20.1.4 zerotier woes [partially solved]

Started by xofer, April 14, 2020, 12:15:48 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 14, 2020, 12:15:48 PM Last Edit: April 15, 2020, 02:17:44 AM by xofer
Hi,

I have several troubles with zerotier now.

1) after upgrading from 20.1.3 -> 20.1.4 I discovered that zerotier was offline. Investigating the issue, found out that the zerotier address (sort of a unique id that identifies a host) of the opnsense machine has changed. Is that designed behaviour?

2) no biggie, went to ZeroTier central and added the new address. Went to look/configure zerotier in opnsense web gui and suddenly lost all LAN connectivity to opnsense. Totally baffled, power cycle, try again. Same result. It seems that when zerotier is enabled I now lose LAN connectivity to opnsense.

Any ideas?
April 15, 2020, 02:16:37 AM #1
Well, if anybody else stumbles upon it - I found the loss of traffic reason. Appearantly as I had the route through zerotier networks to LAN defined with the actual LAN netmask /24, the real local route to LAN gets deleted when zerotier goes down. I was suggested that the route from zerotier to my gateway should be with a wider mask, in this case /23 did the trick.

LAN clients and opnsense are happy as they are using Longest prefix match logic and go with /24 and guys on the other side of zerotier are happy as /23 includes your /24 LAN provided that it won't collide with your other address spaces.

Question 1 - why did the zerotier address change on minor version upgrade - is still unanswered, but that is a minor issue as I could add the new one in ZeroTier Central.
Print
Go Up Pages1
User actions