Zerotier won't connect after reboot

changchichung · September 11, 2021, 10:44am

I'm looking for some full mesh vpn solution , so I try to configure zerotier in my openwrt router and my desktop.

I can ping from my desktop to openwrt router at the first time.
but after rebooting openwrt , ping does not work anymore , even the zerotier interface is up.

/etc/conig/zerotier

config zerotier 'zero'
	option enabled '1'
	option join '9bee8941b50c'
	option port '9993'
	option secret d051d81:0:8fdf114f0d2bd52ae875768ceba268d427d74e885ca863b07ca5049684356156097b4d1fab1a23f7e2ccca7aed825830a4fc8dac4020fb4dc2c3ed434cd09cd6:b466136387111ab34e496c355b0decde3a988e6ccb71b721b8b7eacd8b6ee93b35df91fe691f0115b4e99691eb2ede4b84708765785c7d8414f94c491bc31341'

/etc/config/network

config interface 'zero'
	option proto 'dhcp'
	option delegate '0'
	option ifname 'zt3jnykb6j'

/etc/config/firewall

config zone
	option input 'ACCEPT'
	option name 'zerotier'
	option output 'ACCEPT'
	option forward 'ACCEPT'
	option network 'zero'

config forwarding
	option dest 'wan'
	option src 'zerotier'

/etc/firewall.user

iptables -I FORWARD -i zt3jnykb6j -j ACCEPT
iptables -I FORWARD -o zt3jnykb6j -j ACCEPT
iptables -t nat -I POSTROUTING -o zt3jnykb6j -j MASQUERADE

ifconfig status

12: zt3jnykb6j: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 2800 qdisc fq_codel state UNKNOWN group default qlen 1000
    link/ether 7e:f3:a1:b0:5c:08 brd ff:ff:ff:ff:ff:ff
    inet 10.144.36.151/16 brd 10.144.255.255 scope global zt3jnykb6j
       valid_lft forever preferred_lft forever
root@HQ_VPN_ROUTER:~#

zerotier listnetworks

root@HQ_VPN_ROUTER:~# zerotier-cli listnetworks
200 listnetworks <nwid> <name> <mac> <status> <type> <dev> <ZT assigned ips>
200 listnetworks 9bee8941b50c gigantic_wozniak 7e:f3:a1:b0:5c:08 OK PRIVATE zt3jnykb6j 10.144.36.151/16
root@HQ_VPN_ROUTER:~#

at the very first time, ping from desktop to openwrt

ping 10.144.36.151
PING 10.144.36.151 (10.144.36.151) 56(84) bytes of data.
64 bytes from 10.144.36.151: icmp_seq=1 ttl=64 time=25.3 ms
64 bytes from 10.144.36.151: icmp_seq=2 ttl=64 time=34.9 ms
64 bytes from 10.144.36.151: icmp_seq=3 ttl=64 time=49.0 ms
64 bytes from 10.144.36.151: icmp_seq=4 ttl=64 time=22.0 ms
64 bytes from 10.144.36.151: icmp_seq=5 ttl=64 time=32.5 ms
64 bytes from 10.144.36.151: icmp_seq=6 ttl=64 time=29.6 ms
64 bytes from 10.144.36.151: icmp_seq=7 ttl=64 time=27.9 ms
64 bytes from 10.144.36.151: icmp_seq=8 ttl=64 time=27.9 ms
64 bytes from 10.144.36.151: icmp_seq=9 ttl=64 time=31.2 ms
64 bytes from 10.144.36.151: icmp_seq=10 ttl=64 time=31.8 ms

but now ping does not works after router reboot
and I can see both nodes are online in zerotier central

any suggestions ??

or any other full mesh vpn solutions ?

randyrodriguez · November 20, 2021, 9:15pm

It’s been a long time since i setup zerotier on my router but if I remember correctly i had a similar problem. I think i got it to work by setting the zerotier interface with a static ip.