Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | ... | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34
7 posts

Wannabe Geek


  Reply # 2079448 26-Aug-2018 18:59
Send private message quote this post

Hi Guys,

 

Thank you for your replies, I appreciate them very much.

 

I am keen to learn about the Edgerouter, from what I can see there is a lot you can do with it, but I do not want my learning to be at the expense of internet connectivity.

 

I have the Tp-Link set up exactly how I want it, I have the relevant ports open for my website and email server (using Ubuntu 18.04 server) and have set static IP addresses for all my computers (including the VM's). I am intimately acquainted the GUI and can make any necessary changes quickly and efficiently.

 

The Edgerouter is a level up from the Tp-Link and there will be a learning curve. I will make mistakes and it could be some time before I figure out how to undo what I did to regain internet connectivity. I run my business from home so I cant afford to not have internet.

 

Short of getting a second internet connection from my ISP and running a second ethernet cable from the ONT to the Edgerouter is there a way the two routers can be run side by side? This way I can fiddle to my hearts content with the Edgerouter without jeopardizing internet connectivity.

 

 

 

 

 

 

 

 

 

 

 

 

 

 




Mr Snotty
8524 posts

Uber Geek
+1 received by user: 4421

Moderator
Trusted
Lifetime subscriber

  Reply # 2079496 26-Aug-2018 23:34
One person supports this post
Send private message quote this post

Jedi:

 

Short of getting a second internet connection from my ISP and running a second ethernet cable from the ONT to the Edgerouter is there a way the two routers can be run side by side? This way I can fiddle to my hearts content with the Edgerouter without jeopardizing internet connectivity.

 

Really the answer to this is no.

 

What you're trying to do is a little silly - it doesn't take much to port-forward on the Edgerouter so really, it is best to clone your port forwards on the Edgerouter. You can only use one or the other for what you're trying to do.

 

Set up the basics to start off with then set aside some time to set up the rest.





 
 
 
 


96 posts

Master Geek
+1 received by user: 5


  Reply # 2082346 1-Sep-2018 12:52
Send private message quote this post

Just a had a really weird thing happen that I thought I would post here incase it should happen to someone else.

 

 

 

I added a port forward (in this case was the WiFi on a xbox) and mistakenly applied it to switch 0, but after hitting the apply button, everything seemed to work fine, certainly the xbox kept working.... until I tried to browse the internet.  Basically DNS had stopped working. I tired all sorts of things, restart of services, restart of the Edgerouter, reversed out the changes I had made, but still no good.  Finally after reloading a saved config, and it still not working, now starting to panic,  I hit the apply button on the Port Forward tab, this time against Eth0 and bingo, all good.  I added the port forwards in I wanted, (against the right interface) and that worked fine.

 

I would have thought the reload of the config would have sorted it, but alis no...  

 

 


331 posts

Ultimate Geek
+1 received by user: 85


  Reply # 2089464 12-Sep-2018 18:33
Send private message quote this post

New EdgeRouter firmware 2.0.0-alpha.3 has been released by Ubiquiti Employee UBNT-afomins yesterday

 

New alpha release 2.0.0-alpha.3 is available here:

 

Note: The ER-X/ER-X-SFP/EP-R6 has more limited storage, and in some cases, an upgrade may fail due to not enough space. If this happens, remove the old backup image first (using "delete system image" command, see here for more details) before doing an upgrade.

 

More details can be found in the release notes below. Please give it a try if you are interested in the new features/changes to help us test them so that we can get the release out sooner! Thanks very much!

 

[Release Notes v2.0.0-alpha.3]

 

Changelog

 

Changes since v2.0.0-alpha.2

 

New features:

 

  • Upgraded base system to Debian-Stretch. 

Enhancements and bug fixes:

 

  • [Kernel] - Upgraded kernel to 4.4.128 for ER-X/ER-X-SFP/EP-R6 models
  • [Kernel] - Fix "0Man TongueCIe: Port 0 is unknown, skipping." error message on ER-Infinity
  • [Bootloader] - Add CLI commands to show and update bootloader. (Bootloader images will be released separately later) show system boot-image
    add system boot-image
  • [IPSec] - Add optional "null" encryption for IPSec ESP group
  • [LED] - Adjust LED color/blink-rate behavior with other UBNT devices. Details here
  • [IPSec] - Fix regression in 2.0.0-alpha.2 when VTI-based VPN did not work
  • [LLDP] - LLDP is automatically enabled when UNMS is enabled 
  • [CLI] - Do not show system interfaces "infX" in CLI on ER-12
  • [DPI] - Update DPI signatures
  • [System] - Fix bug when packets appeared on wrong port in ER-12
  • [UNMS] - Fix bug when configuration was sometimes corrupted when UNMS was enabled
  • [DHCP] - Enable DHCP on eth1 in factory default configuration
  • [DHCP] - Fix "Smartmatch is experimental" Perl warning when configuring DHCP server in CLI
  • [PPPoE] - Fix bug when PPPoE client did not reconnect after server restart
  • [Packages] - Fix bad dependencies in package manager that caused failure when installing 3rd party packages

Known issues:

 

  • IPsec offloading does not work on Cavium-based routers (ER-8/ER-Pro/ER-Lite/ER-PoE/ER-4/ER-6P/ER-Infinity/EP-R8)
  • Offloading does not work on Mediatek-based routers (ER-X/ER-X-SFP/EP-R6)
  • Following error messages will appear in syslog when loggin with SSH. Those message are harmless, just ignore them:error: key_load_public: invalid format error: Could not load host key: /etc/ssh/ssh_host_key
  • When upgrading from v1.10.6 via WebGUI then following false error will be displayed. This is false-positive error and users are encouraged to ignore it and reboot ER in order to apply v2.0.0-alpha.3 upgrade:
  • upgrade-fail.PNG

Updated software components:

 

You can get full list of updated packages by running dpkg -l shell command.

 

Following is list of major updates:

 

  • Bash (4.4-5)
  • Perl (5.24.1-3+deb9u4)
  • NTP (1:4.2.8p10+dfsg-3+deb9u2)
  • OpenSSH (7.4p1-10+deb9u3)
  • OpenSSL (1.1.0f-3+deb9u2)
  • OpenVPN (2.4.0-6+deb9u2)
  • SNMP(5.7.3+dfsg-3)
  • Strongswan(5.6.3-1)
  • Systemd (232-25+deb9u4 )



Mr Snotty
8524 posts

Uber Geek
+1 received by user: 4421

Moderator
Trusted
Lifetime subscriber

  Reply # 2089611 12-Sep-2018 22:47
Send private message quote this post

@freakngeek With no IPSec offloading I have to give these Alpha's a miss which is a shame as I normally upgrade to them. I presume you're running it, how are you finding it?





331 posts

Ultimate Geek
+1 received by user: 85


  Reply # 2089629 13-Sep-2018 07:08
Send private message quote this post

@michaelmurfy, I'm not using the Alpha's either, not even using 10.x.x, sticking with 1.9.7hf4
Was having PPPoE drop issues, 1.9.7 nice and stable = happy wife and kids = happy me :)

 

But for those wanting the latest to try, jump on in




Mr Snotty
8524 posts

Uber Geek
+1 received by user: 4421

Moderator
Trusted
Lifetime subscriber

  Reply # 2089638 13-Sep-2018 07:34
Send private message quote this post

PPPoE drop issues is a little worrying. I'm on the latest Stable build and it is rock solid across my 2 Edgerouters. If you're getting PPPoE drop issues I'd be bringing this up with your provider.

 

There are some notable security holes in 1.9.7 so you should really upgrade :)





331 posts

Ultimate Geek
+1 received by user: 85


  Reply # 2093307 19-Sep-2018 17:02
Send private message quote this post

michaelmurfy:

 

PPPoE drop issues is a little worrying. I'm on the latest Stable build and it is rock solid across my 2 Edgerouters. If you're getting PPPoE drop issues I'd be bringing this up with your provider.

 

There are some notable security holes in 1.9.7 so you should really upgrade :)

 

 

Hah, what you said slowly worked on me and I relented.
Upgraded to 1.10.6, then started having slow webpage connects and things like Office 365 installer would stall
I blamed VDSL connection at first as at a similar time my Attainable and actual syncs began fluctuate every few seconds from being steady for months, that has now been ruled out now that I'm back on 1.9.7 hf4, modem is still changing sync speeds
Early 1.10.x and 2.0 gave e PPPoE disconnect issue this has nothing to do with ISP, the ERL3 would drop it and need manual reconnect, as 1.9.7 never had this issue

 

What is your stable version ?


96 posts

Master Geek
+1 received by user: 5


Reply # 2093625 20-Sep-2018 09:47
Send private message quote this post

I often find with the alpha releases I get DNS issues.  Everything works fine, but then web pages slowly stop working with DNS errors.  A restart may or maynot fix the issue, but more often then not, I have the revert to a stable version.  I'm on 1.10.6 and its seems stable (although certain fortnite players still complain about any and all poor performances issues, a single packet lose, or slow download speed, means our internet sucks, oh for such a simple life laughing)


defiant
840 posts

Ultimate Geek
+1 received by user: 441

Lifetime subscriber

  Reply # 2098760 30-Sep-2018 14:45
Send private message quote this post

So I followed this guide pretty much blindly to setup 2degs ipv6.

 

I've been meaning to comment as I think there's a couple of errors, I was doing some nPerf tests and noticed my CPU usage was going up to 80% when doing ipv6 tests and couldn't get over 888Mbit/s

 

I changed:

 

set system offload ipv6 forwarding enable
set system offload ipv6 vlan enable

 

to:

 

set system offload ipv6 forwarding enable
set system offload ipv6 pppoe enable

 

Now I can get over 900Mbit/s through ipv6 and CPU doesn't go over 20%.

 

Secondly, this:

 

set interfaces ethernet eth0 pppoe 0 vif 10 ipv6 enable
edit interfaces ethernet eth0 pppoe 0 vif 10 dhcpv6-pd pd 0

 

Should be:

 

set interfaces ethernet eth0 vif 10 pppoe 0 ipv6 enable
edit interfaces ethernet eth0 vif 10 pppoe 0 dhcpv6-pd pd 0

 

As the vlan interface comes before the pppoe interface.

 

I also setup a dhcpv6-server in addition to slaac as I wanted the likes of pihole to obtain a dhcp address that was internal and not temporary. I haven't figured out how to get the DUID of the debian server as they don't make it easy to find, so haven't setup static mapping yet but I don't imagine the pihole being offline longer than the lease time expires.


422 posts

Ultimate Geek
+1 received by user: 91


  Reply # 2099048 1-Oct-2018 00:04
Send private message quote this post

dfnt:

 

I also setup a dhcpv6-server in addition to slaac as I wanted the likes of pihole to obtain a dhcp address that was internal and not temporary. I haven't figured out how to get the DUID of the debian server as they don't make it easy to find, so haven't setup static mapping yet but I don't imagine the pihole being offline longer than the lease time expires.

 

 

The easy way to get the DUID is to disconnect the device from the network, start tcpdump or tshark on the EdgeRouter to capture the DHCPv6 packers, then connect the device.

 

To run tcpdump or tshark on an EdgeRouter, you need to make sure that where it is going to store a capture file is in its RAMdisk, not on its flash device - writing too often to the flash device will kill it.  I log in, then do:

 

sudo su

 

cd /var/log

 

tcpdump -i eth2 -w eth2.pcap "ip6 and (udp port 546 or udp port 547)"

 

You may need to disable offloading of IPv6 to see all IPv6 packets.

 

To see the contents of the eth2.pcap file, use scp (or winscp) to copy the file to a box where you can run Wireshark to display it.  SSH needs to be enabled on the EdgeRouter to do that.

 

To get devices to ask for a DHCPv6 address, you will need to change the Router Advertisment (RA) packets to set the M (managed address) flag:

 

set interfaces ethernet eth2 ipv6 router-advert managed-flag true

 

Be aware that doing that will prevent any non-rooted Android devices from getting any global unicast IPv6 addresses as Google has decided that Android will not do DHCPv6 - they only do SLAAC.  So if you want your network to use DHCPv6, you will need to have your Android devices on a different subnet where the RA packets do not have the M flag set.  With rooted Android devices, you can install a DHCPv6 app.


defiant
840 posts

Ultimate Geek
+1 received by user: 441

Lifetime subscriber

  Reply # 2099063 1-Oct-2018 01:17
Send private message quote this post

Yeah, I'm too lazy to jump through hoops just to get the DUID.

 

I'm using SLAAC for GUA and dhcpv6 for LUA, so all my devices have both, e.g:

 

root@ramen:~# ifconfig eno1
eno1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.14 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 2406:x prefixlen 64 scopeid 0x0<global>
inet6 fd33:x prefixlen 128 scopeid 0x0<global>

 

I haven't looked at my wife's Android to see whether or not it works, and the only other Android device I have is an Nvidia Shield TV which has ipv6 disabled so I'm not really fussed about Android.

 

Edit: Out of interest/inability to sleep I just tested the Nvidia Shield and it receives a GUA fine (obviously no LUA but doesn't bother me) and scored 10/10 on the ipv6 test.

 

My config for eth1:

 

admin@router# show interfaces ethernet eth1
address 192.168.1.1/24
address fd33:x/64
description eth1.lan
duplex auto
ipv6 {
dup-addr-detect-transmits 1
router-advert {
cur-hop-limit 64
link-mtu 0
managed-flag true
max-interval 600
other-config-flag true
prefix 2406:x::1/64 {
}
prefix fd33:x::/64 {
autonomous-flag false
}
reachable-time 0
retrans-timer 0
send-advert true
}
}

 

The bold bits are what I configured, the rest were automatically added by the EdgeRouter.

 

And eth0 is standard:

 

admin@router# show interfaces ethernet eth0
duplex auto
mtu 1508
speed auto
vif 10 {
mtu 1508
pppoe 0 {
default-route auto
dhcpv6-pd {
pd 0 {
interface eth1 {
host-address ::1
no-dns
prefix-id :0
service slaac
}
prefix-length /56
}
prefix-only
rapid-commit enable
}


210 posts

Master Geek
+1 received by user: 13

Subscriber

Reply # 2100254 2-Oct-2018 18:54
Send private message quote this post

i was trying to enable ipv6, currently with 2D

 

CLI has this return

 

ubnt@ubnt:~$ delete interface eth0 pppoe 0 dhcpv6-pd

 

Invalid command

 

ubnt@ubnt:~$

 

 

 

do i need to do need to do this under configure?

 

 



Mr Snotty
8524 posts

Uber Geek
+1 received by user: 4421

Moderator
Trusted
Lifetime subscriber

  Reply # 2100265 2-Oct-2018 19:15
Send private message quote this post

iamsammajor:

 

do i need to do need to do this under configure?

 

Yes. Updated post to make this more clear.





210 posts

Master Geek
+1 received by user: 13

Subscriber

  Reply # 2100329 2-Oct-2018 20:27
Send private message quote this post

IPv4

 

forwarding: enabled

 

vlan : enabled

 

pppoe : enabled

 

gre : enabled

 

IPv6

 

forwarding: enabled

 

vlan : enabled

 

pppoe : disabled

 

 

 

IPSec offload module: loaded

 

 

 

Traffic Analysis :

 

export : disabled

 

dpi : disabled

 

version : 1.422

 

 

 

does this look like i have the setting correct for offloading?

1 | ... | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34
View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

NZ and France seek to end use of social media for acts of terrorism
Posted 24-Apr-2019 12:13


Intel introduces the 9th Gen Intel Core mobile processors
Posted 24-Apr-2019 12:03


Spark partners with OPPO to bring new AX5s smartphone to New Zealand
Posted 24-Apr-2019 09:54


Orcon announces new always-on internet service for Small Business
Posted 18-Apr-2019 10:19


Spark Sport prices for Rugby World Cup 2019 announced
Posted 16-Apr-2019 07:58


2degrees launches new unlimited mobile plan
Posted 15-Apr-2019 09:35


Redgate brings together major industry speakers for SQL in the City Summits
Posted 13-Apr-2019 12:35


Exported honey authenticated on Blockchain
Posted 10-Apr-2019 21:19


HPE and Nutanix partner to deliver hybrid cloud as a service
Posted 10-Apr-2019 21:12


Southern Cross and ASN sign contract for Southern Cross NEXT
Posted 10-Apr-2019 21:09


Data security top New Zealand consumer priority when choosing a bank
Posted 10-Apr-2019 21:07


Samsung announces first 8K screens to hit New Zealand
Posted 10-Apr-2019 21:03


New cyber-protection and insurance product for businesses launched in APAC
Posted 10-Apr-2019 20:59


Kiwis ensure streaming is never interrupted by opting for uncapped broadband plans
Posted 7-Apr-2019 09:05


DHL Express introduces new MyDHL+ online portal to make shipping easier
Posted 7-Apr-2019 08:51



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.