Zerotier strange arp entries

hi all, just caught tom’s video with kali the pi and zerotier. was not aware of zerotier before but had to check it out - blown away on how simple it was to get going. i have it running on 3 nodes for testing - all took about 5 min from zero (hehe) to connected. I noticed some strange arp entries in my arp cache. was wondering if anyone else noticed or knows why? i do have docker running on my laptop - not sure why some arp entries have attached to the docker interface - not sure why?

Compare the IPs to the items marked “PLANET” in the output of “zerotier-cli peers”. There is also going to be one “LEAF” that isn’t any of your nodes, its ID will match the first half of your network. All of these are just the infrastructure that makes ZeroTier work.

2 Likes

gotcha… i was getting nervous there were random nodes connected to my machine. lol.

`scott@dell:/etc/ssh$ sudo zerotier-cli peers

200 peers

3a46f1bf30 - PLANET 73 DIRECT 3002 2929 185.180.13.82/9993
5e00c3f7b2 1.4.6 LEAF 1 DIRECT 3002 3002 192.168.50.20/9993
62f865ae71 - PLANET 250 DIRECT 3002 2756 50.7.252.138/9993
778cde7190 - PLANET 42 DIRECT 3002 2959 103.195.103.66/9993
992fcf1db7 - PLANET 103 DIRECT 3002 2902 195.181.173.159/9993
af78bf9436 1.4.6 LEAF 91 DIRECT 363 363 35.236.126.191/44739
`

Yep.
And to answer your other question, why some of them were showing up on interfaces like docker0: Zerotier tries to reach every peer in a bunch of ways, even ways that wouldn’t make sense if you’re following the traditional rules of networking. So it does things like sending ARP requests for IP addresses on interfaces which don’t even have that subnet, because you never know what will happen. You can see in your ARP list that there isn’t a MAC listed, instead they say <incomplete>. That just means there was a recent ARP request sent out, and the kernel hasn’t timed out on it yet.

thanks for the detail - im blown away how easy it was to get a few nodes up and running. my linux machines seem solid and come right up after a reboot. seeing some strange behavior on macos though - when i come out of suspend it won’t reconnect. had to unjoin and rejoin evertime - havent had time to run that one down yet.

There’s one old bug report about a problem like that, and the only thing that someone reported as a fix is incorrect UPnP config on the router. I can see how that might be related, but doubt that’s your problem. Just a simple thing first - can you try to restart the zerotier service? I don’t know how that’s done on OSX. Or you could just put the commands to leave and join the network into a script so you can run it quickly as a workaround.

hey thanks again - was away for a few days on vaca and the problem doesn’t seem to be occurring now - its working flawlessly so far, like magic. i did reboot my mac in there so maybe that fixed it. there’s something super cool about just firing up at a remote location and being able to ssh straightaway to you raspberry pi at home - im a ZT fan so far. thanks for your help.