Community discussions

MikroTik App
 
DavidGumbo
just joined
Topic Author
Posts: 1
Joined: Thu May 19, 2022 8:11 pm

ZeroTier SD-WAN / Network Orchestration

Thu May 19, 2022 8:51 pm

Currently works on RouterOSv7 Arm Architecture
Configuration
NB
No Static routes to configured on the internet Routers. All routes reachability will
Orchestrated from the Central Cloud network Overlay portal.
Public IPs do not define the Overlay creation. As long as all router have got Internet connectivity.
Overlay Secure Tunnel creation will be established.
Configs
HQ Router
/zerotier
set HAC comment="Central Central Controller" identity="cb43d5d28e:0:f5affaabcdda5b6c022ad405578d1b5d92e5a91bcb5de3bd1b4954cd7b37ed1c\
5422cf3d549d2c87dd7bca31d54683274cc11fa7c00681d181f344519ff1eb8e:e82d2ade731e0e47a07f92f6133d9575133d271a4bf4a28063346de3e41b5b2\
2541fb25ccaac76bafd0322e38033fe28ca2d4f5fdcd1bfb5c6e45f4dc47f2a37" interfaces=WAN-2-Telone name=HAC port=9993
/zerotier interface
add disabled=no instance=HAC mac-address=1E:2F:85:E3:46:31 name=HAC-SDWAN network=af78bf9436c6e41f
Remote Router
/zerotier
set zt1 comment="ZeroTier Central Controller" identity="4c0e9e8968:0:934f0eb14501bfd6a0453f0d2106715664d161ad9e3d31e3403c8c56
2095eeb76488dcc90d79d191ed531:a114086ee176242e0feab12cab3f33a04e1b211b2206a8b60c640537c2b273e10824cf147ce895ac613a6d82ef0
interfaces=ether1-vlan3540 name=zt1 port=9993
/zerotier interface
add allow-default=no allow-global=no allow-managed=yes disabled=no instance=zt1 mac-address=1E:A8:C8:A8:1D:D7 name=zerotier1
Schematic of the Network Implementation
You do not have the required permissions to view the files attached to this post.
Last edited by DavidGumbo on Thu May 19, 2022 9:43 pm, edited 1 time in total.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19099
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: ZeroTier SD-WAN / Network Orchestration

Thu May 19, 2022 9:24 pm

What I need to know is the simple directions to connect two MT routers together so that I can.
a. config the other router
b. access the internet of the other router.
c. access lan of router.

From a client PC, or IPHONE, connect to my MT router to
a. config the router
b. access the internet of the router
c. access LAN of router.

In other words MIMIC WIREGUARD TYPE CONNECTIVITY.
ITs relatively simple to create an account and joint all necessary devices to that account and assign them a zerotier address.
What then..............
 
User avatar
mozerd
Forum Veteran
Forum Veteran
Posts: 872
Joined: Thu Oct 05, 2017 3:39 pm
Location: Canada
Contact:

Re: ZeroTier SD-WAN / Network Orchestration

Thu May 19, 2022 9:39 pm

TILE
ZeroTier is NOT available on the Tile architecture……

WireGuard is faster, better and works GREAT ….
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19099
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: ZeroTier SD-WAN / Network Orchestration

Thu May 19, 2022 9:53 pm

I dont know, DavidCombo has proclaimed it does, so it must be true! Otherwise why come by and make such an authoritative post............
 
User avatar
Larsa
Forum Guru
Forum Guru
Posts: 1041
Joined: Sat Aug 29, 2015 7:40 pm
Location: The North Pole, Santa's Workshop

Re: ZeroTier SD-WAN / Network Orchestration  [SOLVED]

Thu May 19, 2022 9:53 pm

Hi DavidGumbo, welcome to the forum!

@mozerd wrote: WireGuard is faster, better and works GREAT ….

Wireguard is perfectly fine but requires some knowledge and time to configure. I think ZeroTier is much easier to administer and especially when connecting a lot of different types of clients.

ZeroTier is more of a "fire and forget" type of solution (ie true SD-WAN) compared to Wireguard but as @mozerd explained, ZeroTier is unfortunately not available on Tile (yet!).
Last edited by Larsa on Thu May 19, 2022 10:06 pm, edited 2 times in total.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19099
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: ZeroTier SD-WAN / Network Orchestration

Thu May 19, 2022 9:57 pm

I beg to differ larsa, I can do wireguard in my sleep and zerotier baffles me.
 
User avatar
Larsa
Forum Guru
Forum Guru
Posts: 1041
Joined: Sat Aug 29, 2015 7:40 pm
Location: The North Pole, Santa's Workshop

Re: ZeroTier SD-WAN / Network Orchestration

Thu May 19, 2022 10:05 pm

Well, I do believe you since you are the true king of Wireguard! :-D

However, when it comes to ease of administration ZT plays in a different division. And it's a proven fact, whatever you say! ;-)
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19099
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: ZeroTier SD-WAN / Network Orchestration

Fri May 20, 2022 5:07 am

Since you didnt provide answers to my questions, just more propaganda, my doubts are increasing not diminishing LOL ;-)
 
User avatar
mozerd
Forum Veteran
Forum Veteran
Posts: 872
Joined: Thu Oct 05, 2017 3:39 pm
Location: Canada
Contact:

Re: ZeroTier SD-WAN / Network Orchestration

Fri May 20, 2022 1:53 pm

@Larsa SAID: And it's a proven fact, whatever you say! ;-)
OK I will bite ... Prove it that ZeroTier is easier to administer .... provide @anav with the solution to his ZeroTier dilemma !

BTW, I did forget to mention that WireGuard is integrated into the current Linux Kernel plus WireGuard is available on the entire mikrotik hardware offerings under RoS 7.x while ZeroTier is very limited to the ARM architecture. And if a smart fellow like @anav cannot configure it to work for him I pity the overthinking geniuses that abound here . :)
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19099
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: ZeroTier SD-WAN / Network Orchestration

Fri May 20, 2022 2:54 pm

Well dont get too carried away Mozerd, I just havent put the same amount of energy into zerotier as I have wireguard, or more accurately annoyed the snot out of people on a long slow learning curve.
That being said, larsa.....
What I need to know is the simple directions to connect two MT routers together so that I can.
a. config the other router
b. access the internet of the other router.
c. access lan of router.

From a client PC, or IPHONE, connect to my MT router to
a. config the router
b. access the internet of the router
c. access LAN of router.


Quote: "I think ZeroTier is much easier to administer and especially when connecting a lot of different types of clients."

Waiting....................
Last edited by anav on Fri May 20, 2022 4:40 pm, edited 1 time in total.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11982
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: ZeroTier SD-WAN / Network Orchestration

Fri May 20, 2022 3:03 pm

PPtP is more easy. :)

Aahhhh... Put the dogs away!!!...

I was joking !!! 😅
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19099
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: ZeroTier SD-WAN / Network Orchestration

Fri May 20, 2022 4:38 pm

jajajajajajajaja You slay me! Its "Who let the dogs out" so if deciding to reverse it, " Put the dogs back" works, but I do luv your anglo/italian butchery! ;-)

I think Larsa has had recent surgery, tongue removal and/or wing removal; ;-PP
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11982
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: ZeroTier SD-WAN / Network Orchestration

Fri May 20, 2022 4:55 pm

( send/put the dogs away:
I didn't mean lock up or call the dogs, but disperse them, send them away... )
 
dakobg
Member Candidate
Member Candidate
Posts: 120
Joined: Mon Nov 06, 2017 8:58 am

Re: ZeroTier SD-WAN / Network Orchestration

Fri May 20, 2022 6:41 pm

ZeroTier plus dyn routing ;)
 
User avatar
Larsa
Forum Guru
Forum Guru
Posts: 1041
Joined: Sat Aug 29, 2015 7:40 pm
Location: The North Pole, Santa's Workshop

Re: ZeroTier SD-WAN / Network Orchestration

Fri May 20, 2022 7:08 pm

Since I'm always right, there is really no reason for me to make an argument. ;-) ZeroTier FTW, plus one whatever you all say!

Joking aside, the tool you are most familiar with is usually what makes you most productive. But it doesn't hurt trying new things that makes one more experienced in general. That said, ZeroTier is superior. LOL :)
 
User avatar
mozerd
Forum Veteran
Forum Veteran
Posts: 872
Joined: Thu Oct 05, 2017 3:39 pm
Location: Canada
Contact:

Re: ZeroTier SD-WAN / Network Orchestration

Fri May 20, 2022 7:42 pm

Since I'm always right, there is really no reason for me to make an argument. ;-)
@Larsa .... so YOu do not want to prove it ..... shame shame shame and a smart fellow like you could easily help @anav to prove that you are RIGHT. Common Larsa help our fellow guru use ZeroTier ... show your expertise .... 8)
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19099
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: ZeroTier SD-WAN / Network Orchestration

Fri May 20, 2022 7:55 pm

Joking aside,
Good because I am not! just remember this post # your going to see it frequently.
 
User avatar
Larsa
Forum Guru
Forum Guru
Posts: 1041
Joined: Sat Aug 29, 2015 7:40 pm
Location: The North Pole, Santa's Workshop

Re: ZeroTier SD-WAN / Network Orchestration

Fri May 20, 2022 8:12 pm

Good because I am not! just remember this post # your going to see it frequently.

Ok smart guy, followed your pointer. ROFL! - I'll take your word for it but TGIF. WBBL, Cheers! :-D
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19099
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: ZeroTier SD-WAN / Network Orchestration

Fri May 20, 2022 10:48 pm

Good because I am not! just remember this post # your going to see it frequently.

Ok smart guy, followed your pointer. ROFL! - I'll take your word for it but TGIF. WBBL, Cheers! :-D
Not smart, tenacious is more accurate and I have all the time in the world and don't have a stop button. :-)

I am actually more curious as to whether or not you will take the lazy way out, and state you actually don't have a clue on how to config zerotier (when you actually do), just to get me off the accountability gig, or actually do the work and put the $$ where the mouth is. ;-)

Stated in another way .... There are two possibilities, as in you are forever shown to be just hot air, or I get high quality information that I can include in article and future generations of MT users get the benefit. Its win win!!!
 
User avatar
mozerd
Forum Veteran
Forum Veteran
Posts: 872
Joined: Thu Oct 05, 2017 3:39 pm
Location: Canada
Contact:

Re: ZeroTier SD-WAN / Network Orchestration

Sat May 21, 2022 1:42 pm

...... I have all the time in the world and don't have a stop button. :-)
@anav
The following mikrotik ZeroTier document has very extensive information on howto configure ZeroTier to work in the kind of scenario you want ... the complexity is not trivial perhaps because it cannot be so but I 4 1 am impressed with mikrotik work to help one to understand, Take a closer look - patiently- and pay particular attention to the RouterOS Home VL1 level and VL2 Level ::: this distinction is important.
A common misunderstanding is to conflate network controllers with root servers (planet and moons). Root servers are connection facilitators that operate at the VL1 level. Network controllers are configuration managers and certificate authorities that belong to the VL2 level. Generally, root servers don’t join or control virtual networks and network controllers are not root servers, though it is possible to have a node do both.
Because the level of complexity is very significant YOU need to plan well and inwardly digest this document to configure it to accomplish want you want to accomplish.

IMO, WireGuard is 100% easier to work with and performance wise there is ABSOLUTLY no comparison --- WireGuard is the Cats MEOW :)
 
User avatar
Znevna
Forum Guru
Forum Guru
Posts: 1347
Joined: Mon Sep 23, 2019 1:04 pm

Re: ZeroTier SD-WAN / Network Orchestration

Sat May 21, 2022 2:10 pm

I'm truly surprised that you didn't mention TailScale yet in a topic about ZeroTier.
What gives? Are you ok?
 
User avatar
mozerd
Forum Veteran
Forum Veteran
Posts: 872
Joined: Thu Oct 05, 2017 3:39 pm
Location: Canada
Contact:

Re: ZeroTier SD-WAN / Network Orchestration

Sat May 21, 2022 3:28 pm

What gives?
Just for You @Znevna
Battle of the VPNs: Which one is fastest? (speed test)
Perhaps you can learn something from Netmaker .... :)
 
User avatar
Larsa
Forum Guru
Forum Guru
Posts: 1041
Joined: Sat Aug 29, 2015 7:40 pm
Location: The North Pole, Santa's Workshop

Re: ZeroTier SD-WAN / Network Orchestration

Mon May 23, 2022 8:11 pm

In my opinion this is a rather sloppy article/test/comparison thus I wouldn't bother too much about the outcome and related conclusions. Just a few examples of shortcomings:

- Tailscale and the stand-alone wireguard offer identical point-to-point traffic (that is the wireguard protocol) and both are normally equally fast.

- The article lacks information on how the controllers for nebula, tailscape and zerotier were set up. A sloppy configuration will in worst case pass all traffic through the controllers and not point-to-point as was probably intended.

- There is no information regarding the different capacity settings and configuration options like best practice recommended settings thus I suspect he missed things like using aes instead of the standard salsa for zestier and nebula (and simlar for the others).

There are plenty of other more more in depth and serious tests than this one IMHO.
--

@Anava, I'll get back to you later on the other matter.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19099
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: ZeroTier SD-WAN / Network Orchestration

Mon May 23, 2022 10:35 pm

Thanks Larsa, yeah tend to agree the article was an infomercial for their product which uses wireguard.................... not a credible review IMHO.
 
User avatar
mozerd
Forum Veteran
Forum Veteran
Posts: 872
Joined: Thu Oct 05, 2017 3:39 pm
Location: Canada
Contact:

Re: ZeroTier SD-WAN / Network Orchestration

Tue May 24, 2022 12:30 am

There are plenty of other more more in depth and serious tests than this one IMHO.
@Larsa … IMHO Netmaker test are COMPREHENSIVE and very credible …. I do not understand why YOU would think otherwise … why because my comparison made some time ago showed TailScale being FAR superior to ZeroTier … by a country mile. WireGuard is the THE ONE in every way shape and form. IMO, ZeroTier is a complete and absolute waste of valuable time. What a shame that MikroTik has included it within RoS 7 for ARM devices.
 
User avatar
Larsa
Forum Guru
Forum Guru
Posts: 1041
Joined: Sat Aug 29, 2015 7:40 pm
Location: The North Pole, Santa's Workshop

Re: ZeroTier SD-WAN / Network Orchestration

Tue May 24, 2022 8:44 am

My comment was merely about the test itself and not about a specific solution.

When it comes to SD-WAN, I think there are other important factors to take into account than just pure speed. In addition, standard pptp connections that require manual configuration are by definition not SD-WAN and therefore don't meet the standards of a decent test IMHO, it might be valuable as a reference though.
 
User avatar
mozerd
Forum Veteran
Forum Veteran
Posts: 872
Joined: Thu Oct 05, 2017 3:39 pm
Location: Canada
Contact:

Re: ZeroTier SD-WAN / Network Orchestration

Tue May 24, 2022 11:22 am

When it comes to SD-WAN, I think there are other important factors to take into account than just pure speed.
Benefits of SD-WAN
SD-WAN offers many benefits to geographically distributed organizations, including:

Simplicity: Because each device is centrally managed, with routing based on application policies, WAN managers can create and update security rules in real time as network requirements change. By combining SD-WAN with zero-touch provisioning – which helps automate deployment and configuration processes – organizations can further reduce the complexity, resources and opex required to turn up new sites.

Improved performance: By allowing efficient access to cloud-based resources without the need to backhaul traffic to centralized locations, organizations can provide a better user experience.

Reduced costs: Network administrators can supplement or substitute expensive MPLS with broadband connectivity options.

So @ Larsa how does ZeroTier meet the THREE Critical Benefits of a SD-WAN as stated above : ... please elaborate ....
 
User avatar
Larsa
Forum Guru
Forum Guru
Posts: 1041
Joined: Sat Aug 29, 2015 7:40 pm
Location: The North Pole, Santa's Workshop

Re: ZeroTier SD-WAN / Network Orchestration

Tue May 24, 2022 12:17 pm

All very good examples of essential points that define the advantage of SD-WAN. Of course there might be advantages to other alternatives, but at the moment ZT is the only available solution for Mikrotik (so far).

SD-WAN compared to regular pptp solutions that requires human intervention during ongoing operations for configuration of new entery points and reconfiguration of exitent ones I beleave is a more interesting topic to discuss.
 
User avatar
mozerd
Forum Veteran
Forum Veteran
Posts: 872
Joined: Thu Oct 05, 2017 3:39 pm
Location: Canada
Contact:

Re: ZeroTier SD-WAN / Network Orchestration

Tue May 24, 2022 12:39 pm

Of course there might be advantages to other alternatives, but at the moment ZT is the only available solution for Mikrotik (so far).
So ZeroTier cannot meet ANY of those 3 CRITICAL advantages ..... otherwise you @Larsa would be singing from the Tree Tops :)

To bad that TailScale is not integrated into RoS as a client because TailScale is Far superior and a SCALEABLE management solution for WireGuard. However, for the purposes of MikroTik WireGuard is so easy to deploy and manage especially for the SMB marketplace.
 
elbob2002
Member Candidate
Member Candidate
Posts: 252
Joined: Tue May 15, 2018 8:15 pm
Location: Ireland

Re: ZeroTier SD-WAN / Network Orchestration

Tue May 24, 2022 1:00 pm

Of course there might be advantages to other alternatives, but at the moment ZT is the only available solution for Mikrotik (so far).
So ZeroTier cannot meet ANY of those 3 CRITICAL advantages ..... otherwise you @Larsa would be singing from the Tree Tops :)

To bad that TailScale is not integrated into RoS as a client because TailScale is Far superior and a SCALEABLE management solution for WireGuard. However, for the purposes of MikroTik WireGuard is so easy to deploy and manage especially for the SMB marketplace.
Sorry to fan the flames on this but Tailscale is terrible. IMHO.

Note the IMHO part. If Tailscale was included as a package I wouldn't care. I likely wouldn't use it but the fact it was there wouldn't bother me in the slightest.

We get that you don't like Zerotier. It doesn't make you right and it doesn't make you wrong either. If you don't like it just don't use it. Simple. This endless back and forth about it is tiresome and irrelevant. Move on.
 
User avatar
Larsa
Forum Guru
Forum Guru
Posts: 1041
Joined: Sat Aug 29, 2015 7:40 pm
Location: The North Pole, Santa's Workshop

Re: ZeroTier SD-WAN / Network Orchestration

Tue May 24, 2022 6:54 pm

So ZeroTier cannot meet ANY of those 3 CRITICAL advantages.

TZ meets all these requirements by definition. However even though it's quite obvious that you have a different view, it's also hard to determine the reason for this.
 
User avatar
mozerd
Forum Veteran
Forum Veteran
Posts: 872
Joined: Thu Oct 05, 2017 3:39 pm
Location: Canada
Contact:

Re: ZeroTier SD-WAN / Network Orchestration

Tue May 24, 2022 7:09 pm

So ZeroTier cannot meet ANY of those 3 CRITICAL advantages.

TZ meets all these requirements by definition.
@Larsa … word games do not work ?.. but you can dream all you want because in dreams everything is possible.
 
User avatar
Larsa
Forum Guru
Forum Guru
Posts: 1041
Joined: Sat Aug 29, 2015 7:40 pm
Location: The North Pole, Santa's Workshop

Re: ZeroTier SD-WAN / Network Orchestration

Tue May 24, 2022 8:00 pm

@Larsa … word games do not work ?.. but you can dream all you want because in dreams everything is possible.

Haha, well as you probably live in another dimension! But deep down you know I'm right! ( :-D )
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19099
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: ZeroTier SD-WAN / Network Orchestration

Tue May 24, 2022 9:17 pm

@Larsa … word games do not work ?.. but you can dream all you want because in dreams everything is possible.

Haha, well as you probably live in another dimension! But deep down you know I'm right! ( :-D )
Still waiting for that "right" config LOL
 
User avatar
mozerd
Forum Veteran
Forum Veteran
Posts: 872
Joined: Thu Oct 05, 2017 3:39 pm
Location: Canada
Contact:

Re: ZeroTier SD-WAN / Network Orchestration

Tue May 24, 2022 11:51 pm

Still waiting for that "right" config LOL
Hell will freeze over before @Larsa will provide that “right” config for you …. simplicity, performance, reduced costs ONLY in Larsa’s dreams.
 
User avatar
Larsa
Forum Guru
Forum Guru
Posts: 1041
Joined: Sat Aug 29, 2015 7:40 pm
Location: The North Pole, Santa's Workshop

Re: ZeroTier SD-WAN / Network Orchestration

Wed May 25, 2022 12:51 am

That was a bit unfair since hell will freez to ice already tomorrow and I don't really have time to fix it. : )

Anyhow, I may have expressed myself carelessly but I don't recall that I have ever promised a complete config.

However I'm open to a dialogue about the advantages of SD-WAN (ZT) compared to manually configured tunnels like for instance wg.

If there is any interest, I might consider to contribute parts to some kind of best practice for ZT (but subject to available time).
 
User avatar
mozerd
Forum Veteran
Forum Veteran
Posts: 872
Joined: Thu Oct 05, 2017 3:39 pm
Location: Canada
Contact:

Re: ZeroTier SD-WAN / Network Orchestration

Wed May 25, 2022 1:21 am

That was a bit unfair since hell will freez to ice already tomorrow and I don't really have time to fix it. : )
@Larsa, without one shadow of doubt I really like your sense of humor …. :lol:

Are you a ZT employee?
 
User avatar
Larsa
Forum Guru
Forum Guru
Posts: 1041
Joined: Sat Aug 29, 2015 7:40 pm
Location: The North Pole, Santa's Workshop

Re: ZeroTier SD-WAN / Network Orchestration

Wed May 25, 2022 7:32 am

I can assure you that I'm not working for or am employed by ZT.

Also, I am not in favor of any particular solution in general, meaning each thing has its place that best suits a specific need or occasion.

Who is online

Users browsing this forum: bkuyk1 and 47 guests