Quantcast
Channel: All EdgeRouter posts
Viewing all 60861 articles
Browse latest View live

Re: BGP keeps crashing (EdgeRouter Pro 8-Port, v1.10.6)

March 25, 2019, 3:57 am
$
0
0

BGP crashes from time to time, but there's no pattern visible.

 

Latest crash:

 

Mar 25 12:16:52 routername BGP[1242]: BGP-3: [SOCK CB] sock_getpeer() failed (134:Transport endpoint is not connected), FD(12)
Mar 25 12:17:28 routername BGP[1242]: BGP-3: [SOCK CB] sock_getpeer() failed (134:Transport endpoint is not connected), FD(12)
Mar 25 12:18:25 routername BGP[1242]: BGP-3: [SOCK CB] sock_getpeer() failed (134:Transport endpoint is not connected), FD(12)
Mar 25 12:19:17 routername BGP[1242]: BGP-3: [SOCK CB] sock_getpeer() failed (134:Transport endpoint is not connected), FD(12)
Mar 25 12:20:04 routername kernel: Process 1242 (bgpd) has crashed (parent 1 (init) signal 11, code 196609, addr 000000000000002c), coredumps disabled
Mar 25 12:20:04 routername snmpd[3753]: [smux_process] peek failed: Operation not permitted
Mar 25 12:20:09 routername monit[888]: 'bgpd' process is not running
Mar 25 12:20:09 routername BGP[6222]: BGP-6: Initializing memdbg: ptr=0x65f750 history-size=1024 memdbg-size=143552
Mar 25 12:20:10 routername IMI[917]: IMI-6: imi_server_send_config called (PM 44)
Mar 25 12:20:10 routername BGP[6223]: BGP-6: BGPd 1.2.0 starting: vty@0, bgp@179
Mar 25 12:20:10 routername ntpd[3074]: i/o error on routing socket No buffer space available - disabling
Mar 25 12:20:10 routername BGP[6223]: BGP-3: [TCP-MD5] : Error from socket call -1 errno = 22
Mar 25 12:20:16 routername BGP[6223]: BGP-6: %BGP-5-ADJCHANGE: neighbor 1.2.3.4 Up
Mar 25 12:20:17 routername BGP[6223]: BGP-6: %BGP-5-ADJCHANGE: neighbor 5.6.7.8 Up
Mar 25 12:20:18 routername BGP[6223]: BGP-3: [SOCK CB] sock_getpeer() failed (134:Transport endpoint is not connected), FD(12)
Mar 25 12:20:18 routername BGP[6223]: BGP-3: [SOCK CB] sock_getpeer() failed (134:Transport endpoint is not connected), FD(13)
Mar 25 12:20:29 routername BGP[6223]: BGP-6: Hashtable expanded :: name=bgp_attrhash_tab size=2048 count=6347
Mar 25 12:20:29 routername BGP[6223]: BGP-6: Hash summary :: name=bgp_attrhash_tab size=2048 count=6347
Mar 25 12:20:29 routername BGP[6223]: BGP-6: >> name=bgp_attrhash_tab empty=112(5.5%) occupied=1936(94.5%)
Mar 25 12:20:29 routername BGP[6223]: BGP-6: >> name=bgp_attrhash_tab range=001->001 cnt=265 (13.7%)
Mar 25 12:20:29 routername BGP[6223]: BGP-6: >> name=bgp_attrhash_tab range=002->002 cnt=461 (23.8%)
Mar 25 12:20:29 routername BGP[6223]: BGP-6: >> name=bgp_attrhash_tab range=003->003 cnt=422 (21.8%)
Mar 25 12:20:29 routername BGP[6223]: BGP-6: >> name=bgp_attrhash_tab range=004->004 cnt=354 (18.3%)
Mar 25 12:20:29 routername BGP[6223]: BGP-6: >> name=bgp_attrhash_tab range=005->005 cnt=235 (12.1%)
Mar 25 12:20:29 routername BGP[6223]: BGP-6: >> name=bgp_attrhash_tab range=006->006 cnt=131 (6.8%)
Mar 25 12:20:29 routername BGP[6223]: BGP-6: >> name=bgp_attrhash_tab range=007->007 cnt=39 (2.0%)
Mar 25 12:20:29 routername BGP[6223]: BGP-6: >> name=bgp_attrhash_tab range=008->008 cnt=19 (0.0%)
Mar 25 12:20:29 routername BGP[6223]: BGP-6: >> name=bgp_attrhash_tab range=009->009 cnt=8 (0.4%)
Mar 25 12:20:29 routername BGP[6223]: BGP-6: >> name=bgp_attrhash_tab range=010->010 cnt=2 (0.1%)
Mar 25 12:20:29 routername BGP[6223]: BGP-6: >> name=bgp_attrhash_tab range=011->015 cnt=0 (0.0%)
Mar 25 12:20:29 routername BGP[6223]: BGP-6: >> name=bgp_attrhash_tab range=016->020 cnt=0 (0.0%)
Mar 25 12:20:29 routername BGP[6223]: BGP-6: >> name=bgp_attrhash_tab range=021->050 cnt=0 (0.0%)
Mar 25 12:20:29 routername BGP[6223]: BGP-6: >> name=bgp_attrhash_tab range=051->100 cnt=0 (0.0%)
Mar 25 12:20:29 routername BGP[6223]: BGP-6: >> name=bgp_attrhash_tab range=101->500 cnt=0 (0.0%)
Mar 25 12:20:29 routername BGP[6223]: BGP-6: >> name=bgp_attrhash_tab range=501->998 cnt=0 (0.0%)
Mar 25 12:20:29 routername BGP[6223]: BGP-6: >> name=bgp_attrhash_tab range=999->max cnt=0 (0.0%)
Mar 25 12:20:29 routername BGP[6223]: BGP-6: Hash summary done
Mar 25 12:20:30 routername BGP[6223]: BGP-4: 1.2.3.4-Outgoing [DECODE] Attr Aggregator: AS value error(0), Ignoring error...
Mar 25 12:20:30 routername BGP[6223]: BGP-6: Hashtable expanded :: name=bgp_attrhash_tab size=4096 count=12810
Mar 25 12:20:30 routername BGP[6223]: BGP-6: Hash summary :: name=bgp_attrhash_tab size=4096 count=12810

Search

Re: Bird BGP daemon configuration guide for new EdgeRouter 2.x. software

March 25, 2019, 4:08 am

Re: edge router OpenVPN - Android client

March 25, 2019, 4:08 am
$
0
0

Thank you for the advice.

I will do it and I will let you know.

Stan

 

Re: BGP keeps crashing (EdgeRouter Pro 8-Port, v1.10.6)

March 25, 2019, 4:30 am
$
0
0

I did not see any reference in your previous posts about 1.10.7 -  so I assumed you skipped it and did not try 

 

I would suggest next thing to try is to swap out the 2GB ram and replace with 4GB stick, as you are loading 3 full BGP tables running at 803421 prefixes and still growing  :-)

 

http://www.cidr-report.org/as6447/

 

the next thing would be to use Bird for BGP as many others have done to get around the poor BGP implementation that Ubiquiti continue to struggle with, and now that you are signed up for beta you can use Debian 9 once you upgrade to ver 2.0.1

 

Bird was a good routing daemon option in EdgeRouter family for 1.x  software. It works faster uses much less memory and quite stable. With the launch of ER software ver 2.0.1 based on Debian 9 it is now possible to use up to date packages. Anyway, old guides for installation and configuration are not valid anymore, so Begetan has created a new one for the community to try out

 

https://community.ubnt.com/t5/EdgeRouter/Bird-BGP-daemon-configuration-guide-for-new-EdgeRouter-2-x/m-p/2723064/highlight/false#M245676

 

 

Re: (ubnt-util) has crashed - syslog messages v1.10

March 25, 2019, 4:14 am
$
0
0

I still see it ;-) in 2019.

Mar 25 08:33:59 Unifi-Gateway kernel: Process 20996 (ubnt-util) has crashed (parent 539 (ubnt-daemon) signal 11, code 0, addr 0000021b00000000), coredumps disabled

However not an EdgeMax machine.. USG. Smiley Happy with latest release.

Simple capabilities question

March 25, 2019, 5:05 am
$
0
0

Hi,

 

This is probably a very simple thing to answer, so excuse my limited knowledge of networking.

 

I assume I can use an Edgerouter X SFP to do the following:

 

1. Connect my broadband router (put into modem-only mode) to the Edgerouter using a RJ45 cable (rather than the SFP one), say into port 0

2. Connect two Ubiquiti AP-AC-LRs (6.5w PoE) to the Edgerouter(capable of 50w PoE), and then remove the PoE injectors that the APs were supplied with? (assume ports 1 & 2)

3. That would then leave me with 2 ports (ports 3&4) on the Edgerouter to cable a wired network into, wouldn't it?

 

Thanks in advance,

 

Nige

Re: EdgeRouter 12 Wrong IPv6 Prefix on clients

March 25, 2019, 5:08 am
$
0
0

You don't need the IPv6 prefix configuration on each interface, the default values will be filled in automatically since you have "service slaac" in the dhcpv6-pd definition, although that shouldn't be causing your problem.

 

Do you have IPv6 access from the router CLI (e.g. can you ping6 www.google.com from there) ?

 

Please post the output of "ip -6 route" and "ip -6 address" on the router.

 

 

I cannot get pppoe-relay in EP-R6

March 25, 2019, 5:17 am
$
0
0

Hello friends

I have several ubiquiti clients authenticating through pppoe.
In my current topology the CPEs connect to several AP Rocket Prism and in turn they authenticate in the EP-R6 that is before it. I have pppoe-relay configured on each AP connected to the EP-R6 and it works perfectly.

Now I want the PPPoE server to be on a mikrotik router in front of the EP-R6. For this I know that I must create a pppoe-relay on the router, but I can not get my clients to see the Mikrotik PPPoE server through the EP-R6.

I have seen that there is no option in the GUI to mark the pppoe-relay but I used the pppoe-relay command in the CLI as follows: sudo pppoe-relay -S "wan if" -C "lan if where ap are conected "

I have all the NAT deactivated until the Mikrotik. All traffic between devices is routed.

Any idea what I may be doing wrong?

Thank you.

Search

Re: EdgeRouter 12 Wrong IPv6 Prefix on clients

March 25, 2019, 5:48 am
$
0
0

This was fixed in 2.0.1. Please mark closed.

Re: Bird BGP daemon configuration guide for new EdgeRouter 2.x. software

March 25, 2019, 6:11 am
$
0
0
> am waiting for ER-4 cavium based router to make better test

do you still have an EdgeRouter Pro 8 ?
I noticed on your blog back in 2017 that you had one
http://blog.devices.pl/?p=80

Edgerouter X SFP - WAP and Management VLAN

March 25, 2019, 6:37 am
$
0
0

Hi all!

 

Firstly, forgive me as I'm something of a Ubiquity N00b -- but spent a grip of time searching and couldn't find whart I was looking for. Figured it was time to fire up that initial post. 

 

I have a Luxul XAP1510 WAP that I'm trying to establish 3 VLANS on:

 

  • VLAN80: Internal - 192.168.80.0/24
  • VLAN90: IOT - 192.168.90.0/24
  • VLAN100: Guest - 192.168.100.0/24

The WAP management should be accessed from what I would like to be my Management VLAN 

(VLAN10 - 192.168.10.0/24). The issue I'm running into is that as soon as I enable VLAN tagging on the WAP, I lose the ability to access the management interface at 192.168.10.10 -- I presume this is because the switch sees that as being a part of VLAN1, which being the default VLAN I don't have the ability to tag along with 80, 90, and 100. 

 

For the life of me cannot figure out how to move the management VLAN off of the default VLAN1 to 10. All of the wizards drop the ERXSFP into 1 right off the bat, and there doesn't seem to be anywhere to change that like there is on my switch (Edgeswitch 24 Lite). I'd imagine there's some CLI tomfoolery to make that happen, but I'm having a heck of a time finding anything on that. 

 

If someone here could poing me in the right direction or has a better approach, I'm all ears... or eyes as it would seem in a forum. 

Re: L2TP IPSec dies after phase1

March 25, 2019, 6:58 am
$
0
0

Hi Ben,

 

I've used Windows 10 and Mac OS High Sierra as clients.  Windows 10 does have the UDP Encapsulation of NAT-T packets registry key set to "2"

Thanks Man Happy

Re: Simple capabilities question

March 25, 2019, 7:02 am

Re: 2 wans and 2 ssid

March 25, 2019, 7:22 am
$
0
0

I had been working on video that might help with this particular support request.

 

https://www.youtube.com/watch?v=p9j-ZZhQXBA

 

This video is about setting up two WAN's and then passing traffic from various internal subnets to the two WAN's.  In some cases I used Policy Based Routing to make it work.  Hope this helps...

 

 

Y-ASK

port forwarding not working im sure its me

March 25, 2019, 7:29 am
$
0
0

All,

So far this ubiquity edgeRouter 4 has been super its gui is good the l2tp vpn was easy to setup using the guide on ubiquiti but i'm getting stuck on simple port forwarding. I have run through dozens of destination nat configs and port forwarding setups from the forums and walkthroughs but I only get it to work inside its own network. Just trying to forward port 80 to HVAC server once they are on VPN it will work on same network but not outside unless i set 'default action' on the rule set to accept. I can see the default action stats incrementing up whenever i try to connect from out side on port 80.

 

I attached an security edited config, i I took out too much lemme know but if any one see anything glaring I would appreciate a push in any direction Im spinning my wheels.

Search

Re: port forwarding not working im sure its me

March 25, 2019, 7:36 am
$
0
0

The config looks OK, though you're obscuring private IPs which isn't necessary, and doesn't let us check you for typos.

 

"Just trying to forward port 80 to HVAC server once they are on VPN it will work on same network but not outside unless i set 'default action' on the rule set to accept"

 

This is a little confusing - are you saying it works as you expect when your default firewall action is "allow"? If yes, can you please re-post your config, and don't obscure your private IP addresses? We can't do anything with them.  

 

 

Edit:

I think you will want to delete the line "http-port 80":

 

    gui {
        http-port 80

Re: ER8 USB Port

March 25, 2019, 7:58 am
$
0
0

If anyone else stumbles accross this problem

sudo modprobe usb-storage

solves the problem. Afterwards /dev/sda is available.

Re: Working, but..."{routername} kernel: protocol 0800 is buggy, dev eth0"

March 25, 2019, 8:00 am
$
0
0

On 2.0.1, I had to disable bonding with just vlan enable it works fine without that message. With them both enabled I see that message almost every second. 

 

Also found if I removed the offload on vlan and left just bonding offload enabled. message showed up one or twice every 1-2 minutes instead of everysecond

 

Currently have this setup on the er4 for offload and message hasn't showed up since: 

 

IP offload module   : loaded
IPv4
  forwarding: enabled
  vlan      : enabled
  pppoe     : disabled
  gre       : disabled
  bonding   : disabled
IPv6
  forwarding: enabled
  vlan      : enabled
  pppoe     : disabled
  bonding   : disabled

IPSec offload module: loaded

Traffic Analysis    :
  export    : disabled
  dpi       : disabled
    version       : 1.480

Re: port forwarding not working im sure its me

March 25, 2019, 8:02 am
$
0
0

Thank you for the reply. Yes if i select allow as default to the ruleset  WAN_LOCAL it will allow the port forwarding. Also i mentioned that it was incrementing the Drop when i try from outside the network to load the internal webserver page, that drop is also from WAN_LOCAL. I reposted with the internal info left as exported.

 

thank you.

Re: port forwarding not working im sure its me

March 25, 2019, 8:11 am
$
0
0
 wrote:

Thank you for the reply. Yes if i select allow as default to the ruleset  WAN_LOCAL it will allow the port forwarding. Also i mentioned that it was incrementing the Drop when i try from outside the network to load the internal webserver page, that drop is also from WAN_LOCAL. I reposted with the internal info left as exported.

 

thank you.

That's odd, I see now you don't have your firewall active at all - it is not applied to your internet interface.  I'm not sure how adjusting that would change anything, can you confirm?

 

I would still remove the http-listen on 80 that I referred to before.

Viewing all 60861 articles
Browse latest View live
Search