By: CCI

CCI — Thu, 02 Sep 2021 23:41:12 +0000

ZeroTier added to RouterOS v7.1rc2 🙂
https://forum.mikrotik.com/viewtopic.php?f=1&t=178063

By: 589media

589media — Thu, 02 Apr 2020 14:14:48 +0000

Nice post! I have on a portable multi-site vpn system for multi-site broadcasting using ZT and OPNSense myself. In live events world (which is DEAD at the time of this writing) we often run into incompetent, lazy, expensive, or difficult IT staff at various venues that can make connecting remote locations nearly impossible to coordinate Ip’s and port forwarding, VLANs, etc. ZT allows me to connect locations by just asking for an internet drop with no strings attached. It doesn’t care (and neither do I) about IPs, NATs, or anything else in the way to make the remote connections anywhere else in the world. It’s revolutionary and allows folks like myself who aren’t network engineers, programmers, or IT to make cool stuff happen, though I would like to be a network engineer too one day.

Currently I have just been using routing through ZT and OPNSense. Each OPNSense node has its own /24 with itself as .1 and its ZT address is its subnet. I realize there are limitations to this, but I’m not planning on connecting 254+ sites simultaneously so the KISS method works well here. For example:

ZT backhaul network : 192.168.0.0/24

Node 1 LAN: 192.168.1.0/24
Node 1 LAN ADDR: 192.168.1.1
Node 1 ZT ADDR: 192.168.0.1
Node 1 ZT route: 192.168.1.0/24 via 192.168.0.1

Etc

The hardest part was troubleshooting ZT to not loop back to itself using blacklists and configuring the OPNSense firewall for ZT traffic to pass through. Right now each node connects part tunnel to allow general internet traffic to travel directly ZT bandwidth to be kept down. My novice networking skills made it take way longer to figure out, but I did.

FRR looks really neat I’ll check that out. It might allow some functionality or easier configuration that would be welcome.

Comments on: Untitled

By: CCI

By: 589media