “-m conntrack --ctstate” in order for OpenWRT to accept the commands. And iptables are written at boot in another way because iptables-persistent doesn’t exist. Apart from that, I’ve followed the wiki page exactly like its written.
@Aland0, that link is used only if you want to install ZT on an independent node in the network and not directly in the router itself. In your case, all traffic to the ZT network is handled by OpenWRT and there is no need to install ZT on the individual LAN devices.
From your LAN (192.168.10), try to ping any zt device on the 10.144.223 network. If that succeeds then everything is ok, otherwise you need to look over the routing table in OpenWRT and make sure there is a route to the ZT network that looks something like this:
And you possibly also found the root cause of the problem itself, i.e. Managed Routes that were specified in the first post as “10.144.223.0/24 VIA 192.168.10.1” should have been the other way around ie. “192.168.10/23 VIA 10.144.223.179”
