Community discussions

MikroTik App
 
User avatar
Larsa
Forum Guru
Forum Guru
Topic Author
Posts: 1025
Joined: Sat Aug 29, 2015 7:40 pm
Location: The North Pole, Santa's Workshop

ZeroTier - a quick HOW-TO

Tue Apr 18, 2023 1:55 pm

A very brief HOW-TO setup ZeroTier on RoS v7:

  1. Register a network in ZeroTier Central (my.zerotier.com) and use the Network ID when installing ZeroTier clients including mikrotik devices. It's free up to 25 devices.
  2. Enable the ZeroTier "instance". Defaults will do.
  3. Enable the ZeroTier "interface" and specify network (ie Network ID from #1) and the name of the interface.
  4. Each new node that is added to the network must be approved using the ZeroTier Central (my.zerotier.com) before it can be used.

That's all !

Some additional general information about ZeroTier that might be worth knowing::

  • The ZeroTier interface appears under the regular "Interfaces" menu and is treated like any local Ethernet interface and may for example be added to the "interface list" as LAN, etc.
  • When creating a new network, ZeroTier Central autmatically picks a subnet that can be changed anytime.
  • ZeroTier Central assigns static addresses from the subnet to the clients automatically. A client can be assigned multiple addresses, for example by adding them manually.
  • To enable access to a single LAN or multiple site-to-site (mesh) networks, just add the subnets to Managed Routes in ZeroTier Central.
  • It's possible to join and use multiple ZeroTier networks simultaneously and even route traffic between them.
  • The administrative web interface called ZeroTier Central (my.zerotier.se) is a proprietary solution that runs on top of a ZeroTier controller and is operated by ZeroTier Inc. As an alternative, you may set up your own independent controller either on the router itself which is included in the ZeroTier packge or, for example in a sepearat container. When running your own controller you only get json as an administrative interface by default. To get web based administration install Zero-UI which is designed as a direct copy of the ZeroTier Central layout.
  • Complex network policies can be enforced using the ZeroTier rules engine (aka Flow Rules) that are based on capacity-based security and member classification tags. This includes rules for, for example, node addresses, tags ID's, different types of L2/L3 protocols, tcp/udp ports, etc.
  • Keep in mind that ZeroTier (at least in v1.10) is still single threaded and also depends on hardware offload for AES which hasn't been implemented on all platforms by Mikrotik (yet). Correct me if I'm wrong on this one.

Here are two useful articles that provide a good holistic overview of ZeroTier.
For a detailed walkthrough of ZeroTier see AMMO's eminent explanation:
Last edited by Larsa on Wed Apr 19, 2023 4:03 pm, edited 10 times in total.
 
User avatar
Larsa
Forum Guru
Forum Guru
Topic Author
Posts: 1025
Joined: Sat Aug 29, 2015 7:40 pm
Location: The North Pole, Santa's Workshop

Re: ZeroTier - a quick HOW-TO

Tue Apr 18, 2023 1:56 pm

reserved.

Who is online

Users browsing this forum: No registered users and 3 guests