Hi all,

I have 5 non-ARM Mikrotik Routers I'd like to create a Zerotier like L3 mesh network with. Each router will have its own subnet and should create a tunnel to all the other routers with some dynamic protocol handling the routing.

Ideally I'd like to be able to plug them into any existing network, or mix of networks, most of which will be behind NAT (Without the ability to port forward) which makes it tricky. Note that I don't need encryption.

As there are only 5 it doesn't need to be particularly dynamic and I can use scripting to set it up, but I'm looking for recommendations to handle the NAT issue. I'm happy to run an external service or Mikrotik to work around NAT, but ideally I don't want traffic to route via this hop if it can be avoided.

Hopefully that makes sense... any suggestions appreciated

Thanks

there is no another way...just use zerotier

Your problem is...

most of which will be behind NAT (Without the ability to port forward) which makes it tricky. Note that I don't need encryption.

If we're talking about a CGNAT, sitution is worse still. AKAIK, there isn't a good way around the NAT issue. It's why VoIP and games uses STUN/TURN or UPnP/PCP to make connections indirectly through a NAT (and ZeroTier does similar with the root servers). All your normal VPNs require at least on end to have a public IP address.

Your problem is...

most of which will be behind NAT (Without the ability to port forward) which makes it tricky. Note that I don't need encryption.

If we're talking about a CGNAT, sitution is worse still. AKAIK, there isn't a good way around the NAT issue. It's why VoIP and games uses STUN/TURN or UPnP/PCP to make connections indirectly through a NAT (and ZeroTier does similar with the root servers). All your normal VPNs require at least on end to have a public IP address.

If he will use VPN with public IP all traffic will go thorough the VPN server and he do not want this...so there is only way...zerotier