No video
🤖Testing out the Ethernet Switch of the Planet! ZeroTier ft. MikroTik!
Рет қаралды 46,022
Күн бұрынHello and welcome! In this video we will be looking at how to connect a MikroTik device using RoSv7.1RC7 to ZeroTier an amazing "ethernet of the world" solution.
You will be shown how to enable ZeroTier, add a ZeroTier interface, accessing a MikroTik via ZeroTier and even how to do some routing via ZeroTier. Enjoy!
Support the Channel:
⭐Become a Patreon: / thenetworkberg
⭐Become a KZfaq Member: / @thenetworkberg
Social Media:
🌏 thenetworkberg...
🌏 / thenetworkberg
🌏 / bergnetwork
🌏 / the-network-berg-39451...
MTCNA Playlist:
• Free MTCNA RoSv6
Timestamps:
00:00 - Introduction
00:19 - Zerotier Overview
01:21 - MikroTik requirements
03:05 - Enable ZeroTier
04:39 - ZeroTier network setup
06:51 - MikroTik ZeroTier interface
08:56 - Windows Client ZeroTier
11:10 - Routing via ZeroTier
Credits:
Thumbnail: Created on Canva
Intro: Created on Canva
Thanks again for watching
@TheNetworkBerg 2 жыл бұрын
ZeroTier documentation: docs.zerotier.com/zerotier/manual
@ap5672 2 жыл бұрын
This is incredible. I have an MT in my parents house that I cant manage from public due to not having access to the provider's modem to open the correct ports. This should solve the problem! Fantastic.
@DanielChagasrs 2 жыл бұрын
I'm using ZT with a hAP Ac². Simple to configure and works fine. Performance is much better than the solution I was using before (L2TP on a Raspberry pi).... the only downside is Winbox wont show ZT1 interface and mark the rules and routes as "unknow" ... Would be great to have Zerotier available for other plataforms (mips, mipsbe, x86)..
@albanselaj733 2 жыл бұрын
Awesome lab, explained precisely and clear as crystal by the BERG.
@user-wl1df8tm8y 2 жыл бұрын
Thanks so much, ZeroTier is really amazing!
@fadelmawas6274 2 жыл бұрын
Thank you !!! You and ZeroTier just made my life easier. No more vpn connections, now I have multiple devices from different locations all connected in the same network. I just wish they will bring ZeroTier on MIPS CPU's, I had to use my wifi cAP AC with ARM CPU and additional static routes to home MIPS router to bring ZeroTier in my lan.
@TheNetworkBerg 2 жыл бұрын
Great to hear! I honestly wish for the exact same thing from MikroTik.
@emulemodes7660 2 жыл бұрын
Alternative solution for the mips. Raspberry Pi Zero W is possible with USB LTE connection. Both ARM-based Container installation and the opportunity to connect to all devices on the Mikrotic network via Zerotier.
@johnkaldas9285 2 жыл бұрын
Thanks for the video! I was exactly looking for this content, a video that can show me if zerotier is something that I can benefit from or not before digging deeped.
@haideidaniel6278 2 жыл бұрын
Thank you for the lessons
@McGLuckyLuke 2 жыл бұрын
Dankie vir wat jy op die youtube channel doen word baie waardeer.
@TheNetworkBerg 2 жыл бұрын
Dankie vir boodskap en ondersteuning Andre, waardeer dit ook werklik baie!
@Citricut2 Жыл бұрын
I have extended my home lan into another site 2000km away using two raspberries as edge devices and it is awesome, totally outperforms OVPN tap. Next step will be to replace the rasps with proper mikrotiks. It would be cool if you can comment on throughout via WAN. I can only reach 42Mbps due to CPU capacity of the rasps, interesting to know performance on the mikrotiks.
@dvreshta 2 жыл бұрын
this was very special. Thanks, indeed
@rguifa Жыл бұрын
Excellent video, I just subscribed to your channel.
@YTBySIB 2 жыл бұрын
I like that video when you describe what you plan to do, what this do etc. On livestream of OSPF&BGP is chaos :). Please not press Apply and OK where only OK do the job - you learn other people to do that "stupid" action, be smart teacher !
@dhanikaathukorala8473 2 жыл бұрын
Hi Network Berg Ty for this video. I am able to ping the MK router from a PC on the ZT network but I cannot get to a PC behind the MK router from a PC on the ZT network (the MK router doesn’t seem to be allowing traffic to devices within its subnet). Is there something I am missing … I am trying to access PCs behind the MK from ZT network without having to install ZT on those PCs.
@ismashkhy 2 жыл бұрын
you need to have a routing entry for those network behind ZT on the MK routing config. Add those dest zt subnets, gw=the next hop ip address.
@happyhome64 2 жыл бұрын
@@ismashkhy I'm in the same boat...can ping the MK router, but not other devices behind the MK router. Would you be able to elaborate a bit on what is needed?
@ismashkhy 2 жыл бұрын
@@happyhome64 I dont know if theres a way with ZT to add a remote subnet and point for a gateway, if there is, you can add those lan subnet behind the MK, then add the gateway ip (you said you can ping), then with MKtik do the other way around.
@mockingrbird 2 жыл бұрын
same here! Please post a solution if you find it.
@Vikingza 2 жыл бұрын
Thank you for a great video, what rules do you use on your firewall?
@makka5082 4 ай бұрын
well done ....i wana to access my devices as loccal via zero tier
@coccigelus 2 жыл бұрын
Hello very interesting video. I would like You make a follow up when 7.2 stable will be available with new tweaks. Beside a ropic I would be very interesting is UPNP for MK. This is also recommended by ZT.
@tibuuso 2 жыл бұрын
Would love to see your videos on released ROS v7's new features.
@ap5672 2 жыл бұрын
Interesting observation. ROMON does not seem to work through 0T. I don't need ROMON to work through 0T but interesting nonetheless. Perhaps it is a similar issue with ROMON not working through Unifi switches.
@johnheusinger2113 2 жыл бұрын
This is great. Thanks!
@DrMitsos 2 жыл бұрын
How to expose from Mikrotik side all LAN devices to ZeroTier?
@diegkol 2 жыл бұрын
Very cool!
@alexbanda4982 3 ай бұрын
I have my zerotier configured on two mikrotik routors Point to point using starlink internet but my VPN is too slow, where am i getting it wrong Boss?
@TheMchip 2 жыл бұрын
this is so awsome!!!!
@QTR-md7qx 2 жыл бұрын
thank you for you information i setup my mikrotik with zerotier and its work great can i use zerotier with pbx like greandstream so i can use my iPhone as extinction
@oxoqunb5741 2 жыл бұрын
might be exciting if you could also do tailscale in comparison to zerotier
@DimitriPappas 2 жыл бұрын
agreed. but unfortunately mikrotik doesn't support tailscale yet. which is a bit awkward because it does support wireguard (which tailscale is built on).. Hopefully we'll be able to choose between zerotier or tailscale
@andrewbehindmountains2948 2 жыл бұрын
Good tutorial thanks for it. Please any hints considering more MKs on local LAN how to access all MKs on this LAN via winbox considering just on of it is zerotier interface enabled? How to reach more local ip addresses?
@Tad3j 2 жыл бұрын
Crazy! Awesome!!
@TheNetworkBerg 2 жыл бұрын
Very awesome indeed!
@so_zemlji 2 жыл бұрын
It's like EoIP cloud server.
@TheNetworkBerg 2 жыл бұрын
That's a pretty good comparison, though unlike EoIP which is MikroTik proprietary this is more available and I find it amazing that you can connect stuff like server infrastructure and your MikroTiks together via ZT.
@itzizag2280 2 жыл бұрын
awesome.
@kennymilestech1576 Жыл бұрын
Dear, @The Network Berg. I have tried installing zerotier on my mikrotik CCR1009-7G-1C-1S+ i have failed is there a way of going about it. Have tried methods, upgrading to RouterOs 7.7 , have also tried uploading it from the extra packages. What am i missing here.🤔🤔
@TerryPullen 9 ай бұрын
I don't think that router has an ARM chip, and ARM is a requirement.
@dencold8354 Жыл бұрын
how to check the zero tier address in mtk?
@SavannahTL 2 жыл бұрын
is there a way to force the zerotier traffic to only use WAN2 instead of wan1?
@TheNetworkBerg 2 жыл бұрын
Should be possible with some smart mangle rules. I would suggest either looking at ZT's documentation or running a packet capture on the Tik to see which protocols/ports are being used and based off of that you can setup mangle rules to push that traffic over Wan2.
@rodneymoore465 2 жыл бұрын
hey good videos any chance you be covering raduis
@green-media-pl 2 жыл бұрын
and if I want to pass all traffic through mikrotik, should I just set 0.0.0.0/0 for destination?
@nicoladellino8124 2 жыл бұрын
Nice video, TNX
@engjamesmbugua8926 2 жыл бұрын
Helo The Network Berg.Am trying to install the Zerotier in my mikrotik 3011 running v7.1.1 with zerotier v7.1.1 but its not working.Kindly help
@Mike65 2 жыл бұрын
Hi TNB, het jy al probeer om twee tiks na mekaar te route op ZeroTier?
@ebrambadpa Жыл бұрын
Hello, I live in Iran and our government has filtered the internet and we don't have free access to the internet. I was able to get a German Hetzner server (Ubuntu) and my router is Mikrotik. Is there a way to tunnel between these two with zerotier and be able to Should I use free and unfiltered internet?
@abidalikadiwala2028 4 ай бұрын
I have done this but the data transmit limit is only 20 Mbps at all. Is there any setting for it to increase ?
@tommyking626 9 күн бұрын
zerotier weakness is single threaded.what device you use?
@bushcraft.azerbaijan Ай бұрын
Thanks so much
@Arayankodesouth 2 жыл бұрын
awesome. Just subsribed.
@TheNetworkBerg 2 жыл бұрын
Thanks for the sub!
@rhb.digital 2 жыл бұрын
any tutorial using ZeroTier with DNS / AD ? .-) if possible
@samrust8020 2 жыл бұрын
Can I convigure IKEv2 between Mikrotik and CISCO ASA please? if yes, please make a video and which Mikrotik hardware you recommend.
@TheNetworkBerg 2 жыл бұрын
I don't see why not, I configured NordVPN using IKEv2. Though I do not currently have a video regarding this, the concept should be fairly similar to the NordVPN setup it's all about selecting the correct P1 & P2 configurations.
@mansfieldj.pokana7720 Жыл бұрын
Love it
@uncooperative-reality 2 жыл бұрын
Oh, dang! I have two mikrotik routers and neither of them are ARM architecture. Is it true that ZeroTier is NOT IN all versions of RouterOS v7? Only in ARM architecture hardware? If so, can you do a short video talking about the differences? You got me jazzed about ZeroTier, and now I'm thinking I have to buy a new router. Thanks for your excellent videos, by the way.
@TheNetworkBerg 2 жыл бұрын
Hi Steve at the moment yes, unfortunately only ARM & ARM64 architecture supports ZeroTier. Though I can almost assure you it will become available for all other models once MikroTik releases updates to v7 which officially released last week. So hopefully you can add ZeroTier to all your devices in the next update.
@emulemodes7660 2 жыл бұрын
Alternative solution for the mips. Raspberry Pi Zero W is possible with USB LTE connection. Both ARM-based Container installation and the opportunity to connect to all devices on the Mikrotic network via Zerotier.
@KcYukon 10 ай бұрын
@@TheNetworkBergDarn it I was excited until I realized it's not working... when I upload the file to the v7.1.1.2 I reboot but it doesn't show in the package list... any ideas what's the cheapest mikrotik with ARM technology?? I assume mine just don't cut it.....??? I'm running V7.11.2 on HAPPY ax^2 (ARM64) but no madder how many times I try it don't show in package list :(
@zyone04 2 жыл бұрын
Nicee, im from Indonesian
@mgulan 2 жыл бұрын
Nice video 👍. I saw in your video that IP address of zerotier interface is "unknown", it should be zte1, bug On ROS?
@TheNetworkBerg 2 жыл бұрын
On the GUI sort of, once version 7 actually releases then it should show the ZeroTier interface that you created, but the GUI has no idea where this interface is so it just shows an "unknown" interface.
@camelleon2607 2 жыл бұрын
@@TheNetworkBerg It is showing up for a second as "zerotier1" and disappearing. I hope they will fix it ASAP
@shalak001 2 жыл бұрын
ZeroTier provides no encryption, right? If I use it to connect from outside, to my HTTP services behind mikrotik router it will all go through plaintext, right? I have no public IP on my mikrotik, so to be secure and private, I should use ZeroTier to reach mikrotik's IP and then connect to this IP with wireguard? Do I understand this correctly?
@TheNetworkBerg 2 жыл бұрын
Hey Mirek, I think someone already explained to you how ZT works with encryption. But in essence traffic is not plaintext.
@shalak001 2 жыл бұрын
@@TheNetworkBerg Indeed. Thanks for confirmation and thanks for all the knowledge-rich content you create!
@mactv7342 Жыл бұрын
will this work on my Haplite sir?
@TheNetworkBerg Жыл бұрын
Unfortunately not, need at least ARM or ARM64 architecture, Hap lite is SMIPS
@srh_btk 2 жыл бұрын
Hi, Berg. Thank you for the lesson. But how do you think is technology like this will substitute the common IPsec vpn ?
@GpconnectInfohotspot 2 жыл бұрын
@@cctech298 nebula from slack look like a better alternative since it's less centralized ! but development seem kinda slow !
@srh_btk 2 жыл бұрын
@@cctech298 the same situations. Cisco was my first vendor that I learned thoroughly. But now I've got already the second MikroTik certificate. It's really impressed vendor.
@TheNetworkBerg 2 жыл бұрын
I think all services have their place and that ZeroTier serves a specific niche and is awesome. One thing I would like to do is add a few devices running ZeroTier to connect via LTE into ZeroTier so that I can setup a type of OOB network should I lose access to my core devices. It saves me a trip to the DC if there is some configuration issue. I've also worked on most of the major vendors equipment, Cisco, Juniper, Huawei etc, MikroTik is by far the only device I have been able to tune to do exactly what I want at times. It is an amazing "Swiss Army Knife"
@zbcochran1 2 жыл бұрын
I love this video. Great job explaining what ZeroTier does and how to configure it. Looking forward to more MikroTik videos!
@stefanelul2000 2 жыл бұрын
Is there a way you can join the ZT network to OSPF so that you won't have to manually publish routes to subnets that you want to make available ?
@TheNetworkBerg 2 жыл бұрын
I can't see why not, although I would have to lab this on two different ARM/ARM64 routers as ZT is currently only available on that hardware and I only have access to one router that works with ZT :(
@stefanelul2000 2 жыл бұрын
@@TheNetworkBerg Actually I have done some testing on one of my devices. So the HQ router is ARM so I have installed ZT on it. I have OSPF setup with my other branch office routers and by joining the ZTNA network in the OSPF backbone I was able to reach all of my subnets even from other networks. Now I am not 100% sure on my testing as I do not have a machine outside of my network.
@reanitkhmer3325 Жыл бұрын
Zerotier need public ip or not ? Thanks
@TheNetworkBerg Жыл бұрын
No, ZT works behind natted connections which makes it very useful.
@unaibas4676 2 жыл бұрын
Hi!! Very interesting video. Have you made an speed test over SMB between a pc behind mikrotik and other device of Zerotier? If I try that, the speed is very slow (about 3MB/s) and If I transfer a file between other devices in Zerotier that are not behid a Mikrotik the speed is optimal (depends of the fiber line but much better..). What can you say about it???
@TheNetworkBerg 2 жыл бұрын
Have you tried testing with anything besides SMB? I've ran Iperf3 tests between two hosts connected through the ZeroTier tunnel and I am getting the expected speeds. I was getting around 43Mbps to a remote fibre link that is connected to a 50Mbps Fibre and is also doing other traffic besides my Iperf3 test. So this looks good to me.
@unaibas4676 2 жыл бұрын
@@TheNetworkBerg I've only done tests with SMB but it has been strange to me that the transfer of files from one device to another that is behind a Mikrotik is much slower than other devices that are directly connected in Zerotier. I did this with a 600/600 fiber line. But the difference is enormous. From 3-4MB/s to about 50-60MB/s PC -> ZT -> PC: 50-60MB/s PC -> Mikrotik hAPac2 -> ZT -> PC: 3-4MB/s I also set up Zerotier on a Ubiquiti EdgerouterX but the result was the same. So I suppose that perform slows down when we connect some router or firewall between the host and ZeroTier Network.
@TheNetworkBerg 2 жыл бұрын
@@unaibas4676 Yeah that is very strange, I can think of many possibilities. But I honestly couldn't tell you why you see those results, if you say you get the same results from other vendor's equipment like Ubiquiti then I imagine you could ask the question to the ZeroTier people directly as well.
@unaibas4676 2 жыл бұрын
@@TheNetworkBerg thanks anyway!!!
@easymoney1997 2 жыл бұрын
@@unaibas4676 uh 3MB/s = 24Mbps.......
@ramitaqwa3508 2 жыл бұрын
hello bro : can in install the package on mikrotik hap lite or not supported ?
@TheNetworkBerg 2 жыл бұрын
Unfortunately not. These are the architectures that are currently supported: ARM64 nRAY, CCR2004, LHGGR ARM cAP ac, CRS305-1G-4S+, CRS309-1G-8S+, CRS317-1G-16S+, CRS318, CRS326-24G-2S+, CRS328-24P-4S+, CRS328-4C-20S-4S+, Cube 60G ac, DISC AC, hAP ac², hAP ac³, LDF ac, LHG ac, mANTBox 52, NetMetal ac², RB4011, SXTsq (ac series), wAP 60G series, Chateau, RB3011, RB1100AHx4, Audience, RB450Gx4, wAP ac
@Mi_Fa_Volare 2 жыл бұрын
What makes that so different from a VPN?
@TheNetworkBerg 2 жыл бұрын
Well for starters it works seamlessly on devices behind a NATed connection and this operates at Layer 2 as well so you can actually do things like mac-telnet to a router on its virtual mac-address this is like connecting to a massive bridge in the cloud.
@Mi_Fa_Volare 2 жыл бұрын
@@TheNetworkBerg Isn't that what L2TP already does? Or its layer 2 function only in the layer 2 of underlay for encapsulation? Also, there's Ethernet over IP. It sends layer 2 signals over an IP adress. What about that? Is Zerotier to get around dynamic IP? Is it cheaper than fixed IP-Addresses on both ends? What is this service good for beyond testing and experiments?
@TheNetworkBerg 2 жыл бұрын
Sort of but not completely, it's more similar to VXLAN which allows us to extend broadcast domains across L3 connections. Being able to connect from a dynamic IP is one benefit yes but definitely not the only reason why you should be looking at ZeroTier, you can build awesome management networks, VPN tunnels or even extend the routing between two or more locations via the ZeroTier connection.
@sayeedurrahman4571 2 жыл бұрын
We need juniper tutorial, please make for us
@TheNetworkBerg 2 жыл бұрын
I can definitely look at doing some Juniper videos, are there anything specifically you would like to learn?
@NeerajLalu 2 жыл бұрын
Must have Arm processor not Mipse 🤔️😥️
@TheNetworkBerg 2 жыл бұрын
Yeah unfortunately :(
@D9ID9I 2 жыл бұрын
Another high-tech hole in your security.
@vinkenwood8233 2 жыл бұрын
I think better wil bee to land via ILS.
@hbirtt 2 жыл бұрын
No reason "not" to trust them, but I'm not seeing any protections from the ZeroTier system. Feels a whole lot like giving unknown people access to my systems, and they're offering it to us for free. hat have we learned about free? If you can't see where the money is coming from, you are likely the product. Very cool though, otherwise.
@TheNetworkBerg 2 жыл бұрын
Good point and understandable point of view, many people trust and use ZeroTier, though I am inclined to agree that if you are using the product freely then you are probably part of the product. Though it seems as if ZeroTier makes use of a freemium business model to try and lure bigger customers for a paid for solution seeing as how it's only free up to a certain point you are also offered priority support being a paid for customer. Where being a free one is more like "We'll get to it when we can "
Дима Масленников
Рет қаралды 7 МЛН
Sergio Outdoors
Рет қаралды 33 МЛН
Lawrence Systems
Рет қаралды 119 М.
Everyday Astronaut
Рет қаралды 947 М.
Wilmer Almazan / The Network Trip
Рет қаралды 155 М.
The Network Berg
Рет қаралды 170 М.
Дима Масленников
Рет қаралды 7 МЛН