Apparently the 2.0 line of EdgeOS now supports ZeroTier

JaredBusch

@jplee said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

Did anyone get bridging to work? I have ZT installed on an ER-X. I can ping the ZT nodes from the ER-X cli. However, I cannot ping a ZT node from a machine on my internal network that’s not on ZT.

I've never dealt with ZT bridging at all. I only use it point to point as needed.

I believe @dafyre did a bridge a long time ago before some of it was built into the design like it now is.

VoIP_n00b

@jplee I want to know this as well

VoIP_n00b

@jplee did you allow bridging in the web interface?

dafyre

@JaredBusch said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

@jplee said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

Did anyone get bridging to work? I have ZT installed on an ER-X. I can ping the ZT nodes from the ER-X cli. However, I cannot ping a ZT node from a machine on my internal network that’s not on ZT.

I've never dealt with ZT bridging at all. I only use it point to point as needed.

I believe @dafyre did a bridge a long time ago before some of it was built into the design like it now is.

I did get bridging set up, but it was a bit of a pain to get going and I ran into some rather interesting issues, lol.

I have it set up as more of a site-to-site VPN now.

Dashrender

@dafyre said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

@JaredBusch said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

@jplee said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

Did anyone get bridging to work? I have ZT installed on an ER-X. I can ping the ZT nodes from the ER-X cli. However, I cannot ping a ZT node from a machine on my internal network that’s not on ZT.

I've never dealt with ZT bridging at all. I only use it point to point as needed.

I believe @dafyre did a bridge a long time ago before some of it was built into the design like it now is.

I did get bridging set up, but it was a bit of a pain to get going and I ran into some rather interesting issues, lol.

I have it set up as more of a site-to-site VPN now.

Isn't that bridging? more or less ?

scottalanmiller

@Dashrender said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

@dafyre said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

@JaredBusch said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

@jplee said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

Did anyone get bridging to work? I have ZT installed on an ER-X. I can ping the ZT nodes from the ER-X cli. However, I cannot ping a ZT node from a machine on my internal network that’s not on ZT.

I've never dealt with ZT bridging at all. I only use it point to point as needed.

I believe @dafyre did a bridge a long time ago before some of it was built into the design like it now is.

I did get bridging set up, but it was a bit of a pain to get going and I ran into some rather interesting issues, lol.

I have it set up as more of a site-to-site VPN now.

Isn't that bridging? more or less ?

Are you asking if a VPN is a bridge? That's actually a big "it depends".

Dashrender

@scottalanmiller said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

@Dashrender said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

@dafyre said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

@JaredBusch said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

@jplee said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

Did anyone get bridging to work? I have ZT installed on an ER-X. I can ping the ZT nodes from the ER-X cli. However, I cannot ping a ZT node from a machine on my internal network that’s not on ZT.

I've never dealt with ZT bridging at all. I only use it point to point as needed.

I believe @dafyre did a bridge a long time ago before some of it was built into the design like it now is.

I did get bridging set up, but it was a bit of a pain to get going and I ran into some rather interesting issues, lol.

I have it set up as more of a site-to-site VPN now.

Isn't that bridging? more or less ?

Are you asking if a VPN is a bridge? That's actually a big "it depends".

Of course it depends - but he setup a site to site using it - so for the devices on the LAN, it is (or at least can be - depending on settings - be acting as a bridge/bridge like interface

scottalanmiller

@Dashrender said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

Of course it depends - but he setup a site to site using it - so for the devices on the LAN, it is (or at least can be - depending on settings - be acting as a bridge/bridge like interface

Most people, by far, set up VPNs to have different IP ranges on either end. So acting as a router, not a bridge.

Dashrender

@scottalanmiller said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

@Dashrender said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

Of course it depends - but he setup a site to site using it - so for the devices on the LAN, it is (or at least can be - depending on settings - be acting as a bridge/bridge like interface

Most people, by far, set up VPNs to have different IP ranges on either end. So acting as a router, not a bridge.

Sure. This is one of my /sigh moments though - I'm sure the OP doesn't likely give a crap if it's a bridge connection or a routed one - it's more likely they simply want to know - is there a connection?

Also - assuming the endpoints on the LAN don't have ZT installed on them, it's likely they are on a separate LAN from the ZT network - so a router would have to be done, which is what I though any of these "gateway" type solutions was really providing?

dafyre

@Dashrender said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

@dafyre said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

@JaredBusch said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

@jplee said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

Did anyone get bridging to work? I have ZT installed on an ER-X. I can ping the ZT nodes from the ER-X cli. However, I cannot ping a ZT node from a machine on my internal network that’s not on ZT.

I've never dealt with ZT bridging at all. I only use it point to point as needed.

I believe @dafyre did a bridge a long time ago before some of it was built into the design like it now is.

I did get bridging set up, but it was a bit of a pain to get going and I ran into some rather interesting issues, lol.

I have it set up as more of a site-to-site VPN now.

Isn't that bridging? more or less ?

No, I've got it set up strictly doing routing between sites. I had odd issues when setting up the bridge that are eliminated when setting it up as a site-to-site vpn.

The bonus is that I don't have to install ZT on everything, just a VM at each site, and add the appropriate routes.

Dashrender

@dafyre said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

@Dashrender said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

@dafyre said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

@JaredBusch said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

@jplee said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

Did anyone get bridging to work? I have ZT installed on an ER-X. I can ping the ZT nodes from the ER-X cli. However, I cannot ping a ZT node from a machine on my internal network that’s not on ZT.

I've never dealt with ZT bridging at all. I only use it point to point as needed.

I believe @dafyre did a bridge a long time ago before some of it was built into the design like it now is.

I did get bridging set up, but it was a bit of a pain to get going and I ran into some rather interesting issues, lol.

I have it set up as more of a site-to-site VPN now.

Isn't that bridging? more or less ?

No, I've got it set up strictly doing routing between sites. I had odd issues when setting up the bridge that are eliminated when setting it up as a site-to-site vpn.

The bonus is that I don't have to install ZT on everything, just a VM at each site, and add the appropriate routes.

I guess I'd need to see a diagram so I could follow.

dafyre

@Dashrender said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

@dafyre said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

@Dashrender said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

@dafyre said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

@JaredBusch said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

@jplee said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

Did anyone get bridging to work? I have ZT installed on an ER-X. I can ping the ZT nodes from the ER-X cli. However, I cannot ping a ZT node from a machine on my internal network that’s not on ZT.

I've never dealt with ZT bridging at all. I only use it point to point as needed.

I believe @dafyre did a bridge a long time ago before some of it was built into the design like it now is.

I did get bridging set up, but it was a bit of a pain to get going and I ran into some rather interesting issues, lol.

I have it set up as more of a site-to-site VPN now.

Isn't that bridging? more or less ?

No, I've got it set up strictly doing routing between sites. I had odd issues when setting up the bridge that are eliminated when setting it up as a site-to-site vpn.

The bonus is that I don't have to install ZT on everything, just a VM at each site, and add the appropriate routes.

I guess I'd need to see a diagram so I could follow.

How's this?
![4fb96b98-3628-4347-b84c-f5553fb4c984-image.png](https://i.imgur.com/CgWTyUj.png

JaredBusch

@dafyre

dafyre

@JaredBusch said in Apparently the 2.0 line of EdgeOS now supports ZeroTier:

@dafyre

Thanks. Not sure how ( b0rked that.

jplee

@VoIP_n00b Yes, I have "Allow Bridging" checked. I'm still getting ping time outs from my lan.

jplee

These are my interfaces:

And these are my routes:

On the 192.168.50.0/24 (Lan1) network, I can successfully hit 10.1.1.0/24 (Lan2) addresses and go out on the internet. However, I can't get to any 10.147.20.0/24 nodes (ZT).

If I ssh into the router, I can ping anything on Lan1, Lan2, and ZT. This seems like it would be an easy solution that I'm missing???

Thanks.

VoIP_n00b

@jplee Very Interesting! Can you share how you got ZT setup on the edge router?

jplee

@VoIP_n00b I followed https://blog.kruyt.org/zerotier-on-a-ubiquiti-edgerouter/. It was pretty straightforward. Make sure you follow Part 2 of the guide as well. Now if I can just get the ER-X to route.

VoIP_n00b

@jplee I would like that too

jplee

I have it working! I needed to NAT.

I also disabled routing to 192.168.50.0/24 on ZeroTier Central and unchecked "Allow Bridging". They aren't needed.