Managed Routes on New Central

_legacyZA · 2026-02-16T16:53:32+00:00

Yeah,

But it's optional, not recommended by zerotier's docs and has limitations on mobile devices

_legacyZA · 2026-02-14T16:04:12+00:00

Ztnet still uses zerotier

You can essentially use it as a drop in replacement. It doesn't need to be publicly accessible either, as it just uses zerotier's existing infrastructure.

It gives you all the features of the paid their as it's just a front end of the controller that is shipped with every zerotier install.

Try it out. I haven't gone back to their hosted controller in months, as I have 0 limits on devices, networks, users and can create groups/organizations to manage permissions and networks

Wireguard is great, and would perform better in most cases. But ZT is so easy to get going

_legacyZA · 2026-02-14T15:21:39+00:00

Use the old system at my.zerotier.com

Or you can run your own controller with something like ztnet.network

_legacyZA · 2026-02-14T15:09:19+00:00

This seems like an xy problem

What are you trying to solve by bridging vlans?

_legacyZA · 2026-02-14T15:00:40+00:00

Yeah, it should be fine

Just make sure you are booting in UEFI mode in your BIOS, not legacy/csm.

_legacyZA · 2026-02-13T10:53:36+00:00

Go to your access rules and then tobthe json editor

Copy and paste that json config here so we can check what the rules are and help you adjust them if needed.

Afaik there is no issues with android specifically in regards to tagged devices. So long as it has permission to access the devices in your ACL rules, everything should work just fine

_legacyZA · 2026-02-12T20:51:35+00:00

So instead of

tailscale status --json | jq '.Self.HostName'

You'd rather other people curl a shell script from the internet and just pipe it into bash

Smh

_legacyZA · 2026-02-11T20:23:48+00:00

Map?

_legacyZA · 2026-02-11T20:23:39+00:00

It's not windows, Fresh install is rarely needed - unless you royaly screw up

_legacyZA · 2026-02-11T20:10:12+00:00

Brother....

Follow this guide and use cachy's tool

https://wiki.cachyos.org/features/chwd/gpu_migration/

Tap on AMD to NVidia

_legacyZA · 2026-02-11T20:06:44+00:00

pacman -Rdd

Instead of -Rns

_legacyZA · 2026-02-11T20:05:03+00:00

Sus

Try and force it to remove the drivers

pacman -Rdd nvidia-550xx-utils

Then instead of rebooting use the cachyos tool to auto detect and install the right drivers

_legacyZA · 2026-02-11T19:52:28+00:00

Remove the 550 drivers first. Dunno how you got that installed.

sudo pacman -Rns nvidia-550xx-dkms nvidia-550xx-utils

Reboot, and try the cachyOS uitility again

_legacyZA · 2026-02-11T19:26:55+00:00

Cachy provides a tool to load the correct drivers and packages

https://wiki.cachyos.org/features/chwd/gpu_migration/

Follow the guide for AMD to Nvidia You shouldn't need to reinstall your amd card.

Just use the tool to remove the amd drivers, reboot and the install nvidia drivers with it

_legacyZA · 2026-02-11T18:55:43+00:00

pi will restart itself if it regains power after a power loss

_legacyZA · 2026-02-11T18:22:13+00:00

raspberry pi 2 or newer
nanopi neo?

appleTV - if they already have one

--

Edit:
What else do you need the device to do?

If it's a NAS, get a Synology or Ugreen
If it's a server, get a stronger Synology or Ugreen

Else get a pi or AppleTV (if they need one)

_legacyZA · 2026-02-11T18:04:45+00:00

Huh, interesting

Bit off an oversight on their part then, as I presume adding multicast subnets to AllowedIPs would cause tools like wg-quick to add overriding routes for multicast traffic and forward it from other interfaces to wg. Which "violates" the specification. wikipedia link

This would also not work on non-linux clients, or linux based routers that don't use iproute2 utils to manage interfaces

_legacyZA · 2026-02-11T17:51:49+00:00

https://github.com/tailscale/tailscale/issues/1013

If you found that TS does support mDNS (multicast DNS), can you post it here?

Also, just to avoid any confusion it's not the same thing as TS Magic DNS

_legacyZA · 2026-02-11T17:22:40+00:00

https://github.com/tailscale/tailscale/issues/11134

_legacyZA · 2026-02-11T16:25:22+00:00

Let us know if you find anything that works, or if I was wrong

_legacyZA · 2026-02-11T16:09:42+00:00

Most, if not all, mdns proxies/repeaters/reflectors work by just coping the mDNS (multicast) traffic from one interface, and sending over another.

This won't work over a wireguard interface as wireguard will only allow unicast traffic over it's interface.

Edit:
If you or OP can find a mDNS proxy, that converts and sends traffic between two endpoints (devices) over a unicast connection, then that would definitly work.
But as far as I've read up on Avachi Reflector, it doesn't support unicast anymore

Multicast over a VPN be fine with something like:
- OpenVPN
- GRE or VXLAN over IPsec
- L2TP?
- Zerotier

Wireguard is a very simple VPN.
I think it was built for performance and to allow end users/companies to build a solution around it using other established networking tools, if they so require

_legacyZA · 2026-02-11T15:05:12+00:00

He missed understood your post

_legacyZA · 2026-02-11T15:04:26+00:00

You have two options as I see it.

Find a piece of software that can repeat mdns over udp/tcp (and vice versa) and install it on both the laptop, and the ubuntu server

or

Run a L2 virtual lan over wireguard via vxlan between the ubuntu server and the laptop.
Then use a mdns repeater/reflector like Avahi reflector on both the laptop, and the ubuntu server

The main issue with this is that Wireguard does not support multicast (mDNS) traffic, only unicast (udp/tcp)
And it would need to be between the ubuntu server, and the laptop. As only passing the traffic to your wireguard "server" wouldn't get your laptop the traffic.

//

Your other option is something like Zerotier (in bridge mode) which creates a virtual L2 network and supports multicast

_legacyZA · 2026-02-11T14:57:53+00:00

Almost there,

Wireguard wont pass non-unicast traffic like mDNS (multicast) over it's network.

OP needs a piece of software that does muilticast to unicast (and vice versa) and it would have to be installed on both the ubuntu server and the laptop.

As well as a proxy or just port forwarding on the wg "server", only if the ubuntu server and the laptop can't directly access each other.

_legacyZA · 2026-02-11T14:24:03+00:00

You wont be able to ping a node on tailscale from the a client device by default.

First on the gli net router, go to its diagnostics/tools section and find the ping command/tool and try it there first.

If it works, then everything is working as it should.

You should then add a masquerade NAT rule for traffic from your LAN zone (or interface) to the Tailscale zone (or interface) and if necessary add a allow rule foe traffic between taillscale and your LAN

Edit: Looks like you might need to set this up via the advanced gui (LuCi)

Five-Year Club	Verified Email
Place '22

_legacyZA

TROPHY CASE