ZeroTier in iocage jail won't work

Merlijn

Dabbler
Joined
Apr 5, 2014
Messages
13
Hi all!

Before the upgrade to 11.2 I used the FreeNAS gui to create warden based jails. Installing ZeroTier in them was rather simple:

1. Install ZeroTier
2. Run the service
3. Join your ZeroTier netwerk
4. Et voila!

But now as I am trying to migrate all stuff I have in warden jails to iocage jails, it isn't as straightforward anymore. ZeroTier can't connect to the network and I think this is because the iocage jail doesn't have the correct privileges. I also think ZeroTier can't access the ZT network device, but I am not sure. I tried the virtual vnet adapter and most combinations of checkbox privileges that seemed reasonable, to no avail.

Some errors/outputs:
Code:
# zerotier-one -d
ERROR: unable to configure virtual network port: cannot find /dev node for newly create tap device

# service zerotier start
zerotier already running? (pid=89858)

# zerotier-cli listnetworks
200 listnetworks *network* *mac* PORT_ERROR PRIVATE -

# zerotier-cli status
200 info *network* 1.2.12 OFFLINE



I have zero experience with iocage and could not find any helpful resource on the internet on ZeroTier in iocage jails. Does anyone here use ZeroTier and if so, how do you configure the jail to make it work? :)

Some system information (as per forum rules):
- FreeNAS-11.2-RELEASE-U1 (clean install)
- Intel Xeon E5-1650 v4
- 64 GB RDIMM
- 8*8 TB in raidz3 (on IBM M1015)
- Intel X520-DA2 (LC 10 Gb/s)
- No VLANs, LACP or other added complexities

If you need more information, let me know :smile:.
 

Merlijn

Dabbler
Joined
Apr 5, 2014
Messages
13
Does anyone have a pointer for me to look in to? I would really like to use the new iocage jails, but we won't be able to manage them from our zerotier network this way.
 

Bigsby

Dabbler
Joined
Jun 11, 2019
Messages
17
So this issue has now been resolved & my ZeroNet now shows as online. How do I get SMB shares to pass across it?

edit: turns out ZeroNet is installed by default as of FreeNAS-11.0-RC2 so no need to jail it! from testing it seems to work pretty well.
Currently it is command line only
 
Last edited:
Top