I have a confession to make: I am not currently using ZeroTier. It turns out that in this respect I am in a minority among my peers at Networking Field Day 27 and after listening to a great introduction to ZeroTier by company founder and original software author Adam Ierymenko, I now know that I need to change this.
ZeroTier facilitates the creation of an arbitrarily distributed virtual ethernet switch through which devices can communicate. Since it’s not immediately obvious what that means, here are a few scenarios where ZeroTier can provide a solution:
Imagine that you want to access your home network when you’re out on the road. ZeroTier can hook you up.
What if you would like compute instances in multiple cloud providers to be able to communicate directly with one another as if they were on the same VLAN? What if you could also allow your developers to connect to that VLAN and seamlessly access the compute instances without any knowledge or care about which cloud provider is hosting the instance? Or maybe you’d like the cloud instances to appear as if they were on the data center VLAN? ZeroTier can do that.
Wouldn’t it be nice to host a backup device in a remote location but have it appear as if it were connected to your local network? ZeroTier supports that.
Multiple WAN Connections
It would be nice to be able to benefit from multiple connected WAN connections to aggregate bandwidth or provide redundant transmission is packet loss is a concern. That sounds a little bit like SD-WAN, and ZeroTier offers this.
Want to game with your friends anywhere as if you’re all on the same ethernet LAN? ZeroTier lets you do that.
There are so many potential ways to use ZeroTier, it’s actually difficult to know how to mention just a few without underselling the power of the solution.
Ease Of Use
During the NFD27 presentation, I installed the ZeroTier client, entered the network ID for a public demo network (networks are typically private by default) and was up and running in under a minute and able to connect to other connected devices around the world. It’s hard to argue with that kind of simplicity. The client can connect to multiple networks, too. In fact, the simplicity of the ZeroTier solution is something I heard from a number of people who use the product.
At its core, ZeroTier creates encrypted point to point layer 2 tunnels between devices. ZeroTier’s Root Servers (on the Internet) manage endpoint registrations and broker the metadata necessary to allow endpoints to communicate directly with one another when needed (and you can run your own root servers if you prefer). The connections between endpoints, interestingly, really do appear as layer 2 and thus can support most protocols which run on an ethernet LAN, not just IP. Additionally, with ZeroTier’s multicast/broadcast support, protocols like mDNS work fine too. I guess ZeroTier can be thought of as a kind of protocol-independent VXLAN which works over the Internet (IPv4 and IPv6 are both supported).
A ZeroTier client is available for a pretty wide variety of platforms, including:
- Apple IOS
- Linux (deb/rpm)
- NAS devices
- WD MyCloud
- Mikrotik, as part of the standard RouterOS installation
- OpenWRT (a community build)
ZeroTier’s source code is available under a Business Source License (basically, not for use in a commercial application or for reselling the service) so it’s possible to attempt compilation on other platforms.
ZeroTier provides SDKs (libzt/libztcore) so the capabilities can be embedded easily into applications (noting that commercial products require licensing). The git repo shows SDKs for C, C#, Java, Python and Rust, and in the presentation I noted down that golang was also available (I am confirming this with ZeroTier).
Update: Golang does not have an SDK; however it does have an API client for the Central Network Management Portal API, which allows configuration of networks and thus enables integration with automation workflows (including Terraform).
ZeroTier is free for up to 50 member devices (with only a single ZeroTier administrator account) if you are using the ZeroTier public root servers. For those who want to self-host a controller, it’s free and unlimited. The compromise on this amazing value is that it comes with community support only.
For those wanting proper support, a Professional plan for 500 network member devices is $49/month, and allows up to 10 ZeroTier administrator accounts. Enterprise plans are also available.
Call it “freemium” if you want, but the Basic plan with up to 50 member devices at not cost is a superb way to get into ZeroTier and experiment with what it can do. And at under $50 per month, the paid offerings are incredibly good value.
There’s so much more to ZeroTier for those who want to push the product’s capabilities and I plan to come back on these in a future post. I was genuinely excited by what I heard in the presentation and even more delighted that it was coupled by confirmations from actual users of the product that it really is as good as it sounds.
Adam Ierymenko gave a great presentation to NFD27; lots of content, targeted squarely at geeks and very clearly presented. His presentation on ZeroTier is certainly up in the Top10 I’ve seen at Field Day events, and I strongly recommend viewing it. At the time of posting the video link is not available yet, but I will update this post as soon as it is, as I know many of my readers will thoroughly enjoy it.
For now, it’s time for me to go play more with ZeroTier! Two excited thumbs up for this one.