It's not a VPN. It thinks global, but acts local.
VPNs are typically used to tunnel between networks. Ethernet virtualization creates networks that are networks. The problems they solve are similar but virtualization offers greater agility and flexibility. Instead of setting up a physical LAN and then figuring out how to access it remotely, create a virtual LAN that works seamlessly everywhere and forget about it.
Access to private networks is strictly limited to computers whose 10-digit ZeroTier addresses are added as members. To set one up, go to the network control panel and log in or create an account.
Private networks administrated through this site are free for up to 10 nodes. After
that they're only
$10.00/month (free while in beta) for unlimited
Ever wonder what the Internet would be like without network address translation and multiple layers of firewalls? We wondered that too.
From the very beginning, an experimental feature was included in the ZeroTier One design: public virtual LANs. These work just like private LANs but can be joined by anyone at any time. They are free for unlimited use and will remain so.
There's only one public network for now. It's called Earth. Go there to get its 16-digit network ID, which is all you need to join it.
Public networks have been covered by the redecentralize project.
Unlike typical hub-and-spoke VPN configurations, if you're sitting in the same room with someone your data doesn't take the scenic route.
It just works. You don't have to create and administrate your own certificate authority or juggle complicated configuration files. All that is done for you. You might have to open UDP port 9993 outbound if you're behind a very restrictive firewall.
All traffic is encrypted end-to-end using private keys that only you control, so your
traffic is only readable by you and by the computer at its final destination. Sometimes
it goes through our servers to be relayed (until a direct peer to peer link can be made),
but we can't see what it is.
Your computer's 10-digit ZeroTier address is tied to its public key by a cryptographic hash function that makes impersonation of other nodes or intentional duplication of addresses extremely hard. Access to private networks is controlled by access certificates that are issued and managed automatically by our servers and would be exceedingly difficult to forge.
Check out our Security FAQ for more information.
It works exactly the same when built from source, except that it will not auto-update like an official build. You'll have to take care of updating it as new versions are released.