6f8364ba59
The primary focus of this version is better integration with the Microsoft Windows operating system. Virtual networks should now be detected as "real" networks. For each network, a message box should pop up the first time the network is detected and classified allowing the user to choose its services and security designation. On Windows 7 this is "work," "home," or "public." On Windows 8 it's a simple choice of whether or not to enable file and printer sharing and other services. Several bugs have been fixed. Among these are a Windows threading issue, several minor threading deadlock issues that could manifest if rapidly adding and removing networks, and a command line interface issue. The network list now shows the network MAC address as well, a UI oversight in previous versions. A vectorized SSE implementation of Salsa20 is now included for improved encrypt/decrypt performance. The sending of low-TTL "firewall opener" packets has been disabled in this version, since they may not be necessary and may harm NAT traversal in some configurations. We will measure the effectiveness of NAT traversal and see if this change improves performance in the field. Finally, this version obsoletes both the Tokyo and Sydney supernodes in favor of a single larger supernode in Singapore. This decision was made on the basis of bandwidth costs-- both Tokyo and Sydney are significantly more expensive. We'd like to keep the basic service free, so keeping bandwidth costs for relaying low is important. Since NAT traversal works well and is constantly being improved, most users will not see a speed decrease from this. Some Chinese users may see improved performance since Singapore may be closer than Tokyo to many Chinese cities. The next major releases will focus on better Macintosh platform integration, further improvements to NAT traversal, and UI improvements. |
||
|---|---|---|
| attic | ||
| ext | ||
| netconf-service | ||
| node | ||
| osnet | ||
| root-topology | ||
| windows | ||
| ZeroTierUI | ||
| .gitignore | ||
| AUTHORS.txt | ||
| BUILDING.txt | ||
| buildinstaller.sh | ||
| LICENSE.txt | ||
| main.cpp | ||
| make-linux.mk | ||
| make-mac.mk | ||
| Makefile | ||
| objects.mk | ||
| README.md | ||
| RUNNING.txt | ||
| selftest-crypto-vectors.hpp | ||
| selftest.cpp | ||
| version.h | ||
ZeroTier One - Ethernet Virtualization
ZeroTier One is an ethernet virtualization engine. It creates virtual LANs of almost unlimited size that span physical network boundaries.
The underlying protocol is peer to peer with managed anchor points ("supernodes") for instant-on communication, assisted NAT traversal, and relaying for users who cannot make P2P connections. All unicast packets are encrypted end-to-end using private keys that only you control. Multicast and broadcast work as they would on a normal LAN, except that traffic is throttled and intelligently prioritized on large networks to stay within bandwidth limits while preserving essential functionality (multicast triage algorithm). Its behavior is not unlike some enterprise-grade intelligent ethernet switches designed for huge wired networks such as university LANs.
Visit ZeroTier Networks on the web for more information. Follow the ZeroTier blog and the GitHub project to stay up to date. See the GitHub-hosted wiki (sidebar) for technical info and help for various platforms.
Auto-updating binary packages that install easily can be found here. Packages for popular Linux distributions that neatly wrap the Linux installer/uninstaller are coming soon. If you want to build from source, clone this repository and see BUILDING.txt and RUNNING.txt. If you build manually you'll have to update manually.
Once you are up and running, you can create an account on the network control panel if you want to create a private network or you can join Earth by running (on Linux and Mac) sudo ./zerotier-cli join 8056c2e21c000001. (Earth is a public virtual network, meaning that it has no access control and allows anyone to join. Make sure your system is up to date and you have no unprotected network services listening.)
Note: If UDP traffic over port 9993 (at a minimum) is not permitted by your local or network firewall(s), ZeroTier One will fall back to TCP tunneling to supernodes over port 443 and will not be able to make direct NAT-t connections to other peers. This fallback mode slows things down considerably. If you're getting very poor performance check your firewall settings. You can see if fallback mode is active by checking for outbound TCP connections from the zerotier-one process to port 443 on five or six hosts in the zerotier.com domain. (See Defaults.cpp for a list of these hosts.)
Most users will use IPv4 and/or IPv6 over ZeroTier One, but since it virtualizes at the ethernet (layer 2) level it can technically host almost any protocol. Users have made classic multiplayer games work over IPX, for example. Services like DHCP and IPv6 NDP for link-local addresses can work automatically.
The service is free for public networks and for managed private networks up to ten users. The code is open source and is licensed under the GNU GPL v3 (not LGPL). If you'd like to embed it in a closed-source commercial product, please e-mail contact@zerotier.com to discuss licensing.