Ubiquiti Edgerouter Tutorial

Forums › LAN (ethernet/Wifi/routers/Bluetooth) › Ubiquiti Edgerouter Tutorial

1 | ... | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57

1232 posts

Uber Geek

#2615931 3-Dec-2020 23:42

dt:

just upgraded, cheers.

I enabled the IPV6 rule and prefix delgation and now have working ipv6 woohoo (orcon)

Could someone answer a question for me, for the hairpin+nat option, for the WAN interface do I select eth0 or eth0.10? I've tried both and nothing seems to break? just want to make sure I haven't left myself at risk or anything like that

ta

Orcon use DHCP on VLAN 10, not PPPoE, right? If so, then your WAN interface is eth0.10 and the hairpin/NAT interface is always the WAN interface. If you are only doing standard routing things then it is fine to just enable hairpin/NAT. But if you are writing fancy NAT rules using the CLI, there can be complications with having it enabled.

Have you tested that large IPv6 packets are working properly? The simple test for this is to load the main front page of Facebook and if that works, large IPv6 packets are working. If it does not load properly, you have an IPv6 MTU problem. It should be fine if Orcon is not using PPPoE.

wratterus

1687 posts

Uber Geek

#2616042 4-Dec-2020 08:37

dt:

Could someone answer a question for me, for the hairpin+nat option, for the WAN interface do I select eth0 or eth0.10? I've tried both and nothing seems to break? just want to make sure I haven't left myself at risk or anything like that

I've always been a little confused about this this too - my understanding is it should be eth0.10 for DHCP with VLAN, eth0 for DHCP without VLAN, pppoe0 for any pppoe regardless of if it's on a VLAN or not.

You could test by opening a port in the firewall and see if it's actually open. I think if the WAN interface is wrong, nothing will be forwarded, rather than the whole firewall not working. Happy to be corrected on this though.

dt

1152 posts

Uber Geek
Inactive user

#2616408 4-Dec-2020 17:27

Cheers guys, I'll leave it on eth0.10

its loading up facebook just fine as well, fingers cross 🤞

evilonenz

/dev/urandom
287 posts

Ultimate Geek

ID Verified

Trusted

Lifetime subscriber

#2619223 10-Dec-2020 10:11

Unsure whether to post this in here, or a new topic, if new topic would be better, happy to move it.

Weird issue discovered last night with my ERLite-3, on 900/400 2d fibre, whilst preloading Cyberpunk 2077.

I'm managing to get near enough full speed to most local resources in NZ, but while preloading Cyberpunk, I was only hitting about 125Mbit, so I decided to take a look at my router, which was pegged at 100% CPU, with top showing this:

Obviously this is making my internet completely unusable whilst Steam is downloading ANYTHING.

Checked offload settings, all appear OK:

Any suggestions?

Edit: disabling IPv6 on the machine doing Steam downloads completely sorts the issue out, download speed up over 100MB/s...

Edit2: Looks to be solved in my case by disabling IPv6 vlan offload, and enabling IPv6 pppoe offload. Makes sense, I guess, how have I not picked up on this before...

Smokeping

Referral Links:

Quic - Use code R536299EPGOCN at checkout for free setup
Contact Energy - Use code FRTQDXB for $100 credit

michaelmurfy

meow
13254 posts

Uber Geek

Moderator

ID Verified

Trusted

Lifetime subscriber

#2619372 10-Dec-2020 12:47

evilonenz:

Edit2: Looks to be solved in my case by disabling IPv6 vlan offload, and enabling IPv6 pppoe offload. Makes sense, I guess, how have I not picked up on this before...

Bingo - this was your problem. I'll update the OP with this also.

Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.

mentalinc

3238 posts

Uber Geek

Trusted

#2619486 10-Dec-2020 14:26

configure
set system offload ipv6 vlan disable
set system offload ipv6 pppoe enable
commit
save
exit

show ubnt offload

IP offload module : loaded
IPv4
forwarding: enabled
vlan : enabled
pppoe : enabled
gre : disabled
bonding : disabled
IPv6
forwarding: enabled
vlan : disabled
pppoe : enabled
bonding : disabled

CPU: AMD 5900x | RAM: GSKILL Trident Z Neo RGB F4-3600C16D-32GTZNC-32-GB | MB: Asus X570-E | GFX: EVGA FTW3 Ultra RTX 3080Ti| Monitor: LG 27GL850-B 2560x1440

Quic: https://account.quic.nz/refer/473833 R473833EQKIBX

broonie27

109 posts

Master Geek

#2626985 26-Dec-2020 19:03

wratterus:

Just noticed 2.0.9 has been released! Thought we'd never see it.

I notice there is now an option for IPv6 during the initial setup - would the below image be correct for Orcon Fibre?

I'm considering moving to Vodafone UFB soon. Regarding the above post on the new v2.09 of the wizard from a few days back. Does this mean all we have to do now is tick this box to configure the IPv6 settings and all the command line stuff is no longer necessary?

Quic Broadband

Move to New Zealand's best fibre broadband service (affiliate link). Free setup code: R587125ERQ6VE. Note that to use Quic Broadband you must be comfortable with configuring your own router.

AlphaAlfalfaSprout

8 posts

Wannabe Geek

#2633124 10-Jan-2021 16:35

broonie27:
I'm considering moving to Vodafone UFB soon. Regarding the above post on the new v2.09 of the wizard from a few days back. Does this mean all we have to do now is tick this box to configure the IPv6 settings and all the command line stuff is no longer necessary?

I’d like to know this too, seems like that part of the tutorial is now redundant?

michaelmurfy

meow
13254 posts

Uber Geek

Moderator

ID Verified

Trusted

Lifetime subscriber

#2633271 10-Jan-2021 21:21

AlphaAlfalfaSprout: I’d like to know this too, seems like that part of the tutorial is now redundant?

No. You're not going to re-run the wizard dropping all your configuration on changing providers or configuring IPv6 for the first time ain't you?

AlphaAlfalfaSprout

8 posts

Wannabe Geek

#2633283 10-Jan-2021 21:51

michaelmurfy:
AlphaAlfalfaSprout: I’d like to know this too, seems like that part of the tutorial is now redundant?

No. You're not going to re-run the wizard dropping all your configuration on changing providers or configuring IPv6 for the first time ain't you?

Redundant in the context of the comment I quoted.

phrozenpenguin

841 posts

Ultimate Geek

#2634092 12-Jan-2021 09:54

I'm about to move from an Edgerouter X SFP to an Edgerouter X (better physical size and power input for required situation).

- is there a smart way to go about this i.e. to keep the same config and same dhcp leases (not reserved ones)?

- I'm on Bigpipe; do they lock a connection to a MAC address or anything strange...or should my connection come straight up if I have the right config?

michaelmurfy

meow
13254 posts

Uber Geek

Moderator

ID Verified

Trusted

Lifetime subscriber

#2634094 12-Jan-2021 10:00

@phrozenpenguin You can just export / import your configuration. Also ensure you're on the latest firmware before you move. BigPipe don't care about the mac address.

phrozenpenguin

841 posts

Ultimate Geek

#2634099 12-Jan-2021 10:15

michaelmurfy:

@phrozenpenguin You can just export / import your configuration. Also ensure you're on the latest firmware before you move. BigPipe don't care about the mac address.

Thanks. I just checked out the config and it includes DHCP leases etc which I wasn't expecting.

One complication; I need to change ports e.g. eth0 on router1 is for WAN, but I want to use eth04 on router 2. And some changes to switch ports. What is the best way to do this? I can think of three approaches:

1 - manually change the config file - but may well miss something and break it.

2 - import and then change config in the ui - but not sure if changes will filter through everywhere.

3 - set up router2 as new device - will take longer but shouldn't be any issues...

Jiriteach

1119 posts

Uber Geek

ID Verified

Lifetime subscriber

#2634138 12-Jan-2021 11:33

phrozenpenguin:
michaelmurfy:

@phrozenpenguin You can just export / import your configuration. Also ensure you're on the latest firmware before you move. BigPipe don't care about the mac address.

Thanks. I just checked out the config and it includes DHCP leases etc which I wasn't expecting.

One complication; I need to change ports e.g. eth0 on router1 is for WAN, but I want to use eth04 on router 2. And some changes to switch ports. What is the best way to do this? I can think of three approaches:

1 - manually change the config file - but may well miss something and break it.

2 - import and then change config in the ui - but not sure if changes will filter through everywhere.

3 - set up router2 as new device - will take longer but shouldn't be any issues...

I would just set it up as a new device. Use the WAN2LAN2 wizard initially and the other bits are very quickly configured.

-- opinions expressed by me are solely my own. ie - personal

mentalinc

3238 posts

Uber Geek

Trusted

#2634558 12-Jan-2021 21:38

Just a bump to make sure everyone has seen the email from ui.com and suggesting passwords are changed and MFA enabled (if it wasn't already - but of course it was right!)

"Dear Customer,

We recently became aware of unauthorized access to certain of our information technology systems hosted by a third party cloud provider. We have no indication that there has been unauthorized activity with respect to any user’s account.

We are not currently aware of evidence of access to any databases that host user data, but we cannot be certain that user data has not been exposed. This data may include your name, email address, and the one-way encrypted password to your account (in technical terms, the passwords are hashed and salted). The data may also include your address and phone number if you have provided that to us.

As a precaution, we encourage you to change your password. We recommend that you also change your password on any website where you use the same user ID or password. Finally, we recommend that you enable two-factor authentication on your Ubiquiti accounts if you have not already done so."

We apologize for, and deeply regret, any inconvenience this may cause you. We take the security of your information very seriously and appreciate your continued trust.

Thank you,
Ubiquiti Team

CPU: AMD 5900x | RAM: GSKILL Trident Z Neo RGB F4-3600C16D-32GTZNC-32-GB | MB: Asus X570-E | GFX: EVGA FTW3 Ultra RTX 3080Ti| Monitor: LG 27GL850-B 2560x1440

Quic: https://account.quic.nz/refer/473833 R473833EQKIBX

1 | ... | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57