ZeroTier | Connect All The Things

Connect All The Things!

The ZeroTier Blog

Introducing the ZeroTier Edge

We built a box.

Software defined virtual networks require software to be installed for access. That's not always possible. You usually can't install ZeroTier on a printer, a camera, an industrial control device, or a toaster. It's not always convenient either. If you have a thousand PCs at one location it would be easier to just connect them all at once. Last but not least there's sometimes a security angle. It's not possible with software alone to isolate a device completely within a virtual network. Physical connectivity is still required so that ZeroTier itself can reach other nodes.

We created the ZeroTier Edge to handle these cases. It's a box that gives you physical (wired and Wi-Fi) ports that allow you to plug things into your imaginary networks.

Now you really can connect all the things!

... read more

It's been possible to do what the Edge does (at least the basic case) for some time now using bridging, but as many users have discovered bridging can be challenging to set up. The Ethernet bridge drivers in Windows and Macintosh are extremely limited and Linux bridging has many settings that are challenging to get just right. There are quite a few "gotchas" too like "do I want DHCP to travel across the bridge?" It's not the kind of thing an IT manager wants to do for general deployment unless they have a lot of spare time to support and debug it. The Edge is a pre-configured plug-and-play bridge with centralized management capability that we support and that can be deployed across an organization.

We're also using the Edge as an excuse to add a more complete set of SD-WAN features to ZeroTier. As it stands our VL1 peer to peer network attempts to find the best path between endpoints and handles fail-over, but that's it. It's designed for the typical use case of systems with a single upstream connection. As part of the Edge project we plan to add support for multiple paths, trunking, quality of service awareness, and improved (faster and more reliable) fail-over in the event of link failure. These features are going into the core ZeroTier engine so they'll be available in the software version as well.

We're also going to be improving management support by introducing features to allow endpoints to be centrally controlled via ZeroTier Central. (They'll have to opt into this of course.)

To keep our costs down and allow us to price the Edge competitively we built it around a new and very nice ARM64 development board called the Espressobin. It's fast enough to pump ZeroTier traffic at 1gbps, has three gigabit ports (that unlike many small boards are wired right into the bus rather than via USB), and is half the cost of almost anything else with similar performance characteristics. As a bonus the company behind it is 20 minutes' drive away from us.

The case for the Edge was prototyped and 3d printed right here in our facility. Whether or not the final version ships with a case that is 3d printed or injection molded depends on how many orders we receive.

We're offering the Edge for pre-order at a discount and intend to ship in Q1 2018. After the pre-order period we'll be increasing it to full price and once we ship we'll be offering it for sale via our web site and likely third party vendors.

In other news, ZeroTier's founder has been interviewed by Packet Pushers podcast. The discussion is general but the Edge is mentioned.