I don't normally comment on videos, but you did a fantastic job walking through this lab. You made it easy for me to replicate and learn it. I appreciate the time and thought you put into this.
This is by far the best tutorial ever explaining a real case study, but I have 2 questions would be so kind of you if you consider to answer 1- Well self hosted ZT server in a country (where ZT moon is absent) will enhance connectivity and decrease latency (Considering VoIP services where latency is crucial element in this scenario) 2- Would you please consider making a video where you can easily bridge network between ZT and clients behind NAT where you cant load ZT client on them (there is article show how to use Raspery PI but so confusing .. if you can make it charming simple like your way would be grateful ) Thank you in advance .. thanks a MILLION!
Thank you! :) 1) Remember that ZT will always try to connect peers point-to-point, first. Relaying through a moon *only* occurs when the ZT peers can't connect point-to-point and there will be some latency due to the relaying. The latency and efficiency will be dependent on the bandwidth of both peers and the relay server, regardless of the location of the moon. 2) Can you draw a quick diagram for me please so I can be sure I understand the type of connection you are referring to and fictitious IPs?
That's a thorough and well-demoistrated tutorial Sir, thanks for providing this gem for us!!! My question is do we have to use two root servers for creating our moons or you did that for the demo purpose? My other question is how is the network performance compare to using ZT's own root servers? Thanks again!
Thank you for the feedback. You can use one though that will just be a single point of failure or you can use more than two. I haven't noticed any degradation in performance.
Really very good. On the client side I use a mac and the paths are a little different. To make the admin work I made a soft link as follows: cd /var/lib sudo ln -s /Library/Application\ Support/ZeroTier/One zerotier-one Thank you for putting this together. I had followed the tutorial also, but this video glued it all together for me. Cheers Mike
@@duanedunston5209 Hi Duanne, I hope you are well. I have sent out a contact request to you on LinkedIn. I am working on something that maybe of interest to you.
I saw you recommend zero-ui on your github. I tried to create a moon within this docker setup. It's not the first time I create a moon, however when I try it with the docker-compose from zero-ui (without proxy) I've never saw my created moon. When I try zerotier-cli listpeers, I never see a moon. Have you ever tried to create a moon with zero-ui?
Strange. I follow the instruction in this video and it worked way back 6 month ago. Then I tried to run this script again on a new VM of Amazon Light Sail, it says network created and together with private IP pools, but the network is empty. All the required ports are open, any clues? Debian 12 (updated) zerotier-one (installed) ztnetworks script (installed)
This issue has been resolved. The problem was I had a 'slash' at the end of the URL that lists networks and caused it to not list the networks with the new release of ZT.
How did you put your .moon file on your clients, this is a important step that you skipped on your video?. The rest is perfect, thanks for helping me doing my end-of-degree project!
@@mariosanchezr it is likely the folder to place the moons.d directory is located in: C:\ProgramData\ZeroTier\One If you don't see it there, search for controllers.d and place it within the same root directory were controllers.d is located.
@@duanedunston5209 I put the moon file on that folder but when I do "zerotier-cli listpeers" all the planets appear with the IPs so It might not be working right now. Also I don't know how I can restart the zerotier service on Windows like you do on Linux with "etc/init.d/zerotier-one restart"
It should work since ZT will create a point-to-point connection between each client. Just be sure the Network that ZT assigns doesn't overlap with your ISP that uses cgnat.
How someone chooses to block communication is based on their needs. The method in the video allows me to be mobile where my IP changes. If an org uses static IPs, then it reduces IP management, except for roaming clients.
@@duanedunston5209 do the controller that create the network is by default added to it ? if so the ones used as moon should not host a dashboard like ZTN CUI right ?
@@GpconnectInfohotspot correct, the controller will send new networks upstream to the moon. Yes, it is recommended not to host other services on the moons. Checkout Zeroui as an alt for ztncui github.com/dec0dOS/zero-ui nice interface and has more features.
@@GpconnectInfohotspot I am not familiar with ZeroTier on an iphone to answer that question. ZeroTier nodes have to be authorized before they can communicate on a network and requires knowing the network ID to request authorization. I hope I'm understanding your question?
I don't normally comment on videos, but you did a fantastic job walking through this lab. You made it easy for me to replicate and learn it. I appreciate the time and thought you put into this.
Thank you so much for that feedback. It is appreciated!
Thanks for the very very good step by step, I had to change some firewall rules in my AWS instances and its all good.
You're welcome!
This is by far the best tutorial ever explaining a real case study, but I have 2 questions would be so kind of you if you consider to answer
1- Well self hosted ZT server in a country (where ZT moon is absent) will enhance connectivity and decrease latency (Considering VoIP services where latency is crucial element in this scenario)
2- Would you please consider making a video where you can easily bridge network between ZT and clients behind NAT where you cant load ZT client on them (there is article show how to use Raspery PI but so confusing .. if you can make it charming simple like your way would be grateful )
Thank you in advance .. thanks a MILLION!
Thank you! :)
1) Remember that ZT will always try to connect peers point-to-point, first. Relaying through a moon *only* occurs when the ZT peers can't connect point-to-point and there will be some latency due to the relaying. The latency and efficiency will be dependent on the bandwidth of both peers and the relay server, regardless of the location of the moon.
2) Can you draw a quick diagram for me please so I can be sure I understand the type of connection you are referring to and fictitious IPs?
I have a video on a hub and spoke model, but that may not be what you want:
ruclips.net/video/Fb65bU3oyEo/видео.html
That's a thorough and well-demoistrated tutorial Sir, thanks for providing this gem for us!!! My question is do we have to use two root servers for creating our moons or you did that for the demo purpose? My other question is how is the network performance compare to using ZT's own root servers? Thanks again!
Thank you for the feedback. You can use one though that will just be a single point of failure or you can use more than two.
I haven't noticed any degradation in performance.
@@duanedunston5209 Thanks for the speedy reply.
@@creamrisesup I ran two roots and did an iperf from AWS California based instance to my European residential router and got 95% throughput on iperf.
@@JamesT65 Wow, that's awesome! I wish I've known the existence of Zerotier earlier.
@@creamrisesup its a bit hard to get it going but worth it, I prefer it over tailscale and wireguard.
Really very good. On the client side I use a mac and the paths are a little different.
To make the admin work I made a soft link as follows:
cd /var/lib
sudo ln -s /Library/Application\ Support/ZeroTier/One zerotier-one
Thank you for putting this together. I had followed the tutorial also, but this video glued it all together for me.
Cheers
Mike
Thank you for this info. When I get a chance to update it, I'll check on adding that feature.
@@duanedunston5209 Hi Duanne, I hope you are well. I have sent out a contact request to you on LinkedIn. I am working on something that maybe of interest to you.
Thank You Sr.
I saw you recommend zero-ui on your github. I tried to create a moon within this docker setup. It's not the first time I create a moon, however when I try it with the docker-compose from zero-ui (without proxy) I've never saw my created moon. When I try zerotier-cli listpeers, I never see a moon.
Have you ever tried to create a moon with zero-ui?
Thanks for the instructions.
You're welcome!
Strange. I follow the instruction in this video and it worked way back 6 month ago. Then I tried to run this script again on a new VM of Amazon Light Sail, it says network created and together with private IP pools, but the network is empty. All the required ports are open, any clues?
Debian 12 (updated)
zerotier-one (installed)
ztnetworks script (installed)
Yes, it has been reported to me today as a bug and I'm working on fixing it.
This issue has been resolved. The problem was I had a 'slash' at the end of the URL that lists networks and caused it to not list the networks with the new release of ZT.
How did you put your .moon file on your clients, this is a important step that you skipped on your video?. The rest is perfect, thanks for helping me doing my end-of-degree project!
I used scp to copy the files from the root server to my clients.
@@duanedunston5209 if i need to use Windows clients, what things differ from the video setup?
@@mariosanchezr it is likely the folder to place the moons.d directory is located in: C:\ProgramData\ZeroTier\One If you don't see it there, search for controllers.d and place it within the same root directory were controllers.d is located.
If the location of the moons.d works on Windows, please let me know so I can edit the description with that note.
@@duanedunston5209 I put the moon file on that folder but when I do "zerotier-cli listpeers" all the planets appear with the IPs so It might not be working right now. Also I don't know how I can restart the zerotier service on Windows like you do on Linux with "etc/init.d/zerotier-one restart"
Just saw this, does this also work behind cgnat?
It should work since ZT will create a point-to-point connection between each client. Just be sure the Network that ZT assigns doesn't overlap with your ISP that uses cgnat.
🔥🔥🔥
why not just block all in and out communication on port udp 9993 except the one coming from your nodes ?
How someone chooses to block communication is based on their needs. The method in the video allows me to be mobile where my IP changes. If an org uses static IPs, then it reduces IP management, except for roaming clients.
@@duanedunston5209 do the controller that create the network is by default added to it ? if so the ones used as moon should not host a dashboard like ZTN CUI right ?
@@GpconnectInfohotspot correct, the controller will send new networks upstream to the moon. Yes, it is recommended not to host other services on the moons. Checkout Zeroui as an alt for ztncui github.com/dec0dOS/zero-ui nice interface and has more features.
@@duanedunston5209 but can we block those communications on mobile ? add our moons to zerotier iphone app ?
@@GpconnectInfohotspot I am not familiar with ZeroTier on an iphone to answer that question. ZeroTier nodes have to be authorized before they can communicate on a network and requires knowing the network ID to request authorization. I hope I'm understanding your question?