ZeroTierOne icon indicating copy to clipboard operation
ZeroTierOne copied to clipboard
verified publisher icon zerotier

zerotier keeps overwriting external port UDP 29994 on router for different linux machines on the same lan, from time to time, constantly.

Open hradec opened this issue 3 years ago • 3 comments

I have about 5 machines on a LAN network, all running zerotier (debian). I just noticed that port 29994 keeps been overwritten by each on those machines from time to time, which essentially means just one of those machines have direct UDP access from outside at a time.

It seems zerotier on linux doesn't check if port 29994 is already open to another ip, and just overwrites the redirection to itself all the time.

On the same lan I have 2 OSX machines running zerotier, and each of then choose a random UDP port to be open on the router, so they don't suffer of this problem.

  • What you expect to be happening.

Zerotier on linux should check if port 29994 is already redirected to another IP, and in that case, choose a random port that is available.

  • What is actually happening?

Zerotier on linux machines keeps overwriting the redirection of port 29994 to it's own IP, without regards if that port is already redirected to another IP.

  • Any steps to reproduce the error.

Install zerotier 1.8.7 on 2 debian linux machines on the same LAN, with the same Router as gateway. Stop zerotier on booth. Start zerotier-one on machine A, and watch external port 29994 being redirected to machine A IP (as it should), using upnpc -l. Start zerotier-one on machine B, and watch external port 29994 being redirected to machine B IP, using upnpc -l, and machine A redirection disappears, essentially cutting off direct UDP WAN inbound connection to machine A IP.

  • Any relevant console output or screenshots.

N/A

  • What operating system and ZeroTier version. Please try the latest ZeroTier release.

OS: the 5 machines I have run a mix of Debian 9, Arch Linux and Centos 7 Tried with zerotier 1.8.7, the latest available on Debian repository.

hradec avatar Apr 13 '22 19:04 hradec

as a workaround, I have created a local.conf file where I set different custom secondary ports for each zerotier machine, and setup a crontab to open the custom ports in case they are not open, as it seems zerotier-one won't open custom ports automatically when they're setup on local.conf.

hradec avatar Apr 13 '22 19:04 hradec

The patch above should fix both of your issues. Sounds like you've got a router with a funky UPnP implementation. A sane router should map a separate external port to 29994 for each machine like so: image

The patch randomizes the port used for UPnP rather than making it deterministic and ending up with multiple on the same port. Also fixes the portmapper not running on manually specified tertiary ports.

glimberg avatar Apr 13 '22 20:04 glimberg

What kind of router are these machines behind?

laduke avatar Apr 13 '22 21:04 laduke

Closing this due to age and the suspicion that the issue was resolved with the patch above. Please re-open if this is still a problem. Thanks.

joseph-henry avatar Mar 22 '23 23:03 joseph-henry