From eeab1c8f79ece3daef6d506a6ad9159261036204 Mon Sep 17 00:00:00 2001 From: travisladuke Date: Wed, 4 Sep 2024 14:59:48 -0700 Subject: [PATCH 1/5] Add link to faq-windows --- docs/faq-windows.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docs/faq-windows.md b/docs/faq-windows.md index a455b865..217cf06a 100644 --- a/docs/faq-windows.md +++ b/docs/faq-windows.md @@ -37,6 +37,10 @@ If the purpose of your ZeroTier network is solely remoting into office workstati [Client Isolation Rules](./faq-rules.md#client-isolation) and [RDP Only Rules](./faq-rules.md#remote-desktop-only-rdp-only) ::: +### System Service Not Reachable by UI + +[System Service Not Reachable by UI](./windows-service-unreachable) + ### Resolving `Port Error` {#port-error} If you're seeing `PORT ERROR` on Windows, it's likely that the driver did not get installed correctly for some reason. To fix this, navigate to From 2d3b34cb2a22f38ce7082f6135dd6a5cc18f7b15 Mon Sep 17 00:00:00 2001 From: travisladuke Date: Wed, 4 Sep 2024 15:01:10 -0700 Subject: [PATCH 2/5] Add Windows Service Unreachable to sidebar --- sidebars.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sidebars.js b/sidebars.js index d2fa548c..7f6b3ea5 100644 --- a/sidebars.js +++ b/sidebars.js @@ -170,7 +170,7 @@ module.exports = { description: 'ZeroTier on Windows', slug: '/windows', }, - items: ['faq-windows', 'chocolatey', 'winget', 'windows-lan-game', 'windows-unknown-node-id'] + items: ['faq-windows', 'chocolatey', 'winget', 'windows-lan-game', 'windows-unknown-node-id', 'windows-service-unreachable'] }, /* ANDROID */ { From d114cfb3e81254baf88da049df79a719fca755ba Mon Sep 17 00:00:00 2001 From: travisladuke Date: Wed, 4 Sep 2024 15:07:24 -0700 Subject: [PATCH 3/5] Add more info to Windows Service unreachable --- docs/windows-service-unreachable.md | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/docs/windows-service-unreachable.md b/docs/windows-service-unreachable.md index 04365052..b7100190 100644 --- a/docs/windows-service-unreachable.md +++ b/docs/windows-service-unreachable.md @@ -26,3 +26,21 @@ ZeroTier should now be reachable by the UI client when you restart it. ## Why does this happen? Not entirely sure. IP helper service is a windows service that provides tunneling for IPv6 over IPv4. IP helper grabs 9993 before ZeroTier can. The issue persists through reboots. In the resource monitor, you can see which ports are bound to which services. IP helper is the culprit. + +Do you use Docker or WSL and ZeroTier? One of those might be reserving the port in IP Helper. + +Try this in a Admin Powershell + +```sh +netsh interface portproxy show all +``` + +is 9993 in the results? + +Try to delete the entry + +```sh +netsh interface portproxy delete help +``` + +Or try killing Docker or WSL and see if the problem goes away. [Let us know](https://discuss.zerotier.com/c/community-support/8) what you find out. From 48c36be1023276e72b8c94b474585963b6ce16d1 Mon Sep 17 00:00:00 2001 From: travisladuke Date: Wed, 11 Sep 2024 12:45:55 -0700 Subject: [PATCH 4/5] Add some troubleshooting steps closes #193 this isn't perfect, but it can be updated. I need to send it to someone. --- docs/troubleshooting.md | 53 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 53 insertions(+) diff --git a/docs/troubleshooting.md b/docs/troubleshooting.md index 9d615f18..45e133f5 100644 --- a/docs/troubleshooting.md +++ b/docs/troubleshooting.md @@ -136,3 +136,56 @@ The new node ID will have be re-authorized on any networks, and the node's manag - Delete peers.d too - Start the service + +## Troubleshooting Connection Issues + +It can be a little tricky to figure out why something isn't working. We'll try to improve this. Unfortunately you need to use the [CLI](cli) to troubleshoot. + +It's a peer to peer system, so we might need to check 2 or more nodes to deduce where the problem is. + +Go through these steps and see [corporate firewalls](corporate-firewalls) and [Router Tips](routertips) for more explanation. + +### Peers List + +Check this command on both peers + +`zerotier-cli peers` + +If one device has many "RELAY" connections, it's having a hard time connecting to things. + +If the connections to the PLANETs are RELAY, the node is having a very hard time. UDP traffic may be blocked. + +### Status + +`zerotier-cli info` it eventually says "RELAY" instead of "ONLINE" if UDP traffic is blocked. + +### Checking for Symmetric NAT + +`zerotier-cli info -j` + +Look at the "listeningOn" and "surfaceAddresses". If the surfaceAddress list large is constantly growing for each node you `ping`, this node may be behind Symmetric NAT. Other devices will have a hard time connecting with it. +See [corporate firewalls](corporate-firewalls) for more info on Symmetric NAT. + +Ideally there is 1 surface address for each listening address/port. + +For a simplified example, if your computer only has 1 network interface and IP address, `listeningOn` will look like this: + +```json +"listeningOn": [ + "192.168.100.193/9993", + "192.168.100.193/55957", + "192.168.100.193/30431" + ] +``` + +then the `surfaceAddresses` should have only 3 entries + +```json +"surfaceAddresses": [ + "198.51.100.9/24/9993", + "198.51.100.9/30431", + "198.51.100.9/2785" + ], +``` + +Usually there is more going on in these entries and it can be hard to read. The output of `zerotier-cli dump` contains this information. If you send it to us, we can read it for you. From f95736d94701869908a3f904404731c852b68ccb Mon Sep 17 00:00:00 2001 From: Joseph Henry Date: Thu, 12 Sep 2024 16:24:25 -0700 Subject: [PATCH 5/5] Add multithreading blurb (#195) * Add multithreading blurb * Make linter happy --- docs/multithreading.md | 33 +++++++++++++++++++++++++++++++++ sidebars.js | 2 +- 2 files changed, 34 insertions(+), 1 deletion(-) create mode 100644 docs/multithreading.md diff --git a/docs/multithreading.md b/docs/multithreading.md new file mode 100644 index 00000000..cde784f1 --- /dev/null +++ b/docs/multithreading.md @@ -0,0 +1,33 @@ +--- +title: Multithreading +description: Enable ZeroTier to use multiple physical cores +--- + +As of version `1.14.1` ZeroTier is capable of utilizing more than one CPU core for traffic processing. This enables greater total throughput and more efficient use of machines handling large amounts of traffic. + +:::info BETA +This is currently a beta feature and we welcome any feedback and/or test results. For now it is only available for Linux and is disabled by default. It will be ported to FreeBSD, macOS, and Windows in a future release. +::: + +The feature requires manual activation using the `local.conf` file in the same home directory that stores your node’s identity files. If that file is not already present, create it. + +### Example usage + +```json title="Example local.conf" +{ + "settings": + { + "multicoreEnabled": true, + "concurrency": 2, + "cpuPinningEnabled": true + } +} +``` + +*[See here](https://docs.zerotier.com/config) for more info on how to configure the client using `local.conf`* + +### Tip for success + +It is recommended that you choose a concurrency level that is reflective of the actual number of physical (not virtual) cores on your machine. For instance, if `nproc` reports `4`, set a concurrency level of `2`. Additionally, enabling [pinning](https://en.wikipedia.org/wiki/Processor_affinity) seems to improve performance in more cases than not. + +Multithreading is unlikely to improve performance over the Internet but will over a physical LAN in most cases. diff --git a/sidebars.js b/sidebars.js index 7f6b3ea5..92e8c587 100644 --- a/sidebars.js +++ b/sidebars.js @@ -227,7 +227,7 @@ module.exports = { description: 'ZeroTier is designed to operate on resource constrained devices and under 16MB of memory.', slug: '/iot', }, - items: ['lbm', 'compatibility', 'bridging', 'proxy', 'route-between-phys-and-virt'], + items: ['lbm', 'multithreading', 'compatibility', 'bridging', 'proxy', 'route-between-phys-and-virt'], }, /* FreeBSD */ {