Device
- Rooted Android 10
I compiled the Zerotier-One CLI myself via NDK and was able to run it on Android and access ZT's virtual network with the egress NIC specified (e.g. ping -I ztyvvzal2p 10.0.1.100)
Now, I want to be able to access the IP of ZT's network with the routing table specifying ZT's virtual NIC, just like Linux
When I don't specify the NIC, the packet is sent to the eth0 NIC by default. When I check the routing table, everything is fine.
# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: dummy0: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
link/ether 5a:4c:16:a6:b4:7d brd ff:ff:ff:ff:ff:ff
3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:ef:00:1c:c2:35 brd ff:ff:ff:ff:ff:ff
inet 10.10.10.13/24 brd 10.10.10.255 scope global eth0
valid_lft forever preferred_lft forever
4: ztyvvzal2p: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 2800 qdisc pfifo_fast state UNKNOWN group default qlen 1000
link/ether da:77:44:f3:bb:a2 brd ff:ff:ff:ff:ff:ff
inet 10.0.1.68/24 brd 10.0.1.255 scope global ztyvvzal2p
valid_lft forever preferred_lft forever
# ip route show
10.0.1.0/24 dev ztyvvzal2p proto kernel scope link src 10.0.1.68
10.10.10.0/24 dev eth0 proto kernel scope link src 10.10.10.13
# tracepath -n 10.0.1.100
1?: [LOCALHOST] pmtu 1500
1: 10.10.10.1 0.929ms
1: 10.10.10.1 0.988ms
2: 10.10.10.1 1.010ms pmtu 1480
So I tried using iptables
# Option A
iptables -A OUTPUT -d 10.0.1.0/24 -o ztyvvzal2p -j ACCEPT
# Option B
iptables -t nat -A POSTROUTING -o ztyvvzal2p -d 10.0.1.0/24 -j SNAT --to-source 10.0.1.68
Neither option A nor option B has any effect, for packets from the ZT segment are still sent to eth0
Am I missing something?
What should I do to get the routing table to take effect?
