Use a Raspberry Pi as a bridge into my home LAN. The pi is plugged into a switch, which is plugged into an airport express, which is plugged into a cable modem; Nothing fancy.
This isn't a tutorial. Just some example output from a working setup.
off the top of my head, here's the order I would do it in:
- make sure plain old device to device zerotier is working with my LAN/Router/Firewall/ISP
- (STOP HERE to troubleshoot first if not^)
- connect keyboard and monitor to pi, or get ready break networking and lose ssh to your pi a few times.
- know what subnet my physical LAN uses (192.168.82.0/24)
- know what my physcial LAN dhcp range is (192.168.82.101 - 192.168.82.200)
- create network at my.zerotier.com
- set up managed routes and address ipv4 auto-assign; make sure it doesn't overlap with the physical dhcp server range.
- install zerotier (on pi)
- join pi to zerotier network (on pi)
- set allowManaged=0 (on pi )
sudo zerotier-cli set <networkID> allowManaged=0 - authorize pi (at my.zerotier.com)
- check bridge and do not auto-assign, just on the pi (at my.zerotier.com), in the wrench icon
- write out /etc/network/interfaces (on pi, see below)
- restart networking
- should be working now
- join a phone or something and test (over LTE)
- power cycle pi and see if it works without any manual intervention
sudo zerotier-cli listnetworks -j
[
{
"allowDefault": false,
"allowGlobal": false,
"allowManaged": false,
"assignedAddresses": [],
"bridge": true,
"broadcastEnabled": true,
"dhcp": false,
"id": "93afae5963d77bcd",
"mac": "ce:d8:4e:df:da:41",
"mtu": 2800,
"name": "nachos deer",
"netconfRevision": 361,
"nwid": "93afae5963d77bcd",
"portDeviceName": "zt0",
"portError": 0,
"routes": [
{
"flags": 0,
"metric": 0,
"target": "192.168.82.0/24",
"via": null
}
],
"status": "OK",
"type": "PRIVATE"
}
]
cat /etc/network/interfaces
# interfaces(5) file used by ifup(8) and ifdown(8)
# Please note that this file is written to be used with dhcpcd
# For static IP, consult /etc/dhcpcd.conf and 'man dhcpcd.conf'
# Include files from /etc/network/interfaces.d:
source-directory /etc/network/interfaces.d
auto eth0
iface eth0 inet manual
auto br0
iface br0 inet static
address 192.168.82.5
netmask 255.255.255.0
gateway 192.168.82.1
dns-nameservers 127.0.0.1
bridge_ports eth0 zt0
bridge_fd 0
bridge_maxage 0
ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP group default qlen 1000
link/ether b8:27:eb:2c:c1:8c brd ff:ff:ff:ff:ff:ff
3: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether b8:27:eb:2c:c1:8c brd ff:ff:ff:ff:ff:ff
inet 192.168.82.5/24 brd 192.168.82.255 scope global br0
valid_lft forever preferred_lft forever
inet6 2605:e000:160d:4587:ba27:ebff:fe2c:c18c/64 scope global mngtmpaddr dynamic
valid_lft 604583sec preferred_lft 604583sec
inet6 fe80::ba27:ebff:fe2c:c18c/64 scope link
valid_lft forever preferred_lft forever
4: zt0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 2800 qdisc pfifo_fast master br0 state UNKNOWN group default qlen 1000
link/ether ce:d8:4e:df:da:41 brd ff:ff:ff:ff:ff:ff
inet6 fe80::ccd8:4eff:fedf:da41/64 scope link
valid_lft forever preferred_lft forever
brctl show
bridge name bridge id STP enabled interfaces
br0 8000.b827eb2cc18c no eth0
zt0
Hi
I made a small gist based on yours for VPN type: https://gist.github.com/ort163/787000d371dae49a4a399b0f6a7aab56
Thanks all of you.