Skip to content

Instantly share code, notes, and snippets.

View laduke's full-sized avatar

Travis LaDuke laduke

41 followers · 74 following
  • zerotier
  • California
View GitHub Profile
@laduke
laduke / zerotier-cli-completion.bash
Created July 7, 2020 20:56
bash completion for zerotier-cli
#compdef zerotier-cli
#autoload
_get_network_ids ()
{
if [[ "$OSTYPE" == "darwin"* ]]; then
COMPREPLY=($(compgen -W "$(ls -1 /Library/Application\ Support/ZeroTier/One/networks.d | cut -c 1-16)" -- ${cur}))
else
COMPREPLY=($(compgen -W "$(ls -1 /var/lib/zerotier-one/networks.d | cut -c 1-16)" -- ${cur}))
@laduke
laduke / zerotier-troubleshoot.md
Last active December 17, 2020 17:39
zerotier-troubleshoot.sh

Collect information helpful for troubleshooting zerotier-one

Run this on Mac or Linux

It will create a text file in the current directory. It won't modify anything.

Make sure you are root

   (set -x; \
 zerotier-cli info -j; \
@laduke
laduke / rules.md
Last active December 17, 2020 17:39
zerotier rules engine - examples

Whitelist by port

drop
  not ethertype ipv4
  and not ethertype arp
  and not ethertype ipv6
;

accept
 dport 6445
@laduke
laduke / zerotier - client isolation.md
Last active December 17, 2020 17:39
ZeroTier Rules Engine - Hub and Spoke - Client Isolation

Common ZeroTier Rules Engine question

  • Non-servers can talk to servers, but not each other
  • Kind of like Client Isolation on some WiFi controllers

Rules

# Allow only IPv4, IPv4 ARP, and IPv6 Ethernet frames. Typical default
drop
not ethertype ipv4
and not ethertype arp
@laduke
laduke / members-list-csv.sh
Last active July 6, 2023 18:26
zerotier central members list as csv
curl --silent --header "authorization: bearer ${TOKEN}" "https://my.zerotier.com/api/network/${NWID}/member" | jq ".[] | [ .nodeId, .name, .config.ipAssignments[0] ]" | jq -rs ".[] | @csv"
@laduke
laduke / ztv6.md
Last active September 23, 2023 15:53
ZeroTier 6PLANE and RFC4193 address calculation

ZeroTier IPv6 Auto-Assign Addresses

https://www.zerotier.com/manual.shtml#2_2_3

  • A network ID is 16 hex digits (9bee8941b5de0691)
  • A node ID is 10 hex digits (1234512345)

ZeroTier RFC4193 (/128 for each device)

  • fd9b:ee89:41b5:de06:9199:9312:3451:2345

ZeroTier 6PLANE (/80 routable for each device)

@laduke
laduke / zerotier-rpi-bridge.md
Last active January 26, 2024 13:01
Various Network Configuration Output

Motivation

Use a Raspberry Pi as a bridge into my home LAN. The pi is plugged into a switch, which is plugged into an airport express, which is plugged into a cable modem; Nothing fancy.

This isn't a tutorial. Just some example output from a working setup.

steps

off the top of my head, here's the order I would do it in:

  • make sure plain old device to device zerotier is working with my LAN/Router/Firewall/ISP