Pues acabo de sustituir el router de Digi por mi mikrotik.
Tengo red interna entre mis aparatos y tengo salida a Internet.
He probado a acceder desde los datos del móvil mediante #zerotier al nas y llego perfectamente.
La WiFi la gestiona el router #orbi y parece que con muy buena señal en toda la casa.
Lo mismo mañana me levanto y tengo todo hackeado y los discos cifrados pero hoy me acuesto contento sabiendo que he sido capaz de configurarlo todo.
This afternoon, a client called me, mentioning that since they changed their connectivity provider a few months ago, they can't connect from outside anymore. The client is 500 km away, and visiting them for this issue would be uneconomical for everyone involved. They're not very tech-savvy, so guiding them through any process is nearly impossible. Suddenly, I remembered that I had initially connected their Nextcloud server to my Zerotier network for some initial setups but later revoked the authorization. Luckily, I reauthorized the machine (which was still getting its IP via DHCP from the old router, though it's always been the same due to router settings, before changing provider and router) and regained access.
I went in and altered the router configurations (replacing the unsecure, default passwords), reforwarded the ports, updated the DNS, and fixed the certificates that hadn't been updated for a while.
I'm quite satisfied with the outcome. The only concern is that the client (who are genuinely good people) may not realize how much time/cost has been saved by this approach, and might perceive any (modest) bill I send for this work as too high.
🎃 Here is a Halloween treat from Team ZeroTier… Webhooks
On occasion I want to access some #homelab stuff while on the go. Pondering solutions for that.
I've tried #Cloudflare Tunnels for some stuff, and that's neat, but has some privacy issues.
Something like #ZeroTier/#Tailscale, maybe? Primarily interested in accessing some web UIs running on my homelab, accessing the NAS remotely is a bonus.
📣 ZeroTier 1.12.2 is now available! 📣
This new release features more improvements to macOS full tunnel mode and faster recovery after changes to physical network settings.
Release Notes: https://github.com/zerotier/ZeroTierOne/releases/tag/1.12.2
🎉 ZeroTier 1.12.1 is here! 🎉
Our Summer 2023 release includes:
- Increased reliability, performance, and resource efficiency
- Our brand-new network observability feature
- Plus, bug fixes and improvements
Fun research today tinkering with #Mikrotik, #Zerotier and #pfSense. There’s no Zerotier package for pfSense, but with a dedicated relay Mikrotik router and some static routes I can expose the Zerotier network to the rest of the regular network devices. The only hitch is that performance is directly related to the CPU speed of the box (Zerotier is single-threaded) so it’s looking like a https://mikrotik.com/product/ccr2004_16g_2splus is in my future for the office
If you’re at Blackhat, don’t miss their booth out in the startup city… both for adorbs microanimals and for learning about why I keep telling people to use #ZeroTier
Team ZeroTier is busy making last minute preparations for
Black Hat USA in Las Vegas.
If you're at the event this Wednesday and Thursday, come on by Booth 205 in Start-Up City. We'd love to meet you!
Don't forget, this time next week in fabulous Las Vegas you'll be able to meet Team ZeroTier at both BlackHat USA 2023 and DEF CON 31.
Come by our booth in Start-Up City at Black Hat for some ZeroTier swag. Or, stop by the DEF CON Packet Hacking Village. Be sure to say hello to the team when you see us!
#Zerotier is an excellent VPN system. I've been using it for years in specific situations, and I find it efficient and convenient. While I usually rely on #Wireguard and manage everything manually, it's not always the best solution.
@linuxmatters How is #Tailscale or #zerotier different from a normal VPN I setup on my home router? Especially if I self host it?
So it sounds like it does the same but just routing the traffic dedicated to the “LAN” which one could do with other VPN solutions as well.
I feel like I’m missing something obvious here.
Currently, it's quite simple (we're not many and the load isn't high), but I've structured it to be scalable. It's based on #FreeBSD, connected in both ipv4 and ipv6, and split into jails:
* A dedicated jail with nginx acting as a reverse proxy - managing certificates and directing traffic
* A jail with a small #opensmtpd server - handling email dispatch - didn't want to rely on external services
* A jail with #redis - the heart of the communication between #Mastodon services - the nervous system of BSDcafe
* A jail with #postgresql - the database, the memory of BSDcafe
* A jail for media storage. The 'multimedia memory' of BSDcafe. This jail is on an external server with rotating disks, behind #cloudflare. Aim is georeplicated caching of multimedia data to reduce bandwidth usage.
* A jail with Mastodon itself - #sidekiq, #puma, #streaming. Here is where all processing and connection management takes place.
All communicate through a private LAN (in bridge) and is set up for VPN connection to external machines - in case I want to move some services, replicate or add them. The VPN connection can occur via #zerotier or #wireguard, and I've also set up a bridge between machines through a #vxlan interface over #wireguard.
Backups are constantly done via #zfs snapshots and external replication on two different machines, in two different datacenters (and different from the production VPS datacenter).
REMINDER - Come join us tomorrow Wednesday 26 July 2023 at 6pm CEST/12 Noon ET/9am PT for a presentation by ZeroTier Founder and CEO @adamierymenko. Adam will talk about #ZeroTier, what he's seeing, and will discuss some exciting things coming soon. There will be Q&A, so be sure to bring your questions.
On Wednesday, 26 July 2023, at 12 PM ET/9 AM PT/6 PM CEST Team ZeroTier will host a webinar for our user community featuring our Founder & CEO, @adamierymenko.
During this one-hour session, Adam will discuss the ZeroTier mission, networking industry meta trends, and the exciting things on tap for ZeroTier.
We look forward to having you join us!
For some reason, #zerotier has stopped working for me entirely a few days ago. No hosts in my zerotier network could reach each other anymore. They all display as online and the controller sees them but no actual traffic is being sent or received.
oh yeah, I should remember not to perform system upgrades while ssh-ed into the machine over a #zerotier connection...
@vesto Glad it was helpful! I don't use iOS much, so that #Tailscale battery drain sounds aallying. It sounds like you're having #ZeroTier firewall out things that aren't coming from ZeroTier? That's interesting. I use firehol to do such things. Another option is to have your servers bind to a specific interface, in which case they won't even listen on the other interfaces in the first place. I didn't go as deep with that part of ZeroTier.
Presentamos a Anthony Alvarez. Anthony es nuestro nuevo Ejecutivo de Cuentas Comerciales y está muy emocionado de trabajar con la comunidad de ZeroTier.
Recently setup #zerotier @zerotier for a bunch of my machines. I previously tested it from a different location within the country. Last week however I also had the opportunity to test is from well outside of the country over very bad networks. It worked surprisingly well :) Loving the concept of it.
I made a docker compose file for #zerotier mesh vpn. I'd like to join my vps and my local server. I hope it will work 😅
Today in nerditude-on-top-of-nerditude-on-top-of-nerditude...:
For a while now, I've been naming my computers and VMs after Roman things. Yesterday, I installed ZeroTier everywhere, and used the suffix
.zt for the new entries in my /etc/hosts files. Now everything sounds like ancient pasta:
I wrote a deep dive about #mesh #VPN solutions, with #NAT traversal and such. Featured: #Yggdrasil, #tinc, #Tailscale, #Zerotier, #Nebula, #Netmaker. "Easily Accessing All Your Stuff with a Zero-Trust Mesh VPN" at https://changelog.complete.org/archives/10478-easily-accessing-all-your-stuff-with-a-zero-trust-mesh-vpn
Thanks to those that participated in the previous thread, and particularly @tailscale .
There are some interesting options these days and I hope to see them continue to gain traction!
Also, FYI - open source self-hosted ZeroTier features ~unlimited~ nodes / admins / networks.
There are few #Internet options where I live. Fiber is 2 years out. I may need to use an ISP that uses #CGNAT, which means no open ports at all. I see that #Tailscale and #Zerotier both use #STUN (or something like it) to solve this problem. Are there any pure Open Source tools that can do this? #Yggdrasil is great, but is TCP based, so can't do direct P2P with blocked ports (it can communicate, but via a public or private intermediary.) Perhaps #Debian packages? #askfedi
Attention ZeroTier on Windows Users:
Please update your client(s) to 1.10.6 or later as ZT 1.10.4 on Windows created duplicate firewall rules.
After updating, clear the duplicated rules by leaving and re-joining your networks.
➡️ Download: https://zerotier.com/download/
A tip for ZeroTier on Windows power users -> To clean up the rules in an Admin powershell, try:
Remove-NetFirewallRule -DisplayName “zerotier-icmp*”
ZeroTier 1.10.6 is a new minor release with bug fixes for binding temporary IPv6 addresses on MacOS, path-learning loop prevention, and UI fixes.
If anyone wants to join me and play old psp Monster Hunter (and now MH3U on 3ds)
You can follow this playlist and join a hunt with me from time to time :P
Using ZeroTier for easy and secure access to your small Mastodon server https://blog.patrickv.be/2023/03/14/using-zerotier-for-easy-and-secure-access-to-your-small-mastodon-server/ #mastodon, #zerotier
New! ZeroTier 1.10.4 is a minor release to fix a filesystem permission bug on Windows. Windows users are encouraged to upgrade especially if they are running environments where users are not administrators.
Team #ZeroTier welcomes friends both new and old to Mastodon! We're happy to see you here!
Want to use ZeroTier on your x86/CHR MikroTik but can't find a package for it? Johnny Van Den Berg, aka The Network Berg, has made a video just for you.
This video will show you the basic steps of how to configure a MikroTik container and how to get ZT to work.
At ZeroTier, we envision a new era of decentralized computing.
Earlier this summer at DWeb Camp 2022, @adamierymenko gave this lightning talk explaining how ZeroTier is working toward full decentralization of our global networking protocol.