So I got zerotier to work but I cannot seem to figure out how to bind it to a specific interface like team0 so that it doesn’t run over my lan connection which should be enp7s0.
And as such I had to shut it down until I can figure out how to segment my traffic so that it doesn’t affect both ports on my or both interfaces on my server and does not affect my network traffic overall as I noticed that with it running my download speed was affected negatively on the server.
I am interested in setting up a VLAN possibly for my server but I’m not entirely sure how to do that on Ubiquiti and have it register on my server so it goes over a VLAN
Basically all I’m looking to do is set up a encrypted tunnel connection for streaming video from my server to wherever I am in the world with the best possible throughput and lowest latency.
Openvpn is too damn slow and wireguard does not support Windows clients.
I am leery about using algo as algo uses strongswan and wireguard and since wireguard does not have Windows clients I am not entirely sure how I’ll go would even function on a Windows PC
Wow, zerotier has commercial stuff now. I think zerotier creates a tap device for the vpn. This is not using a kernel modules for ipsec or tunnelling or iptables. When you send a packet to the device that zerotier created (the tap device), it routes the packet to the destination using the normal routing rules of your machine. It doesn’t bind to a particular device, but it does use the routing table for forwarding the packet. The kernel will select the appropriate route for the packet and send it.
The initial messages for registering the network with zerotier will want to route to the internet, to one of the superservers, or “moons”. The “moons” are rendezvous points that every machine uses to map the network nodes. Once the network is known, then the routes used are peer to peer. If you happen to have two nodes running on the same LAN, then it is possible that it will use the local network.
I think the protocol allows for node discovery which may use other peers as waypoints. I’m not quite clear on how this works, but I imagine it as a WAN version of the ARP protocol. When the kernel forwards an IP packet, it uses the ARP protocol to map an IP address to a MAC address of the ethernet card. In the case of zerotier, there is no ethernet protocol for ARP to work, so resolving IP addresses must use the “moons” for the network and peers for node discovery.