Private ZeroTier Network on the Public Internet

Поделиться
HTML-код
  • Опубликовано: 28 ноя 2024

Комментарии • 41

  • @netsysv8747
    @netsysv8747 5 месяцев назад +1

    I don't normally comment on videos, but you did a fantastic job walking through this lab. You made it easy for me to replicate and learn it. I appreciate the time and thought you put into this.

    • @duanedunston5209
      @duanedunston5209  5 месяцев назад

      Thank you so much for that feedback. It is appreciated!

  • @JamesT65
    @JamesT65 2 года назад +1

    Thanks for the very very good step by step, I had to change some firewall rules in my AWS instances and its all good.

  • @mada7ebnana
    @mada7ebnana 2 года назад +3

    This is by far the best tutorial ever explaining a real case study, but I have 2 questions would be so kind of you if you consider to answer
    1- Well self hosted ZT server in a country (where ZT moon is absent) will enhance connectivity and decrease latency (Considering VoIP services where latency is crucial element in this scenario)
    2- Would you please consider making a video where you can easily bridge network between ZT and clients behind NAT where you cant load ZT client on them (there is article show how to use Raspery PI but so confusing .. if you can make it charming simple like your way would be grateful )
    Thank you in advance .. thanks a MILLION!

    • @duanedunston5209
      @duanedunston5209  2 года назад +2

      Thank you! :)
      1) Remember that ZT will always try to connect peers point-to-point, first. Relaying through a moon *only* occurs when the ZT peers can't connect point-to-point and there will be some latency due to the relaying. The latency and efficiency will be dependent on the bandwidth of both peers and the relay server, regardless of the location of the moon.
      2) Can you draw a quick diagram for me please so I can be sure I understand the type of connection you are referring to and fictitious IPs?

    • @duanedunston5209
      @duanedunston5209  2 года назад +2

      I have a video on a hub and spoke model, but that may not be what you want:
      ruclips.net/video/Fb65bU3oyEo/видео.html

  • @creamrisesup
    @creamrisesup 2 года назад +1

    That's a thorough and well-demoistrated tutorial Sir, thanks for providing this gem for us!!! My question is do we have to use two root servers for creating our moons or you did that for the demo purpose? My other question is how is the network performance compare to using ZT's own root servers? Thanks again!

    • @duanedunston5209
      @duanedunston5209  2 года назад +1

      Thank you for the feedback. You can use one though that will just be a single point of failure or you can use more than two.
      I haven't noticed any degradation in performance.

    • @creamrisesup
      @creamrisesup 2 года назад +1

      @@duanedunston5209 Thanks for the speedy reply.

    • @JamesT65
      @JamesT65 2 года назад +1

      @@creamrisesup I ran two roots and did an iperf from AWS California based instance to my European residential router and got 95% throughput on iperf.

    • @creamrisesup
      @creamrisesup 2 года назад +1

      @@JamesT65 Wow, that's awesome! I wish I've known the existence of Zerotier earlier.

    • @JamesT65
      @JamesT65 2 года назад

      @@creamrisesup its a bit hard to get it going but worth it, I prefer it over tailscale and wireguard.

  • @youroldmangaming8150
    @youroldmangaming8150 Год назад +1

    Really very good. On the client side I use a mac and the paths are a little different.
    To make the admin work I made a soft link as follows:
    cd /var/lib
    sudo ln -s /Library/Application\ Support/ZeroTier/One zerotier-one
    Thank you for putting this together. I had followed the tutorial also, but this video glued it all together for me.
    Cheers
    Mike

    • @duanedunston5209
      @duanedunston5209  Год назад

      Thank you for this info. When I get a chance to update it, I'll check on adding that feature.

    • @youroldmangaming8150
      @youroldmangaming8150 Год назад

      @@duanedunston5209 Hi Duanne, I hope you are well. I have sent out a contact request to you on LinkedIn. I am working on something that maybe of interest to you.

  • @the_KID_b
    @the_KID_b 2 года назад +1

    Thank You Sr.

  • @justitservices5490
    @justitservices5490 2 года назад

    I saw you recommend zero-ui on your github. I tried to create a moon within this docker setup. It's not the first time I create a moon, however when I try it with the docker-compose from zero-ui (without proxy) I've never saw my created moon. When I try zerotier-cli listpeers, I never see a moon.
    Have you ever tried to create a moon with zero-ui?

  • @peewee9393
    @peewee9393 3 года назад

    Thanks for the instructions.

  • @CmAektP2jxrGAb7
    @CmAektP2jxrGAb7 7 месяцев назад

    Strange. I follow the instruction in this video and it worked way back 6 month ago. Then I tried to run this script again on a new VM of Amazon Light Sail, it says network created and together with private IP pools, but the network is empty. All the required ports are open, any clues?
    Debian 12 (updated)
    zerotier-one (installed)
    ztnetworks script (installed)

    • @duanedunston5209
      @duanedunston5209  7 месяцев назад

      Yes, it has been reported to me today as a bug and I'm working on fixing it.

    • @duanedunston5209
      @duanedunston5209  7 месяцев назад

      This issue has been resolved. The problem was I had a 'slash' at the end of the URL that lists networks and caused it to not list the networks with the new release of ZT.

  • @mariosanchezr
    @mariosanchezr 2 года назад

    How did you put your .moon file on your clients, this is a important step that you skipped on your video?. The rest is perfect, thanks for helping me doing my end-of-degree project!

    • @duanedunston5209
      @duanedunston5209  2 года назад +1

      I used scp to copy the files from the root server to my clients.

    • @mariosanchezr
      @mariosanchezr 2 года назад

      @@duanedunston5209 if i need to use Windows clients, what things differ from the video setup?

    • @duanedunston5209
      @duanedunston5209  2 года назад +1

      @@mariosanchezr it is likely the folder to place the moons.d directory is located in: C:\ProgramData\ZeroTier\One If you don't see it there, search for controllers.d and place it within the same root directory were controllers.d is located.

    • @duanedunston5209
      @duanedunston5209  2 года назад

      If the location of the moons.d works on Windows, please let me know so I can edit the description with that note.

    • @mariosanchezr
      @mariosanchezr 2 года назад

      @@duanedunston5209 I put the moon file on that folder but when I do "zerotier-cli listpeers" all the planets appear with the IPs so It might not be working right now. Also I don't know how I can restart the zerotier service on Windows like you do on Linux with "etc/init.d/zerotier-one restart"

  • @thatdudefromthefuture3346
    @thatdudefromthefuture3346 Год назад

    Just saw this, does this also work behind cgnat?

    • @duanedunston5209
      @duanedunston5209  Год назад

      It should work since ZT will create a point-to-point connection between each client. Just be sure the Network that ZT assigns doesn't overlap with your ISP that uses cgnat.

  • @---tr9qg
    @---tr9qg 11 месяцев назад

    🔥🔥🔥

  • @GpconnectInfohotspot
    @GpconnectInfohotspot 3 года назад

    why not just block all in and out communication on port udp 9993 except the one coming from your nodes ?

    • @duanedunston5209
      @duanedunston5209  3 года назад +3

      How someone chooses to block communication is based on their needs. The method in the video allows me to be mobile where my IP changes. If an org uses static IPs, then it reduces IP management, except for roaming clients.

    • @GpconnectInfohotspot
      @GpconnectInfohotspot 3 года назад

      @@duanedunston5209 do the controller that create the network is by default added to it ? if so the ones used as moon should not host a dashboard like ZTN CUI right ?

    • @duanedunston5209
      @duanedunston5209  3 года назад

      @@GpconnectInfohotspot correct, the controller will send new networks upstream to the moon. Yes, it is recommended not to host other services on the moons. Checkout Zeroui as an alt for ztncui github.com/dec0dOS/zero-ui nice interface and has more features.

    • @GpconnectInfohotspot
      @GpconnectInfohotspot 3 года назад

      @@duanedunston5209 but can we block those communications on mobile ? add our moons to zerotier iphone app ?

    • @duanedunston5209
      @duanedunston5209  3 года назад

      @@GpconnectInfohotspot I am not familiar with ZeroTier on an iphone to answer that question. ZeroTier nodes have to be authorized before they can communicate on a network and requires knowing the network ID to request authorization. I hope I'm understanding your question?