wrote: Could you simply replace ddclient with your own program named ddclient? Since EdgeOS is invoking ddclient when it thinks the IP address has changed, it would instead invoke your program which would then do what it's doing now via timer. I would think that you could easily determine the IP address assigned to the WAN port from inside your program (unless your WAN port is a private IP address and packets are SNAT'ed by some other piece of equipment between the EdgeOS router and the internet), and all you really need is the router to trigger your program.
Just some thoughts.
Ah, this is a cool idea.
My code is Python3 but it could be ported to Python 2 without problems (with great disgust, but without serious problems 
) - I noticed that EdgeOS has Python2 only and I wouldlike to avoid overloading it with unnecessary packages (pip installed modules will be fine).
This is really a cool idea, without the need to implement an API to get the DDNS notification. I just need to have it written somewhere in case I upgrade the firmware (but I have already changed dhclient this way so this is just a new entry in the TODO list).
Thanks a lot for the idea.
Hello,
Just installed an edgerouter as our incoming WAN (ATT FIBER SPF). We connect site-site with sonicwall via vpn.
When I installed the edgerouter and got it all setup everything worked great, however our site-to-site VPN went down.
Anyone know what I need to allow to get this to work? I dont want to use the edgerouter to connect to sonicwall vpn if I dont have to.
We currently have two sites that connect via VPN in this way.
Any help is greatly appreciated.
Chuck
I see what I did wrong, I enabled on the WAN interface not VIF50... im getting this logic slowly!
So is Guest_Local is not needed?
It's still broken. Sorry - forgot to include that in the last edit.
Check the last command above, local direction is for packets destined to the router itself.
Hi Flavio,
No, you're right, I apologize for misreading your original post. I'm not aware of this issue occurring on ERLite-3 or ERPoe-5 devices. It may still be worth testing to see if there is any change. Be sure to give us an update.
-Blake
Yes I see this. What is it typically used for?
I read this in another blog...
LAN_LOCAL = everything inbound to the router from your LAN destined for the router. Again, unless you're doing enterprise routing, this is probably fairly open - although good SMB setups with guest networks may block the guest network range.
So here I would apply local blocks for subnet to subnet?
I run a small wisp and I'm setting up a new ERPro8 (upgrading our ER8).
WHAT I NEED:
- All LAN Public IP's open to the public (kinda like traditional ISP's do it, don't block ports) so port forwarding can be done on the customers own equipment
I have a /29 on the WAN and a /24 on the LAN interface, but I have tried and tried to get port forwarding to work to no avail on our current setup. Instead, open all ports for all IP's on the LAN and for my servers on the LAN I can only open specific ones.
Thanks
Todd
From the guest networks, I allow only DHCP and DNS packets, guests usually don't need nothing more than the internet access, not ping the router or access to gui or SSH.
ND Prefix has ::/64 at the end and the delegated prefix ::/48 at the end, hope this helps.
I don't see a mac address listed in your ER configuration earlier posted for br0 vif 0. - Per the referenced config it is entered in the CLI of the linux side of the ER-X? If there is another way to set this let me know and I will!
sudo bash
ip link set br0.0 down ip link set br0.0 address xx:aa:bb:cc:dd:xx ip link set br0.0 up
The 802.1ax was working before I tested some things yesterday in moving round the 70.xxx.xxx.30/29 IP. I reverted the changes in binding it to ETH3. Now I can't get br0.0 to pull the WAN DHCP IP from AT&T:
ubnt@epol-proxy:~$ show dhcp client leases interface : br0.0 last update: Tue Feb 26 13:58:16 EST 2019 reason : FAIL
EAP output:
ubnt@epol-proxy# sudo ebtables -t filter -L Bridge table: filter Bridge chain: INPUT, entries: 0, policy: ACCEPT Bridge chain: FORWARD, entries: 8, policy: ACCEPT -p 802_1Q -i eth2 --vlan-encap 888E -j ACCEPT -p 802_1Q -i eth2 -j DROP -p 802_1Q -o eth2 --vlan-encap 888E -j ACCEPT -p 802_1Q -o eth2 -j DROP -p 802_1Q -i eth2 --vlan-encap 888E -j ACCEPT -p 802_1Q -i eth2 -j DROP -p 802_1Q -o eth2 --vlan-encap 888E -j ACCEPT -p 802_1Q -o eth2 -j DROP
I may whipe this device for a 4th time and do the config from scratch...
Hello one and all!
New ER-4 owner here. With all of the help pointed to from this forum I have succeeded in setting up my home network, replacing an ASUS 86U.
Two issues: what are the best ways to setup IPv6 and UPnP for Xbox one?
I got the IPV6 working initially (TWC Spectrum) and used UPnP2 in the tree config. However while my NAT is now open on the Xbox, for some reason none of the client on the LAN now have any IPv6 addresses assigned anymore. Yet the eth0/WAN port is definitely seeing a correct IPv6 provision from TWC.
Sorry if of these questions have been asked as nauseum but I could really use some help.
Thanks in advance