carpanet - the reference architecture for routing and DNS

24 Jun, 2025

Your network has a router. Your network may have a DHCP server. Somehow, either manually or via DHCP, your network's devices will be informed of a default gateway (a router to send all nonlocal requests to) and a DNS server.

the reference carpanet infrastructure:

• set up carpanet router (router with carpanet connection), configured to NAT traffic from the carpanet WAN to your local LAN
• set up network gateway router with static route for 10.174.0.0/16 to carpanet router
• set up piHole DNS server
• set up DHCP server/network clients to use piHole as primary resolver
• Enable Expert Settings in piHole and hit All Settings > Miscellaneous
• Set the following < server=/.carpanet/10.174.0.53 > in misc.dnsmasq_lines
  • This will allow your piHole to redirect all DNS queries for carpanet addresses to your default gateway, which will then route the query into carpanet

The Extended Universe:

Many people use their phones (citation needed). It can be nice to have connectivity to your resources on the go, so setting up a home overlay connection can come in especially handy– I recommend following the ZeroTier guide for this.

A word to the wise: if you're running multiple networking daemons at once, things get hairy. I've seen it easiest to remove netplan or anything fancy, and simplify down to just /etc/network aka ifupdown, or /etc/systemd/networkd. If you don't want to get deep into learning the interplay of networking services and configuration files (I haven't yet), then Keep It Simple™.

If you're bridging, and you want access to all the lovely perks of carpanet, I recommend adding a route to your ZeroTier config which points 10.174.0.0/16 to your gateway server as well, plus the address of your piHole. This helps to make sure that anything you load on your phone will be able to hit your piHole and forward to carpanet, as well as route to it once you resolve an address.

It only seems to prioritize DNS requests for the configured domain in Zerotier currently though, so DNS does get a little dicey off-network, at least until ZeroTier formally implements support for multiple DNS domains.