ZeroTierOne icon indicating copy to clipboard operation
ZeroTierOne copied to clipboard

Published 20 hours ago verified publisher icon zerotier

Linux: add ability to assign zt interface to a vrf

Open Jamesits opened this issue 5 years ago • 2 comments

Is your feature request related to a problem? Please describe. I have problems automatically adding zerotier interfaces to a VRF.

Describe the solution you'd like I'd like to either add a local config for adding the tunnel to a VRF automatically during interface creation, or a user-configurable script automatically run on interface up.

Describe alternatives you've considered Using external methods to monitor zt* interface creation and automatically bind it to a VRF. It is a dirty solution and might create unexpected race conditions.

Additional context N/A

Jamesits avatar Apr 13 '20 13:04 Jamesits

Seconded.

rcmcdonald91 avatar Dec 09 '20 16:12 rcmcdonald91

I'd also love this feature, it could be another set parameter in the zerotier-cli command, something like zerotier-cli set [NETWORK_ID] vrf=[VRF_NAME].

As a workaround, I'm experimenting with an udev rule that it's triggered everytime a new ZeroTier interface shows up. It's a little hacky, but it seems to work. In case it helps somebody, here is the code:

$ cat /etc/udev/rules.d/90-zerotier.rules
SUBSYSTEM=="net", ACTION=="add", KERNEL=="zt*", RUN+="/usr/local/bin/zerotier-vrf.sh %k"

$ cat /usr/local/bin/zerotier-vrf.sh
#!/usr/bin/env bash

set -euo pipefail

INTERFACE="${1:-}"

case "${INTERFACE}" in
  zt00000000)
    VRF=vrf1
  ;;

  zt12345678)
    VRF=vrf2
  ;;

  # ...
esac

if [[ -n "${VRF:-}" ]]; then
  ip link set ${INTERFACE} master ${VRF}
fi

xabinapal avatar Apr 18 '22 00:04 xabinapal