ZeroTier Question
-
@WLS-ITGuy That said, I had issues with Pertino routing all traffic over itself and had to manually update that setting to have Pertino lower priority in order to prevent it.
But the difference I have seen with ZeroTier is that even if it decides to route over the ZT adapter, my ping times are still 1ms in the office.
With Pertino , that was not true and it lagged the hell out of my inter server communication.
-
@JaredBusch said in ZeroTier Question:
But the difference I have seen with ZeroTier is that even if it decides to route over the ZT adapter, my ping times are still 1ms in the office.
This matches up with what I've seen in my home office as well.
-
in the beginning I asked if I need to put the ZeroTier IP address into the server options of DHCP. I don't remember and can't find if anyone answered that.
-
If you already have your LAN IP addresses of your DNS servers, it certainly won't hurt, but my first answer would be no, you don't have to worry about it... All of the DNS requests would be going to the same place anyway, right?
-
@WLS-ITGuy said in ZeroTier Question:
in the beginning I asked if I need to put the ZeroTier IP address into the server options of DHCP. I don't remember and can't find if anyone answered that.
This depends on how full mesh you want everything.
If you are going 100% full mesh, then yes.
You want your internal DNS server to be the thing handing out all DNS over ZT.
But this also means that your internal DNS server needs to KNOW all the ZT addresses for every device. This is not something that may always jsut magically register in DNS because the addresses are not being assigned out by the Windows DHCP server that normally can auto update the DNS records.
-
This will also mean that you need to put the ZT IP address of your DNS server on the ZT NICs on Laptops that leave the physical network.
Edit: The caveat here will be if your DNS server responds with a LAN IP address instead of a ZT IP address for a device that is not located on physical LAN.
-
So the plain answer is no then
I received feedback overnight that there are two machines for sure that cannot access mapped drives or files from the DC/File Server.
I couldn't ping from my mac but could access files with no issues.
-
So the drives are getting mapped, or are not?
-
@scottalanmiller The drives are mapped via logon script but have a red x when off campus. When you click on them it says it could not reconnect.
-
@WLS-ITGuy said in ZeroTier Question:
@scottalanmiller The drives are mapped via logon script but have a red x when off campus. When you click on them it says it could not reconnect.
And if you ping the name used for the mapping, it does not respond? Does it respond on the machines that work?
-
@WLS-ITGuy said in ZeroTier Question:
@scottalanmiller The drives are mapped via logon script but have a red x when off campus. When you click on them it says it could not reconnect.
Then you have DNS resolution issues, a routing issue, or a firewall issue.
Most likely it is DNS.
-
My machines off the network can still ping the server by netbios name. It comes up with the ZT address.
So the shared drive (mapped by GPO) still works.
I have changed no DNS settings or anything at all.
-
@scottalanmiller If I ping the server name, whether it is FQDN or just the name, it shows the 198.105.254.130 address from a WIndows 10 laptop.
I am on campus now so I cannot test on my laptop. However, when I did test last night, I got a similar address like the one above. But I could see the Server name in my Finder on my mac.
-
Just to add some info I can ping the ZT NIC IP of the DC on the remote machine. I can also connect to mapped drives using \SERVER-IP\SHARE
-
@WLS-ITGuy said in ZeroTier Question:
@scottalanmiller If I ping the server name, whether it is FQDN or just the name, it shows the 198.105.254.130 address from a WIndows 10 laptop.
I am on campus now so I cannot test on my laptop. However, when I did test last night, I got a similar address like the one above. But I could see the Server name in my Finder on my mac.
Is that your ZT range?
Do an nslookup to see where it gets its address from.
-
@WLS-ITGuy said in ZeroTier Question:
Just to add some info I can ping the ZT NIC IP of the DC on the remote machine. I can also connect to mapped drives using \SERVER-IP\SHARE
Oh, you are using the ZT IP directly in the mapped drive settings?
-
@scottalanmiller I just did as a test to see if it would resolve via IP and it does.
-
@scottalanmiller ZT Range is 192.168.191.x/24
-
@WLS-ITGuy said in ZeroTier Question:
@scottalanmiller ZT Range is 192.168.191.x/24
So you have a mismatch. What you showed above is not in this range.
-
@scottalanmiller I don't see where though...Or how for that matter.
