Quantcast
Channel: All EdgeRouter posts
Viewing all 60861 articles
Browse latest View live

Re: Unable to get ip address connected to wifi after setting up vlan on edgerouter x

October 7, 2016, 5:52 pm
$
0
0

I added the vlan to switch and i was able to get the ip address but now I can't get out to the internet.

 

I am able to get out to the internet on the main vlan 1 but vlan 3 i am unable to

 

here is the configuration.

 

thank you 

 

firewall {
all-ping enable
broadcast-ping disable
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
name WAN_IN {
default-action drop
description "WAN to internal"
rule 10 {
action accept
description "Allow established/related"
state {
established enable
related enable
}
}
rule 20 {
action drop
description "Drop invalid state"
state {
invalid enable
}
}
}
name WAN_LOCAL {
default-action drop
description "WAN to router"
rule 10 {
action accept
description "Allow established/related"
state {
established enable
related enable
}
}
rule 20 {
action drop
description "Drop invalid state"
state {
invalid enable
}
}
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
}
interfaces {
ethernet eth0 {
address dhcp
description Internet
duplex auto
firewall {
in {
name WAN_IN
}
local {
name WAN_LOCAL
}
}
speed auto
}
ethernet eth1 {
description Local
duplex auto
speed auto
}
ethernet eth2 {
description Local
duplex auto
speed auto
}
ethernet eth3 {
description Local
duplex auto
speed auto
}
ethernet eth4 {
description Local
duplex auto
poe {
output pthru
}
speed auto
}
loopback lo {
}
switch switch0 {
address 192.168.10.1/24
description Local
mtu 1500
switch-port {
interface eth1 {
}
interface eth2 {
}
interface eth3 {
}
interface eth4 {

vlan {

vid 3

}
}
vlan-aware enable
}
vif 3 {
address 192.168.3.1/24
description guest
mtu 1500
}
}
}
service {
dhcp-server {
disabled false
hostfile-update disable
shared-network-name Guest {
authoritative disable
subnet 192.168.3.0/24 {
dns-server 8.8.8.8
dns-server 8.8.4.4
lease 86400
start 192.168.3.10 {
stop 192.168.3.20
}
}
}
shared-network-name LAN {
authoritative enable
subnet 192.168.10.0/24 {
default-router 192.168.10.1
dns-server 192.168.10.1
lease 86400
start 192.168.10.38 {
stop 192.168.10.243
}
}
}
use-dnsmasq disable
}
dns {
forwarding {
cache-size 150
listen-on switch0
listen-on switch0.3
}
}
gui {
http-port 80
https-port 443
older-ciphers enable
}
nat {
rule 5010 {
description "masquerade from all LANs to eth0 WAN"
log disable
outbound-interface eth0
protocol all
source {
address 192.168.0.0/16
}
type masquerade
}
}
ssh {
port 22
protocol-version v2
}
}
system {
host-name ubnt
login {
user ubnt {
authentication {
encrypted-password ****************
}
level admin
}
}
name-server 8.8.8.8
ntp {
server 0.ubnt.pool.ntp.org {
}
server 1.ubnt.pool.ntp.org {
}
server 2.ubnt.pool.ntp.org {
}
server 3.ubnt.pool.ntp.org {
}
}
syslog {
global {
facility all {
level notice
}
facility protocols {
level debug
}
}
}
time-zone UTC
}

Search

Network is having contstant blips/pauses/drops/hesitation - please help

October 7, 2016, 6:12 pm
$
0
0

Hi all,

 

Very frustrating problem that I have been spending all day trying to solve.

 

My network/internet has been having contstant blips/pauses for the last 2 days.  I'm at a loss and could use some help diagnosing the problem.

 

I needed to move subnets a few days ago, so I reset the routing using the WAN + 2LAN2 setup.  Setup went fine.

 

Soon after I began to experience these constant network hesitation.  They seem to happen every couple of minutes.

 

I am thinking its the router because my PC, iPad and also cell phone is having issues.  Cell phone using google voice is having calls fade in an out, and with the iPad my kid keeps getting disconnected from a game.

 

Can someone point me to where even to begin?  I am not exerienced with this router so I am not sure what to try.

 

Thanks in advance

ER-8 Configuration

October 7, 2016, 6:27 pm
$
0
0

I want to program an ER-8 like the diagram attached, I have not been able to get the LAN to talk to LAN2 or LAN3.

 

Any help I can get would be greatly apprectiated.

 

 

Re: ipv6 setup for Sky Fibre UK

October 7, 2016, 6:45 pm
$
0
0

Thanks for this guide, got my v6 working now Ubnt Banana

Re: Network is having contstant blips/pauses/drops/hesitation - please help

October 7, 2016, 7:01 pm
$
0
0

How sure are you that it's not the Internet service itself?

 

Be sure to upgrade to the latest firmware. Perhaps you can

do some ping tests to determine where the dropout starts.   Dave

Re: Network is having contstant blips/pauses/drops/hesitation - please help

October 7, 2016, 7:17 pm
$
0
0

Thanks

 

I haven't had and ISP issue in 2-3 years, so to have it happen within days of a router change would be unlikely

 

During this change I upgrades to the latest firmware

 

I'm not sure how to do ping tests in the fashion that you mean.  I can ping a network resource in a CMD window but otherwise I am not sure how to do what you're suggesting.

 

 

Re: Monthly Data Usage Chart?

October 7, 2016, 8:00 pm
$
0
0

I see that it talks about a negative impact on ERL/ER-POE Routers. Is the same true for ER-X Advanced?

Re: Edgerouter lite using PPPOE will not use WAN IP for Proxy

October 7, 2016, 10:16 pm
$
0
0

I found the issue. The perl modules that "check" system IP's require an IP with a CIDR notation in order to be considered a "system address". PPPOE interfaces in the edgerouter will not produce a string  that meets these requirements and therefore it is not considered a valid address.

 

sub get_ipaddr_intf_hash {
  my %config_ipaddrs = ();
  my @lines = `ip addr show | grep 'inet '`;
  chomp @lines;
  foreach my $line (@lines) {
    if ($line =~ /inet\s+([0-9.]+)\/.*\s([\w.]+)$/) {
        $config_ipaddrs{$1} = $2;
    }
  }
  return \%config_ipaddrs;

 

I modified the code to accept the PPPOE line also and the config will recognize the WAN address as a system IP and the proxy works. The modification is below

 

if ($line =~ /inet\s+([0-9.]+).*\s([\w.]+)$/) {

 

Thank you for your assistance.

Search

Re: restarting BGP

October 7, 2016, 10:24 pm
$
0
0

 this is why you'd likely want to restart bgpd Man Sad

 

 

imish invoked oom-killer: gfp_mask=0x200da, order=0, oom_score_adj=0
CPU: 0 PID: 1971 Comm: imish Tainted: P O 3.10.20-UBNT #1
Stack : ffffffffc0760000 ffffffffc0750000 0000000000000000 ffffffffc0750000
ffffffffc05c0000 0000000000000001 0000000000000001 0000000000000000
ffffffffc0760000 0000000000000043 ffffffffc05c0000 ffffffffc00a2c64
0000000000000000 0000000000000000 0000000000000000 0000000000000000
0000000000000000 ffffffffc0760000 ffffffffc052f9e8 ffffffffc05a0000
ffffffffc0750888 80000000893ba348 00000000000007b3 0000000000000000
0000000000000000 800000008c1860c0 000000000007c8c2 ffffffffc049b594
8000000000c0b9b8 8000000000c0b8b0 ffffffffc052f9e8 ffffffffc049c090
0000000000000000 ffffffffc052f9e8 0000000000000000 00000000000007b3
0000000000000000 ffffffffc007ebc0 0000000000000000 0000000000000000
...
Call Trace:
[<ffffffffc007ebc0>] show_stack+0x70/0x88
[<ffffffffc049c090>] dump_header.isra.12+0x78/0x18c
[<ffffffffc049c218>] oom_kill_process.part.14+0x74/0x35c
[<ffffffffc011ade4>] out_of_memory+0x364/0x3e8
[<ffffffffc01228e0>] __alloc_pages_nodemask+0xde8/0xe00
[<ffffffffc014ae74>] handle_pte_fault+0x3ec/0xc80
[<ffffffffc008e1cc>] __do_page_fault+0x11c/0x3c8
[<ffffffffc0078f20>] ret_from_exception+0x0/0xc

Mem-Info:
DMA32 per-cpu:
CPU 0: hi: 186, btch: 31 usd: 30
CPU 1: hi: 186, btch: 31 usd: 133
active_anon:214560 inactive_anon:232460 isolated_anon:0
active_file:4701 inactive_file:5036 isolated_file:0
unevictable:0 dirty:0 writeback:0 unstable:0
free:1427 slab_reclaimable:2426 slab_unreclaimable:40659
mapped:9425 shmem:257553 pagetables:700 bounce:0
free_cma:0
DMA32 free:5708kB min:5712kB low:7140kB high:8568kB active_anon:858240kB inactive_anon:929840kB active_file:18804kB inactive_file:20144kB unevictable:0kB isolated(anon):0kB isolated(file):0kB present:2078912kB managed:2040276kB mlocked:0kB dirty:0kB writeback:0kB mapped:37700kB shmem:1030212kB slab_reclaimable:9704kB slab_unreclaimable:162636kB kernel_stack:1824kB pagetables:2800kB unstable:0kB bounce:0kB free_cma:0kB writeback_tmp:0kB pages_scanned:59580 all_unreclaimable? yes
lowmem_reserve[]: 0 0 0
DMA32: 415*4kB (UE) 0*8kB 1*16kB (R) 0*32kB 1*64kB (R) 1*128kB (R) 1*256kB (R) 1*512kB (R) 1*1024kB (R) 1*2048kB (R) 0*4096kB 0*8192kB 0*16384kB 0*32768kB = 5708kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
267316 total pagecache pages
0 pages in swap cache
Swap cache stats: add 0, delete 0, find 0/0
Free swap = 0kB
Total swap = 0kB
521216 pages RAM
11070 pages reserved
25362 pages shared
496223 pages non-shared
[ pid ] uid tgid total_vm rss nr_ptes swapents oom_score_adj name
[ 530] 0 530 487 69 4 0 0 rngd
[ 581] 0 581 490 121 5 0 0 netplugd
[ 590] 0 590 675 81 4 0 0 atd
[ 597] 0 597 742 232 5 0 0 cron
[ 599] 0 599 1123 303 5 0 0 ubnt-infctld
[ 606] 0 606 690 78 4 0 0 ubnt-daemon
[ 607] 0 607 4581 646 8 0 0 ubnt-cfgd
[ 618] 0 618 1793 894 6 0 0 imi
[ 622] 0 622 36654 1930 26 0 0 ubnt-util
[ 630] 0 630 1826 828 5 0 0 nsm
[ 638] 0 638 36671 35794 74 0 0 ribd
[ 668] 0 668 4581 410 8 0 0 ubnt-cfgd
[ 798] 0 798 1459 500 5 0 0 ripd
[ 802] 0 802 1427 408 5 0 0 ripngd
[ 805] 0 805 1765 795 6 0 0 ospfd
[ 809] 0 809 1677 558 5 0 0 ospf6d
[ 813] 0 813 99863 98964 197 0 0 bgpd
[ 963] 0 963 1589 725 6 0 0 ldpd
[ 1399] 0 1399 4581 412 8 0 0 ubnt-cfgd
[ 1738] 0 1738 2007 247 7 0 -1000 sshd
[ 1926] 0 1926 564 117 4 0 0 telnetd
[ 1930] 33 1930 5499 4523 12 0 0 lighttpd
[ 1932] 33 1932 9486 3085 15 0 0 php-cgi
[ 1967] 33 1967 9615 1645 16 0 0 php-cgi
[ 1968] 33 1968 9614 1673 16 0 0 php-cgi
[ 1969] 33 1969 9613 1656 16 0 0 php-cgi
[ 1970] 33 1970 9612 1718 16 0 0 php-cgi
[ 2098] 0 2098 748 187 4 0 0 starter
[ 2100] 0 2100 81881 45566 115 0 0 charon
[ 2233] 103 2233 3322 1232 9 0 0 snmpd
[ 2247] 0 2247 4581 486 8 0 0 ubnt-cfgd
[ 2294] 0 2294 634 195 4 0 0 getty
[ 8819] 102 8819 1704 535 7 0 0 ntpd
[28691] 0 28691 7390 413 7 0 0 rsyslogd
[25797] 0 25797 2937 800 8 0 0 sshd
[25799] 1000 25799 2937 417 7 0 0 sshd
[25800] 1000 25800 1062 555 5 0 0 vbash
[ 1959] 0 1959 2598 771 7 0 0 sshd
[ 1960] 109 1960 2343 341 6 0 0 sshd
[ 1961] 0 1961 2598 769 7 0 0 sshd
[ 1962] 109 1962 2343 341 6 0 0 sshd
[ 1964] 0 1964 1097 388 5 0 0 sudo
[ 1965] 0 1965 1423 769 5 0 0 vtysh.pl
[ 1966] 0 1966 749 290 4 0 0 sh
[ 1971] 0 1971 1764 906 5 0 0 imish
Out of memory: Kill process 813 (bgpd) score 164 or sacrifice child
Killed process 813 (bgpd) total-vm:399452kB, anon-rss:393320kB, file-rss:2536kB

 

 so long as the config is in sync, restarting the daemon shouldn't actually do anything wrong. It seems wrong to think that reconfiguring 'protocols bgp' is the only option, especially if you've got a complex setup. 

 

 

Re: restarting BGP

October 7, 2016, 10:29 pm
$
0
0

 actually I am wrong. The daemon comes back up but with no config. Fail....

Is there any way to 'replay' the config without removing/replacing or rebooting?

Re: EdgeRouter Pro - RAM Upgrade

October 7, 2016, 10:38 pm
$
0
0

Same problem here! Are there different hardware revisions of the ER8 Pro's? 

Someone else already reported success with these ones. 

Re: Port Forward to a Domain Name

October 7, 2016, 11:05 pm
$
0
0

UBNT-stig is right about being computationally expensive for such feature to exist in Netfilter - Linux's firewall and NAT.

 

An alternative solution is to make use of ipset with an address-set. Use the address-set in the NAT rule instead of domain name. Have an independent script or otherwise check the domain name and update the address-set when the IP changes.

 

 Take a look at this thread where we discussed a few days ago. The problem/solution fits well imho to your situation.

 

 

Re: Dual-WAN router with the following:

October 7, 2016, 11:13 pm
$
0
0

There is a company making rack mount kits for the ErgeMax Lite, ISP Supplies is selling it:

http://www.ispsupplies.com/brands/wg-AM3G18-120-K/KAM-Fab-UB-RM1.html

 

So you could rackmount the ERLite as well.

 

The rack mount adapter I bought is a slightly different version that lets you mount two ERLite side by side in a 2U space in your rack:

http://www.ispsupplies.com/brands/wg-AM3G18-120-K/KAM-Fabrication-TS-8-PRO-Rackmount.html

 

I find it very convenient to have a backup unit mounted and ready to take over (move wires and install latest config) should the main unit fail for whatever reason.

 

Oh and just for the record, I'm in no way affiliated with ISPSupplies other than that I bought a rackmount unit from them.

Re: restarting BGP

October 7, 2016, 11:27 pm
$
0
0
bbabich wrote:

@dragon2611 actually I am wrong. The daemon comes back up but with no config. Fail....

Is there any way to 'replay' the config without removing/replacing or rebooting?

configure
save
delete protocol bgp
commit
load
commit
save

That might do the job, but if bgpd has crashed, you might as well reboot the whole router anyway...

 

I'd be addressing why you're running out of ram though, how many routes do you have loaded? You may be able to upgrade the RAM as some othre members of the forum have done if you're on an ER8/ER8Pro/EP-R8 (if not, upgrade to an ER8/ER8Pro/EP-R8 first, 2gb of ram is great vs the 512mb or 256mb in the other models)

Re: Edgerouter Pro / Carrier SFP+ When is it out?

October 7, 2016, 11:35 pm
$
0
0

Hi.

 

O Yes it is, Ubiquiti are working on a new modell, and it´s that launch date i´m fishing for!

Search

Re: Routing locally originated traffic after failover in 1.9.0

October 8, 2016, 12:58 am
$
0
0

Ok, I researched some more. There is a confusing array of behavior for different protocols when lb-local is set to enable or disable, so I made a table of what I found. In the table, eth3 and eth4 are my WAN interfaces, and have equal weight in the routing tables. eth4 is the primary WAN interface, and eth3 the secondary, failover-only interface. Anything in red is, it seems to me, behaving in an unexpected way, whereas anything in black is behaving correctly, even if it may be for the wrong reason.

 

Command/Protocolinterface/s used with lb-local enableinterface/s used with lb-local disable
/bin/ping [host]eth3/eth4 randomlyeth3/eth4 randomly
/bin/ping -I eth3 [host]eth3eth3
/bin/ping -I eth4 [host]eth4eth4
DNS from forwarding service, /usr/sbin/dnsmasq (UDP 53)eth3/eth4 randomlyeth3/eth4 randomly
NTP from /usr/sbin/ntpd (UDP 123)eth4eth3/eth4 randomly
curl [url]eth4eth3/eth4 randomly
curl --interface eth3 [url] OR
curl --interface 10.131.253.2 [url] (*)		eth4eth3/eth4 randomly

curl --interface eth4 [url] OR

curl --interface 10.131.254.2 [url] (*)

eth4 (**)eth3/eth4 randomly

 

* IP used is IP of the corresponding interface

 

** curl --interface eth4 is probably behaving correctly for the wrong reason in this case. Even though eth4 is specified, the traffic is probably going out eth4 because lb-local is enabled, not because the interface was specified.

 

Re: ATT IPv6 6rd with Pace 5268AC and ER X: Help needed for 6rd IPv6 setup

October 8, 2016, 1:50 am
$
0
0

I'm not sure - but may be you have to set

 

set firewall options mss-clamp6 interface-type tun
set firewall options mss-clamp6 mss 1412

I had to do this on an pppoe connection.

IPv6, dhcpv6-pd and VLANs

October 8, 2016, 2:09 am
$
0
0

Hi all

 

I have a problem with IPv6 on a VLAN interface. Hopefully anyone can help me out here...

My setup in short:

- WAN: eth5.11 (pppoe 0)

- LAN: eth0

- LAN Wifi_Guest: eth0.201

 

All IPv6 config is working fine for clients on LAN (native VLAN). The clients on VLAN201 Wifi_Guest only receive an IPv4 address but no IPv6...

 

Here is my config:

 

ubnt@router# show interfaces
 ethernet eth0 {
     address 192.168.123.1/24
     description "Internal LAN"
     duplex auto
     speed auto
     vif 201 {
         address 192.168.201.1/24
         description "WiFi Guest"
     }
 }
 ethernet eth5 {
     duplex auto
     speed auto
     vif 11 {
         address dhcp
         description "to Provider"
         pppoe 0 {
             default-route auto
             dhcpv6-pd {
                 pd 0 {
                     interface eth0 {
                         host-address ::1
                         prefix-id :0
                         service slaac
                     }
                     interface eth0.201 {
                         host-address ::1
                         prefix-id :1
                         service slaac
                     }
                     prefix-length /48
                 }
                 prefix-only
                 rapid-commit enable
             }
             ipv6 {
                 dup-addr-detect-transmits 1
                 enable {
                 }
             }
             mtu 1492
             name-server auto
             password PASSWORD
             user-id USERNAME
         }
     }
 }
ubnt@router# run show ipv6 route
IPv6 Routing Table
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
       IA - OSPF inter area, E1 - OSPF external type 1,
       E2 - OSPF external type 2, N1 - OSPF NSSA external type 1,
       N2 - OSPF NSSA external type 2, B - BGP
Timers: Uptime
IP Route Table for VRF "default"
K      ::/0 [0/1024] via fe80::dab1:90ff:fe1e:c700, pppoe0, 00:44:22
C      ::1/128 via ::, lo, 00:49:14
C      2001:XXXX:YYYY::/64 via ::, eth0, 00:44:34
C      2001:XXXX:YYYY:1::/64 via ::, eth0.201, 00:44:34
C      fe80::/10 via ::, pppoe0, 00:45:42
C      fe80::/64 via ::, eth5.11, 00:46:07

If you need more information - let me know.

 

Any help would be greatly appreciated!

Re: [ERL-3 1.9.0] No DHCP leases since switching to DNSMasq

October 8, 2016, 2:27 am
$
0
0

I had done that. Seems like something in Ungoogled Chromium is the problem. Worked with Firefox, sorry for troubling you guys!

Modified script for showing dnsmasq's DHCP leases

October 8, 2016, 3:18 am
$
0
0

Unfortunately 

 

Viewing all 60861 articles
Browse latest View live
Search