New Idea

Ethertype 0x8848 and 0x8847 (mpls/multcast mpls) offload support

Submitted by - a month ago
Status: New Idea

 

Simple: use the existing label api in vyos to drive creation & expiry of "flat" mpls label flow-match + actions to fully support label functions via accelerated processing/forwarding instructions in octeon/mediatek/etc. 

Base support should should include label imposition, label swap, and label pop. Maximum lables that can be interacted with should scale to the capability (eg. label stack depth and its interactions) of safe, atomic operations in each architecture up to the maximum architectural packet size/dma buffer size. Go big, or go home. 

An ABSOLUTELY brilliant thread for more info:

 https://community.ubnt.com/t5/EdgeRouter/IT-IS-NEARLY-2019-OFFLOAD-SUPPORT-FOR-MPLS-ALREADY-DARNIT/m-p/2606639#M233175

 -Tk

NetFlow IPv6 Support

Submitted by -
Status: New Idea

Hi,

 

 

Can you please implement a newer version of pmacctd that already supports IPv6 Flow Export?


Thanks a lot!

Request - EdgeMAX UniFi API

Submitted by -
Status: New Idea

Connected to the request in: https://community.ubnt.com/t5/UniFi-Feature-Requests/Request-Edgemax-live-statistics/idi-p/2537826

 

The idea is an API for UniFi to collect statistics from the EdgeMAX products and displaying them on the UniFi controller without configuration support as I understand that is and will not be an option.

 

The idea is to make Unifi a better source of information on all devices and make it all more unified.

Add support for wireguard and babeld

Submitted by -
Status: New Idea

Please add support for Wireguard and Babeld in EdgeOS.  Both of these, even at the early stages of their development, are far better than the existing alternatives.  They both already work on EdgeOS, and Wireguard already has vyatta support. 

EdgeRouter with IPS/IDS similar to USG

Submitted by -
Status: New Idea

Would be good if the ER series would have IPS/IDS(One Click Option), may not have many rules as the one in USG. 

Allow Cut And Paste in CLI

Submitted by -
Status: New Idea

It would be very handy to be able to cut in paste in the CLI.

Upgrade Linux kernel to at least 4.4

Submitted by -
Status: New Idea

There are a number of requests that depend on having firmware based on a newer Linux kernel. The 3.10 series kernel is already EOL as of Nov. 5, 2017 (a couple of weeks prior to this posting) and not recommended for use by its maintainer, even if it were upgraded to the latest 3.10.108 instead of the current 3.10.14:

 

https://lkml.org/lkml/2017/11/4/178

 

As I understand it, there are challenges to upgrading the EdgeOS kernel due to dependencies on the Cavium and MediaTek SDKs, as well as UnionFS support not being in newer kernels. It should be possible to overcome each of these things with some effort and investment, and it's a requirement for keeping the EdgeOS platform relevant.

 

This request originally came about because of an effort to include the Cake shaper, which would bring a real improvement for control of latency under load as compared to the currently shipped fq_codel. Cake has been compiled for EdgeOS, but is very difficult to keep backported to the 3.10 series:

 

https://community.ubnt.com/t5/EdgeMAX-Feature-Requests/Cake-shaper-support/idi-p/1885749

 

However, a newer kernel is also necessary to maintain a secure, stable and performant platform in general. The 4.4 kernel series has a projected long-term EOL of Feb, 2022, and thus might be a good minimum version to target.

DHCPv6 hostfile-update

Submitted by - 3 weeks ago
Status: New Idea

Nowdays DHCPv6 becomes more popular. Especially if we have a setup of Stateful DHCPv6. 

 

I would like to have also internal network name resolution. OR the ability to use ddns updates for dhcp leases. this way I could update my DNS servers and use the full capabilities of IPv6 in my network.

 

 

 

MP-BGP Support

Submitted by -
Status: New Idea

Hi,

 

can you please implement MP-BGP suppport? It is aleady implemented in BIRD 2.0.2 and FRR BGP daemon. Is it already planed to implement it in the EdgeOS BGP daemon?

 

 

More information about MP-BGP you can find here:

https://en.wikipedia.org/wiki/Multiprotocol_BGP

https://tools.ietf.org/html/rfc4760

 

Thanks!

 

Joey

Integrate dnscrypt into local resolver

Submitted by -
Status: New Idea

Basically looking to have this functionality be available from the GUI:

 

https://techsmix.net/dnscrypt-on-the-edgerouter-lite/

 

I'd like to be able to have the following:

- Clients on LAN (including multiple VLANs) use the EdgeRouter for DNS

- EdgeRouter registers DHCP and other static entries in local DNS database (for split DNS)

- All other queries that would go to an external resolver instead go through DNSCrypt, which has its own config for what resolver(s) it will use

IPv6 subdelegation

Submitted by -
Status: New Idea
get an prefixdelegation from an upstream provider (f.e. ISP) and delegate parts of it (f.e. multiple /60 from a /56 or /48) to other routers. like asked here: https://community.ubnt.com/t5/EdgeRouter/IPv6-56-assigned-by-dhcpv6-pd-to-Main-network-router-and-sub/td-p/1174595 and here https://community.ubnt.com/t5/EdgeRouter/IPv6-dhcp-pd-shorter-prefix-than-64/m-p/2420214

Send DPI statistics to UniFi controller.

Submitted by -
Status: New Idea

Please allow for DPI data to be sent to the UniFi controller. I do not need to be able to make any changes from UniFi. I would just like to populate DPI statistics.

SSL certs from https://letsencrypt.org

Submitted by -
Status: New Idea

I really would liek to see the end of Self-signed certs and implemnetion of https://letsencrypt.org for EdgeOS.

This would be great move in right direction for out of the box SSL.

 

Ability to disable port forwards, rather then delete them

Submitted by -
Status: New Idea

It would be useful to have the ability to have port forward that is configured, but disabled, so when needed it can be quickly enabled from the UI. No doubt there are other places where the ability to store but disable configuration would be handy.

Disabling a port on an EdgeRouter should bring the ethernet carrier down.

Submitted by -
Status: New Idea

Currently on all EdgeRouters, disabling a port, leaves the ethernet carrier up and the lights continue to blink.

In the case of EdgeRouters with switch chips, data continues to pass through the switch on disabled ports assigned to a switch.  On routed ports (not on a switch), the routing is stopped, but ethernet hardware kept up on both ethernet and SFP ports. 

 

 

The desired behavior is to drop the hardware ethernet carrier state when a port is disabled.  This allows quick ospf triggering of port down state and is common sense behavior when someone plugs a cable into a disabled port.

 

 

 

For those with alpha forum access, see also here:

 

 

https://community.ubnt.com/t5/EdgeMAX-Alpha-NDA/Should-disabling-an-interface-drop-the-ethernet-connection/m-p/2130148#M5922

Visio Stencils

Submitted by -
Status: New Idea

The new Visio stencils that are provided by UBNT are not good.  The community made stencils are much better.  Please update the Visio stencils with real and accurate representation of the UBNT products.

Simply to Use Block/Black List for Emerging Threats using Multiple Sources (e.g. Spamhaus)

Submitted by -
Status: New Idea

I believe there are various threads in the EdgeMax forum discussing and making available various scripts to auto-populate and compile list of networks and addresses from various reliable sources such as SpamHaus to block.

 

https://community.ubnt.com/t5/EdgeMAX/Using-spamhaus-lists/td-p/578909

https://community.ubnt.com/t5/EdgeMAX/Emerging-Threats-Blacklist/td-p/645375

 

Is it possible for UBNT to consider making this a feature available to all users who may not be skilled enough to do so manually?

VXLAN Support in EdgeOS

Submitted by -
Status: New Idea

I don't see a feature request for VXLAN on Edge, just UniFi, so here it is.

Update to OpenVPN 2.4.x on Edgerouter

Submitted by -
Status: Accepted

Please update the OpenVPN version as the current server only supports TLS 1.0)

 

Thanks

L2TP over IPSec client implementation

Submitted by -
Status: New Idea

Dear all,

 

I would like to see the feature implemented of having an L2TP over IPSec client running on the EdgeRouter. We have serval instances where we need this for client implementation where native IPSec to IPSec is due to technical restriction on the remote end is not an option. My thoughts to the features would be:

- ideally configurable via GUI

- define specific remote networks for routing (or have them advertised by head-end)

- status shown in vpn section

 

I have also seen some others asking for such a solution in the forums, so I am hoping for some support for this implementation request.

 

Kind regards,

 

Edge2Unifi