Router: Overriding Default Route / Full Tunnel Mode

[wurst44]

Hi, thank you for your image and effort.

I am trying to connect to my remote network where your docker-router is running. I wanted to use the internet connection/gateway of home LAN for my clients (oversees). I saw this tutorial which seems to fit my requirement: https://zerotier.atlassian.net/wiki/spaces/SD/pages/7110693/Overriding+Default+Route+Full+Tunnel+Mode. Is this supported by your docker-router?

• your docker-router is connected to my zerotier network.
• my other client device is connected to my zerotier network
• both authorized
• I can ping to both sides
• client can ping other devices on home LAN
• I added a route 192.168.178.0/23 (phys home LAN subnet) via 192.168.194.123 (docker-router zerotier IP)
• I set override gateway on the client (oversees android) btw, I am using a proxmox LXC where docker is running, the Iface is eth0
• I can see the virt zerotier adapter also

When I connect a client to my network it is not using the remote gateway when checking ifconfig.me Any ideas? Thank you!

[Paraphraser]

I would need to see your routing table to be sure but it sounds like you either didn't set up a managed default route in ZeroTier Central, or there is some "trick" to accepting that route on Android like there is for iOS where you have to enable the connection, then enable acceptance of the default route, then disable and re-enable the connection (very tedious).

Over on the IOTstack Wiki I wrote some documentation which might help.

[Paraphraser]

@wurst44 further to what I wrote before, I should probably clarify that that Atlassian tutorial you mentioned could be a bit misleading. With Docker, routing is already enabled so you don't need to do it yourself. The zerotier-router container manages all the IPtables stuff so you would not want to duplicate it. And so on. The doco I pointed you at in my earlier reply really is all that is needed. Just pick the topology that is closest to what you want to achieve and follow it.

[wurst44]

Thanks for your quick response. I could not get it running. In addition I used a Win Client on a different WAN to eleminate the Android uncertainty. I also tried a plain ubuntu image and followed the zero tier instructions on routing/tunneling. No luck. Also not sure how to debug it (also with your router) . I ended up using a Socks5 proxy which works fine...