Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | ... | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30
defiant
780 posts

Ultimate Geek
+1 received by user: 398

Lifetime subscriber

  Reply # 2109128 16-Oct-2018 21:32
Send private message quote this post

No problem

 

I have mine sitting in AWS and configured email too, so I get an email if the router loses internet




Mr Snotty
8299 posts

Uber Geek
+1 received by user: 4266

Moderator
Trusted
Lifetime subscriber

  Reply # 2109136 16-Oct-2018 21:46
Send private message quote this post

cjmchch: Just wondering Michael Murphy if there is a way on the edgerouter 4 to show uptime of my internet connectivity or some other way of determining if my internet connection drops off.

I've had a couple of recent issues where one of my 24/7 computers has failed to connect to an external range of servers and times out. I'm trying to isolate whether it is an issue with regard the connection or a computer/internal network problem issue or not.

 

As @dfnt states UNMS will work well along with external monitoring (I use the pro plan of UptimeRobot to do this). It is quite important to run it on an external server to your network (if possible) as then it'll be able to deliver emails to you when your connection goes down. I also use SMTP2GO for email delivery from it. I had it running quite a while on a VM hosted by Scaleway (https://www.scaleway.com/) which can be somewhat slow but is cheap and works fine for my needs. It is important to get a VM with support for Docker (so rule out anything running with OpenVZ).

 

You basically get a page like this:

 

Click to see full size

 

The only downside with UNMS is it is quite prone to false-positives. I've had it before when the UNMS server itself lost access to the internet and thus I got email notifications that both my sites were down. Other than that, it works well (also, is still a Beta).





 
 
 
 


256 posts

Ultimate Geek
+1 received by user: 43


  Reply # 2109152 16-Oct-2018 22:19
Send private message quote this post

Thanks Mike

Helpful info. In the short term I'm more interested in just identifying the gremlin that is causing the drop in communications. While the server is up 24/7 it's not essential that it remains so. It's the frustration of not knowing where the gremlin has stemmed from as it is also a proxy server of the same instance on another computer, so will start with the most obvious...

621 posts

Ultimate Geek
+1 received by user: 25


  Reply # 2109268 17-Oct-2018 09:02
Send private message quote this post

Thanks Michael for this guide, got my ER-X set up for UFB.

 

I was surprised at how small the ER-X is and what it's able to do.


92 posts

Master Geek
+1 received by user: 5


  Reply # 2110219 18-Oct-2018 08:58
Send private message quote this post

In an attempt to get one son off his xbox, (yes I know I'm the parent, but I'm sick of the "just one more kill!!!!") I added the following rules.  The rules kick in, (seems the xbox is clever enough to swap from eth to wifi when the eth rule kicks in, so low status on the eth, then the wifi kicks in and the status climb), but the Xbox game (Fortnite in this case) keeps working, and he can still talk to his mates?   When I was testing this on laptop, I set up a -t ping to www.google.co.nz, it never dropped, but browsing sure did....  

 

Any suggestions on why this would not be working, much appreciated.

 

 

 

name LAN_IN {

 

default-action accept

 

description "Local Switch"

 

rule 1 {

 

action drop

 

description "Block xbox Q"

 

log disable

 

protocol all

 

source {

 

mac-address 50:1a:c5:60:7b:9c

 

}

 

time {

 

starttime 20:30:00

 

stoptime 07:30:00

 

weekdays Sun,Mon,Tue,Wed,Thu

 

 

 

 

rule 2 {

 

action drop

 

description "Block xbox Q Wifi"

 

log disable

 

protocol all

 

source {

 

mac-address 50:1a:c5:60:7b:9e

 

}

 

time {

 

starttime 20:30:00

 

stoptime 07:30:00

 

weekdays Sun,Mon,Tue,Wed,Thu

 

}

 

}

 


46 posts

Geek
+1 received by user: 4


  Reply # 2111725 21-Oct-2018 06:45
Send private message quote this post

Hi

 

I've printed out the first few pages of this tutorial and read through the rest. I have a new Edgerouter Lite router which I purchased to replace the HG659b which Spark gave me as part of my UFB install. The HG659b is doing a minimal job - no DHCP, no forwarding, no WLAN, no special rules - but it is going catatonic regularly because the number of devices in the mix reaches its 32 device limit.

 

The tutorial and discussion goes into a lot of customisation which may be of interest to me later once I have the device in and doing the simple job that the Huawei is currently doing. I don't want to have to change everything at once. I'm happy to look at refinements later.

 

So the requirement is that the new router sit between Spark's ONT and an ethernet switch; that it have a fixed IP address of 192.168.0.254, that the ONT connect to its eth0, that a local ethernet switch connect to eth1, and that the ER Lite act as a default gateway to the internet for everything in the local network that doesn't say otherwise.

 

As I understand it, I need to: take one of my laptops off the existing network, give it a static IP address like 192.168.1.2, connect it to the edgerouter lite's eth0 port with an ethernet cable, switch the ER Lite on, wait for it to boot up, open a browser on my laptop at 192.168.1.1, log in as ubnt/ubnt, update the firmware to the latest version (which I have already copied to the laptop I intend to use for this job), and restart it.

 

As far as I can tell at this point the next steps are to: (1) set the ER Lite to use a static IP address to 192.168.0.254, (2) do whatever configuring is required for Spark UFB before connecting the ER Lite in the place of the HG659b, (3) power it down, (4) connect it up where the HG659b is, (5) restart it, and everything should just work. At that point I'm ready to see what new things the ER Lite can bring to the network without having everything compromised while I'm doing it.

 

I may have missed it, but nobody in the tutorial or the discussion seems to touch on (1). Have I got this in the right sequence, and have I missed anything important?

 

Thanks in advance

 

T

 

 

 

 

 

 




Mr Snotty
8299 posts

Uber Geek
+1 received by user: 4266

Moderator
Trusted
Lifetime subscriber

  Reply # 2111758 21-Oct-2018 08:39
Send private message quote this post

@aquatarkus I don't understand why you're just using an Edgerouter Lite as a "dumb gateway" as you call it - if there is no DHCP on the HG659 and you're not using it for WiFi or anything then you shouldn't have any issues with the device limit as I believe this is a part of its DHCP server. This is incredibly overkill.

 

But essentially following the guide and disabling the DHCP server will get you the same result for now.





defiant
780 posts

Ultimate Geek
+1 received by user: 398

Lifetime subscriber

  Reply # 2111774 21-Oct-2018 10:01
Send private message quote this post

nicmair:

 

Any suggestions on why this would not be working, much appreciated.

 

 

Have you got DPI enabled on the EdgeRouter? Would be interesting to see whether fortnite gets classified as anything when you look under Traffic Analysis.

 

You can create firewall rules based on DPI e.g. here

 

I had a look at the Games category but it doesn't contain epicgames or fortnite in the list, but it does have xbox.

 

Just modify your rule and select Games as the application

 

Click to see full size

 

 


29 posts

Geek
+1 received by user: 1


  Reply # 2111884 21-Oct-2018 15:56
Send private message quote this post

New alpha release 2.0.0-beta.1 is available here:

 

 

 

 

 

Note: The ER-X/ER-X-SFP/EP-R6 has more limited storage, and in some cases, an upgrade may fail due to not enough space. If this happens, remove the old backup image first (using "delete system image" command, see here for more details) before doing an upgrade.

 

 

 

More details can be found in the release notes below. Please give it a try if you are interested in the new features/changes to help us test them so that we can get the release out sooner! Thanks very much!

 

 

 

[Release Notes v2.0.0-beta.1]

 

 

 

Changelog

 

 

 

Changes since v2.0.0-alpha.3

 

 

 

New features:

 

  • [Discovery] - Add TCP and IPv6 support to UBNT-Discovery protocol
  • [Bootloader] - Include latest bootloader into firmware image
  • [Bootloader] - Add new bootloader CLI command "show system boot-image" and "add system boot-image"
  • [IPSec] - Add new "vpn ipsec gobal-config" CLI command that allows overriding any strongswan config option. For instance following commands reconfigures bypass-lan plugin by excluding eth0 from bypass list:set vpn ipsec global-config "charon.plugins.bypass-lan.load := yes" set vpn ipsec global-config "charon.plugins.bypass-lan.interfaces_ignore := eth0"Syntax of "vpn ipsec gobal-config" should be compliant with format-options.py utility from strongswan suite as defined here

Enhancements and bug fixes:

 

  • [Performance] - Fix regression in v2.0.0-alpha.1 that caused up to 50% throughput degradation when comparing with v1.10.x firmware (both offloaded and non-ofloaded scenarios). 
  • [Offload] - Restore IPSec offloading for Cavium-based routers (ER-8, ER8-Pro, ER4, ER-6P, ER-Infinity, ER-Lite and ER-PoE) that was missing since v2.0.0-alpha.1
  • [Offload] - Fix regression in v2.0.0-alpha.1 when offloaded IPV4/IPv6 flows were not flushed upon routing table changes
  • [Offload] - Restore "hwnat" offloading functionality for Mediatek-based routes (ER-X/ER-X-SFP/EP-R6) that was missing since v2.0.0-alpha.1
  • [Offload] - Fix regression in v2.0.0.0-alpha.1 that caused "ERROR - size of flow bucket is not cache-aligned" error message when offloading was enabled on ER-Lite/ER-PoE
  • [Interface] - Fix bug that cased Ethernet interfaces to be always included to switch-ports on ER-12
  • [Interfaces] - Fix bug when VLAN was broken on [eth5 ~ eth9] interfaces on ER-10X
  • [CLI] - Add "show ubnt offload xxx" CLI commands that were missing since v2.0.0-alpha.1
  • [CLI] - Fix bug that caused "show firewall" and lots of other CLI errors caused by missing Switch.pm package
  • [OSPFv3] - Fix bug when instance-id of OSPFv3 interface was not updated. Discussed here
  • [LED] - Fix bug that caused LEDs to to stay illuminated when ER was administratively shutdown
  • [LED] - Fix bug that caused LEDs flickering when running "show system image" CLI command
  • [DNS] - Fix bug when DNS forwarding sometimes was not working via DHCP client interfaces
  • [DNS] - Fix regression in v2.0.0-alpha.2 when DNSSEC failed because of missing "/usr/share/dnsmasq-base/trust-anchors.conf"  file. Discussed here
  • [WebGUI] - Fix regression in v2.0.0-alpha.3 when WebGUI dashboard was not updated on ER-PoE and ER-Lite if UNMS was enabled. Discussed here
  • [OpenVPN] - Fix regression in v2.0.0-alpha.3 when some OpenVPN config options caused "Commit Failure". Discussed here
  • [FlowAccounting] - Fix regression in v2.0.0-alpha.3 when flow-accounting functionality did not work on ER-X/ER-X-SFP/EP-R6. Discussed here.
  • [IPSec] - Fix bug that caused IPSec to be started even if it was not configured
  • [IPSec] - Removed "farp" and "dhcp" strongswan plugins that caused problems with internal DHCP server. Discussed here and here.
  • [Login] - Fix regression in v2.0.0-alpha.1 that caused login prompt via Console to appear before ER was fully configured
  • [PoE] - Fix regression that was not propelry fixed v2.0.0-alpha.3 and caused PoE to be enabled after doing factory reset from WebGUI. Discussed here and here
  • [SSH] - Removed deprecated SSHv1 options that caused error messages in syslog. Discussed here
  • [Packages] - Fix APT errors when downloading 3rd party packages. Discussed here

Known issues:

 

  • n/a

Updated software components:

 

  • Kernel v4.14.54 for ER-X/ER-X-SFP/EP-R6 models

defiant
780 posts

Ultimate Geek
+1 received by user: 398

Lifetime subscriber

  Reply # 2111953 21-Oct-2018 17:28
Send private message quote this post

Oh nice, ipsec offloading is back!


defiant
780 posts

Ultimate Geek
+1 received by user: 398

Lifetime subscriber

  Reply # 2112028 21-Oct-2018 19:15
Send private message quote this post

I'd hold off upgrading, it breaks ipv6 connectivity


316 posts

Ultimate Geek
+1 received by user: 78


  Reply # 2133488 24-Nov-2018 19:16
Send private message quote this post

New EdgeRouter firmware 1.10.8 has been released for beta community  [ New ]    17 hours ago

 

New stable release v1.10.8 is available here:

 

Note: The ER-X/ER-X-SFP/EP-R6 has more limited storage, and in some cases, an upgrade may fail due to not enough space. If this happens, remove the old backup image first (using "delete system image" command, see here for more details) before doing an upgrade.

 

More details can be found in the release notes below. Please give it a try if you are interested in the new features/changes to help us test them so that we can get the release out sooner! Thanks very much!

 

[Release Notes v1.10.8]

 

Changelog

 

Changes since v1.10.7

 

New features:

 

  • n/a

Enhancements and bug fixes:

 

  • [System] - Add support for new fan HW introduced in new ER-8-XG hardware revision
  • [LoadBalancing] - Fix bug when LoadBalancing would not recover if failed interface restores link after being down for a long time (more than an hour)
  • [Bootloader] - Fix bug when bootloader partition was randomly erased during bootloader upgrade on ER-4/ER-6P/ER-12 models (very-very unlikely but still possible). Discussed here 
  • [LED] - Fix wrong "locate" LED functionality on ER-12
  • [LED] - Update system LED notification for ER-8-XG model (requires bootloader upgrade)
  • [FAN] - Improve fan control on ER-8-XG model (requires bootloader upgrade)
  • [Offloading] - Fix bug when "show ubnt offload flows" caused router to crash if offloading was disabled
  • [CLI] - Fix incomplete "dhcpv6-server preference" help message
  • [Routing] - Fix bug when static ECMP routes from custom routing tables would not be restored when nexthop interface flaps. Discussed here
  • [DHCP] - Fix bug when DHCP client failed to restore IPv4 address after interface link flap if IPv6 address was configured on same interface
  • [Netflow] - Allow setting FQDN as Netflow server. Discussed here
  • [Techsupport] - Fix bug that caused "Invalid input detected" in tech-support file when running 
    "show tech-support" or "generate tech-support archive" CLI commands
  • [IPSec] - add logrotation of "/var/log/charon.log" file. Discussed here

Bootloader upgrade:

 

  • [ER-Lite/ER-PoE] - Fix incorrectly calculated size of flash storage in boot log (this is pure cosmetic fix and does not affect any functionality). 
  • [ER-8-XG] - Fix incorrect LED light behavior during boot
  • [ER-8-XG] - Improve FAN control logic for some earlier hardware builds during boot

Note: Latest bootloader is stored inside EdgeOS firmware since v1.10.7. You can check currently installed bootloader version with "show system boot-image" CLI command and then upgrade it with "add system boot-image" CLI command .

 

Known issues:

 

  • n/a

Updated software components:

 

  • n/a

Today we publish v1.10.8 on beta forum, and If no major issues will be discovered then v1.10.8 will be published on main forum and UNMS in the beginning of December.


93 posts

Master Geek
+1 received by user: 4


  Reply # 2135451 27-Nov-2018 19:32
Send private message quote this post

Awesome guide, helped me get setup straight away!


426 posts

Ultimate Geek
+1 received by user: 25


  Reply # 2152427 30-Dec-2018 22:00
Send private message quote this post

Great tutorial, I just need to block Google DNS now so I can get a Chromecast Ultra up and running.

 

Can someone give an old man tips in laymans terms how to go about it or point me in the right direction ?


76 posts

Master Geek
+1 received by user: 6


  Reply # 2152452 30-Dec-2018 22:43
Send private message quote this post

GeekGuy:

 

Great tutorial, I just need to block Google DNS now so I can get a Chromecast Ultra up and running.

 

Can someone give an old man tips in laymans terms how to go about it or point me in the right direction ?

 

 

 

 

Have a look at this ... https://community.ubnt.com/t5/EdgeRouter/Blocking-Google-s-Public-DNS-servers/td-p/1256887

 

 


1 | ... | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30
View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.