Zerotierone: Binding ips doesn't works with primaryPort

You may need portMappingEnabled and allowSecondaryPort set to false -if you don't want two other random ports.

I suppose that the formatting doesn't help.
I reformatted the issue.
If you look at the quoted part you can notice that in the first example there is a listening 162.168.1.1:65510 while on the second one is missing.
With just primaryPort set there isn't any socket listening on random ports while with primaryPort and bind the primary port is used only for 127.0.0.1 and ::1 (but not for the bind ip).

I forgot to add that I already tried to set portMappingEnabled to false and allowSecondaryPort to false.

# zerotier-cli -j info
{
...
"settings": {
"allowSecondaryPort": false,
"allowTcpFallbackRelay": true,
"bind": [
"192.168.1.1"
],
"controllerDbPath": null,
"portMappingEnabled": false,
"primaryPort": 65510,
"rabbitmq": null,
"softwareUpdate": "disable",
"softwareUpdateChannel": "release"
}

I confirm the issue
In fact, it appears that the bind setting does not work at all

ps -ef | grep zero
  373 root      0:10 /storage/.kodi/addons/service.zerotier-one/bin/zerotier-one


more local.conf
{
  "physical": {
  },
  "virtual": {
  },
  "settings": {
    "bind": [ "192.168.0.123" ]
  }
}


zerotier-cli -j info
{
 "address": "..",
 "clock": ..,
 "config": {
  "physical": {},
  "settings": {
   "allowTcpFallbackRelay": true,
   "bind": [
    "192.168.0.123"
   ],
   "controllerDbPath": null,
   "portMappingEnabled": true,
   "primaryPort": 9993,
   "rabbitmq": null,
   "softwareUpdate": "disable",
   "softwareUpdateChannel": "release"
  },
  "virtual": {}
 },
 "online": true,
 "planetWorldId": ..,
 "planetWorldTimestamp": ..,
 "publicIdentity": "..",
 "tcpFallbackActive": false,
 "version": "1.4.6",
 "versionBuild": 0,
 "versionMajor": 1,
 "versionMinor": 4,
 "versionRev": 6
}


netstat -aptu | grep zero
tcp        0      0 192.168.0.123:42331     0.0.0.0:*               LISTEN      373/zerotier-one
tcp        0      0 localhost:9993          0.0.0.0:*               LISTEN      373/zerotier-one
tcp        0      0 localhost:9993          :::*                    LISTEN      373/zerotier-one
udp        0      0 192.168.0.123:45800     0.0.0.0:*                           373/zerotier-one

My idea is that the bind option works, but only on the secondary/tertiary ports, ignoring each option to filter out those ports.
Well, is a borderline meaning of "works".

According to the current code, ports are bound to all addresses except the addresses of the bind setting
I have submitted pull request #1257 to add ports to the addresses of the bind setting
With #1257 ports are bound to the addresses of the bind setting, without it they are not.

According to the current code, ports are bound to all addresses except the addresses of the bind setting
I have submitted pull request #1257 to add ports to the addresses of the bind setting
With #1257 ports are bound to the addresses of the bind setting, without it they are not.

Great, your patch also allow to respect allowSecondaryPort: false and portMappingEnabled: false?

Great, your patch also allow to respect allowSecondaryPort: false and portMappingEnabled: false?

Yes

OPNsense (freebsd)
zerotier client 1.6.2

enable "bind" options -> bind to selected ip:RANDOM_PORT.

Error see more 6 month. In my network config, need add reflection rules. Disappointed dev reaction.