New Idea

Integrate dnscrypt into local resolver

Submitted by -
Status: New Idea

Basically looking to have this functionality be available from the GUI:

 

https://techsmix.net/dnscrypt-on-the-edgerouter-lite/

 

I'd like to be able to have the following:

- Clients on LAN (including multiple VLANs) use the EdgeRouter for DNS

- EdgeRouter registers DHCP and other static entries in local DNS database (for split DNS)

- All other queries that would go to an external resolver instead go through DNSCrypt, which has its own config for what resolver(s) it will use

Add Nano Text Editor to Distribution

Submitted by - 4 weeks ago
Status: New Idea

For those of us not comfortable with vi, would you please add the Nano CLI text editor to the OS? It works similarly to Notepad, which will please all us Windows bods...

Visio Stencils

Submitted by -
Status: New Idea

The new Visio stencils that are provided by UBNT are not good.  The community made stencils are much better.  Please update the Visio stencils with real and accurate representation of the UBNT products.

Upgrade Linux kernel to at least 4.4

Submitted by -
Status: New Idea

There are a number of requests that depend on having firmware based on a newer Linux kernel. The 3.10 series kernel is already EOL as of Nov. 5, 2017 (a couple of weeks prior to this posting) and not recommended for use by its maintainer, even if it were upgraded to the latest 3.10.108 instead of the current 3.10.14:

 

https://lkml.org/lkml/2017/11/4/178

 

As I understand it, there are challenges to upgrading the EdgeOS kernel due to dependencies on the Cavium and MediaTek SDKs, as well as UnionFS support not being in newer kernels. It should be possible to overcome each of these things with some effort and investment, and it's a requirement for keeping the EdgeOS platform relevant.

 

This request originally came about because of an effort to include the Cake shaper, which would bring a real improvement for control of latency under load as compared to the currently shipped fq_codel. Cake has been compiled for EdgeOS, but is very difficult to keep backported to the 3.10 series:

 

https://community.ubnt.com/t5/EdgeMAX-Feature-Requests/Cake-shaper-support/idi-p/1885749

 

However, a newer kernel is also necessary to maintain a secure, stable and performant platform in general. The 4.4 kernel series has a projected long-term EOL of Feb, 2022, and thus might be a good minimum version to target.

Firewall Rule Delete Display Change

Submitted by -
Status: New Idea

Would it be possible to change the firewall rule delete confirmation to include the rule description along with the number?  For those of us with hundreds or thousand of rules to manage it would make things a little easier to  have one last piece of confirmation that we're deleting the proper rule besides just the number.  I think it would help new users too.

 

Also a similar warning/confirmation on the DNAT and SNAT rules would really help.

pppoe-server chap authentication and multiple service names

Submitted by -
Status: New Idea

as per the topic 

 

the pppoe server can handle chap authentication which some cpe devices require but at current this requires patching the PPPoEServerConfig.pm to change the $str .= "refuse-chap\n";  to be $str .= "require-chap\n";

 

the pppoe-server rp-pppoe can support multiple service names

but more important is that by default the pppoe-server ignores requests if they are to a service-name that the server is not setup to use

 

some times clients setup the service name on cpe kit causing the clients requests to be ignored by the pppoe server on the edgerouter

 

on a cisco running a pppoe-server it would accept the client even with the unknown service name 

 

ellis 

QinQ VLANs - IEEE 802.1ad

Submitted by -

Requesting the addition of QinQing per IEEE 802.1ad to the edgeswitch line. This is a crucial feature for service providers and would be very helpful with GPON deployments. 

Customized factory default config

Submitted by -

For MSP (Managed Service Providers) I'd love to see option for customizing factory default config.

Currently after factory reset /root.dev/config.boot.default config shipped with the firmware is applied. Unfortunately, some customers love to push buttons and reset devices to factory defaults when they encounter any problem. Having a customized factory config would restore router to MSP pre-sets and bing it back to life.

 

One quite easy solution is to let the MSP create  /root.dev/config.boot.default and during factory reset router will check if it exists and apply it instead of /opt/vyatta/etc/config.boot.default (as a fail-safe there can be a counter that this can be done only twice and then /opt/vyatta/etc/config.boot.default will be applied on third try).

Firewall: Anti-Lockout Rule

Submitted by -
Status: New Idea

After a very late night yesterday, caused by me inadvertantly deleting the allow rule which was permitting traffic from the LAN to pass to the WAN, please could we implement an anti-lockout rule for all things management. Maybe let it apply, but have a 5 minute timer whereby if it hasn't been confirmed, it undoes the last change.

 

I ended up having to drive out to our CoLo and pay an out-of-hours fee in order to get it all back online. 90 minutes driving, 30 minutes configurating. 

 

Yes, my fault, but routers like Mikrotik have rules like this, so I don't think I'm asking for a lot Man Wink

 

Cheers! Thumbsup

EdgeOS VM appliance

Submitted by -
Status: Duplicate

I have been using Edge Routers for long time. I am providing solutions that rely on Edge routers  for wide range of clients. But for large scale projects, I found it difficult to buy many routers to test some features or solutions so I always go to VYOS as alternative which is good to some extent. But sometimes I really need to test with GUI. So, I think it would be very helpful to make EdgeOS virtual appliance, that will help us a lot and also will help Ubuquiti to knock the door of Enterprises as well.

B.A.T.M.A.N support in EdgeOS

Submitted by -
Status: New Idea

B.A.T.M.A.N. advanced (often referenced as batman-adv) is an implementation of the B.A.T.M.A.N. routing protocol in form of a linux kernel module operating on layer 2.

 

Would it be possible to add this in EdgeOS?

 

Or what is the reason why this routing protocol is removed from kernel destined for a router?

The general kernel version (same version number as on edgerouters) basically has support for batman-adv.

 

user@router:~$ show version | grep Version
Version:      v1.10.1
user@router:~$ uname -a
Linux router 3.10.107-UBNT #1 SMP Mon Mar 5 18:53:35 UTC 2018 mips GNU/Linux
user@router:~$ sudo modprobe batman-adv
FATAL: Module batman-adv not found.

 

Wiki: B.A.T.M.A.N. advanced

 

Kernel.org: Docs » Linux Networking Documentation » batman-adv

 

git.kernel.org: v3.10.107 index : kernel/git/stable/linux-stable.git

 

The need support AVB an fully support the IEEE 1722.1 - New applications based and streaming.

Submitted by -
Status: New Idea

 

I have been in dire need of compatibility with AVB protocol, many devices have full support for the IEEE 1722.1 standard.

This need is of utmost importance for the integration of audio / video systems, based on streaming. It is a commercial and technical strategy for the new applications.

I'm working on an implementation with EdgeRouter Infinity and 16 XG switch.

This does not support AVB, unlike other solutions like NETGEAR and etc.

Following is my request for implementation of IEEE 1722.1 support.

Thank you very much.

EdgeOS as a VM

Submitted by -
Status: New Idea

Hello,

 

we currently run vyos as a vm in our infrusturcture. (in a commercial setting) while vyos is a great router os, lack of commercial support or fulltime development means it lacks a steady relase cycle.

 

before vyos, we used vyatta with much success. unfortunately brocade saw things differently, and sought to overprice vrouter and effectivly end all suport for the community edition. With the commercial edition restricively expensive we moved to vyos.

 

if Ubnt were willing to release a commercial edition of edgeos AS A VM with either a licenseing option or by purchasing a hardware router with the ability to 'migrate' the serial number to a vm etc. we would be the first to purchase it.

 

i know this has been asked before, however knowing that ubnt has hired a few of the previous dev team at vyatta, i feel this would be a nice homage to their roots of the USG, Edgerouter, and edgeswitch lines. 

 

 

EDIT: If ubnt would like to support the large enterprise and carriers  a VM is a must. alot of these types of infrustructures already have a full Hypervisor cluster in place which has much higher levels of redundancy than a single hardware appliance can provide.

many of the top network vendors have this already, from Cisco, to Fortinet, to Juniper. if UBNT wants to gain market share against those brands this would be a fairly easy way to do so with very litle R&D cost, as compared to a hardware device.

Disabling a port on an EdgeRouter should bring the ethernet carrier down.

Submitted by -
Status: New Idea

Currently on all EdgeRouters, disabling a port, leaves the ethernet carrier up and the lights continue to blink.

In the case of EdgeRouters with switch chips, data continues to pass through the switch on disabled ports assigned to a switch.  On routed ports (not on a switch), the routing is stopped, but ethernet hardware kept up on both ethernet and SFP ports. 

 

 

The desired behavior is to drop the hardware ethernet carrier state when a port is disabled.  This allows quick ospf triggering of port down state and is common sense behavior when someone plugs a cable into a disabled port.

 

 

 

For those with alpha forum access, see also here:

 

 

https://community.ubnt.com/t5/EdgeMAX-Alpha-NDA/Should-disabling-an-interface-drop-the-ethernet-connection/m-p/2130148#M5922

Simply to Use Block/Black List for Emerging Threats using Multiple Sources (e.g. Spamhaus)

Submitted by -
Status: New Idea

I believe there are various threads in the EdgeMax forum discussing and making available various scripts to auto-populate and compile list of networks and addresses from various reliable sources such as SpamHaus to block.

 

https://community.ubnt.com/t5/EdgeMAX/Using-spamhaus-lists/td-p/578909

https://community.ubnt.com/t5/EdgeMAX/Emerging-Threats-Blacklist/td-p/645375

 

Is it possible for UBNT to consider making this a feature available to all users who may not be skilled enough to do so manually?

EdgeSwitch dot1x control-direction

Submitted by - 3 weeks ago

Hi all,

 

I would really like to have the feature to set the dot1x control-direction to in only, so I can use dot1x for some devices which go to sleep after a certain time of not using them (e.g Soundcraft UI16 audio mixer).

 

Best Regards

Micha

VXLAN Support in EdgeOS

Submitted by -
Status: New Idea

I don't see a feature request for VXLAN on Edge, just UniFi, so here it is.

Send DPI statistics to UniFi controller.

Submitted by -
Status: New Idea

Please allow for DPI data to be sent to the UniFi controller. I do not need to be able to make any changes from UniFi. I would just like to populate DPI statistics.

Add Qualcomm Fast Path support

Submitted by -
Status: Accepted

It seems the Qualcomm Fast Path module improves the performance a lot.

 

It will be great if this can be added into EdgeOS.

 

See also:

https://forum.lede-project.org/t/qualcomm-fast-path-for-lede/4582

Enable SNMP support in EdgeMax lldpd

Submitted by -
Status: New Idea

Hi,

 

As it stands today, SNMP support was not compiled in to EdgeMax's lldpd binary.   This prevents lldp neighbors from being enumerated via various NMS over SNMP, such as Observium or LibreNMS.   With operators frequently adding and removing customer equipment, an automatic add/removal system via lldp in a NMS is very helpful indeed.

 

From the research I've done, it's a matter of compiling lldpd with the "--with-snmp" flag, and making two, small one-liner changes to both snmpd.conf and the lldpd launch script "/opt/vyatta/sbin/vyatta-config-lldp.pl".    I've documented my experience and findings in this community forums post.

 

Seems like a simple change that would improve the management capabilities of countless operators.