it would be nice, if it is possible to use VTI with dynamic IP addresses.
I've multiple customers with dynamic IP internet access and want to migrate them from MikroTik to EdgeRouter.
it would be nice to produce a swtich with 2 port of sfp+ can power the AP's ( PoE )
with this 3 verions :
1- PoE 8gb ports + 2 ports SFP+
2- PoE 16gb ports + 2 ports SFP+
3- PoE 24gb ports + 2 ports SFP+
because i cant buy ES-48-750W to power my WISP i dont need 48 port i just need 8 ports
thank u in advance
Basically looking to have this functionality be available from the GUI:
I'd like to be able to have the following:
- Clients on LAN (including multiple VLANs) use the EdgeRouter for DNS
- EdgeRouter registers DHCP and other static entries in local DNS database (for split DNS)
- All other queries that would go to an external resolver instead go through DNSCrypt, which has its own config for what resolver(s) it will use
There are a number of requests that depend on having firmware based on a newer Linux kernel. The 3.10 series kernel is already EOL as of Nov. 5, 2017 (a couple of weeks prior to this posting) and not recommended for use by its maintainer, even if it were upgraded to the latest 3.10.108 instead of the current 3.10.14:
As I understand it, there are challenges to upgrading the EdgeOS kernel due to dependencies on the Cavium and MediaTek SDKs, as well as UnionFS support not being in newer kernels. It should be possible to overcome each of these things with some effort and investment, and it's a requirement for keeping the EdgeOS platform relevant.
This request originally came about because of an effort to include the Cake shaper, which would bring a real improvement for control of latency under load as compared to the currently shipped fq_codel. Cake has been compiled for EdgeOS, but is very difficult to keep backported to the 3.10 series:
However, a newer kernel is also necessary to maintain a secure, stable and performant platform in general. The 4.4 kernel series has a projected long-term EOL of Feb, 2022, and thus might be a good minimum version to target.
I use load balancing feature with edgerouter for a lot of customers.
Sometimes I noticed short and temporary interruptions when using ping to "ping.ubnt.com", not necessarily related to lack of internet connection (other web hosts ping at same time are working). This event can cause an unnecessary switch to backup line, and I want to avoid it. I cannot push too much to "number of ping before failover" because the system may become too slow in the failover switching.
So I want to submit this idea to place in the failover configuration multiple ping host, configured in "AND", that will switch the balancer to backup only when 2 or more hosts are missing the ping response.
Otherwise I know this can be done also with a custom script. Can you publish an "official and tested" script to do this thing?
Would it be possible to change the firewall rule delete confirmation to include the rule description along with the number? For those of us with hundreds or thousand of rules to manage it would make things a little easier to have one last piece of confirmation that we're deleting the proper rule besides just the number. I think it would help new users too.
Also a similar warning/confirmation on the DNAT and SNAT rules would really help.
Currently on all EdgeRouters, disabling a port, leaves the ethernet carrier up and the lights continue to blink.
In the case of EdgeRouters with switch chips, data continues to pass through the switch on disabled ports assigned to a switch. On routed ports (not on a switch), the routing is stopped, but ethernet hardware kept up on both ethernet and SFP ports.
The desired behavior is to drop the hardware ethernet carrier state when a port is disabled. This allows quick ospf triggering of port down state and is common sense behavior when someone plugs a cable into a disabled port.
For those with alpha forum access, see also here:
we currently run vyos as a vm in our infrusturcture. (in a commercial setting) while vyos is a great router os, lack of commercial support or fulltime development means it lacks a steady relase cycle.
before vyos, we used vyatta with much success. unfortunately brocade saw things differently, and sought to overprice vrouter and effectivly end all suport for the community edition. With the commercial edition restricively expensive we moved to vyos.
if Ubnt were willing to release a commercial edition of edgeos AS A VM with either a licenseing option or by purchasing a hardware router with the ability to 'migrate' the serial number to a vm etc. we would be the first to purchase it.
i know this has been asked before, however knowing that ubnt has hired a few of the previous dev team at vyatta, i feel this would be a nice homage to their roots of the USG, Edgerouter, and edgeswitch lines.
EDIT: If ubnt would like to support the large enterprise and carriers a VM is a must. alot of these types of infrustructures already have a full Hypervisor cluster in place which has much higher levels of redundancy than a single hardware appliance can provide.
many of the top network vendors have this already, from Cisco, to Fortinet, to Juniper. if UBNT wants to gain market share against those brands this would be a fairly easy way to do so with very litle R&D cost, as compared to a hardware device.
I believe there are various threads in the EdgeMax forum discussing and making available various scripts to auto-populate and compile list of networks and addresses from various reliable sources such as SpamHaus to block.
Is it possible for UBNT to consider making this a feature available to all users who may not be skilled enough to do so manually?
For MSP (Managed Service Providers) I'd love to see option for customizing factory default config.
Currently after factory reset /root.dev/config.boot.default config shipped with the firmware is applied. Unfortunately, some customers love to push buttons and reset devices to factory defaults when they encounter any problem. Having a customized factory config would restore router to MSP pre-sets and bing it back to life.
One quite easy solution is to let the MSP create /root.dev/config.boot.default and during factory reset router will check if it exists and apply it instead of /opt/vyatta/etc/config.boot.default (as a fail-safe there can be a counter that this can be done only twice and then /opt/vyatta/etc/config.boot.default will be applied on third try).
I have been using Edge Routers for long time. I am providing solutions that rely on Edge routers for wide range of clients. But for large scale projects, I found it difficult to buy many routers to test some features or solutions so I always go to VYOS as alternative which is good to some extent. But sometimes I really need to test with GUI. So, I think it would be very helpful to make EdgeOS virtual appliance, that will help us a lot and also will help Ubuquiti to knock the door of Enterprises as well.
It seems the Qualcomm Fast Path module improves the performance a lot.
It will be great if this can be added into EdgeOS.
I would like to see the feature implemented of having an L2TP over IPSec client running on the EdgeRouter. We have serval instances where we need this for client implementation where native IPSec to IPSec is due to technical restriction on the remote end is not an option. My thoughts to the features would be:
- ideally configurable via GUI
- define specific remote networks for routing (or have them advertised by head-end)
- status shown in vpn section
I have also seen some others asking for such a solution in the forums, so I am hoping for some support for this implementation request.
- UBNT-benpin on: edgerouter load balancing with multiple ping ip
- waterside on: VPN IPsec Xauth PSK for roadwarrior (Cisco VPN Style)
- evilcode1 on: ubnt switch POE + SFP+
- waterside on: flow accounting intergrate nprobe
- Brontide on: Setup Wizards - Disable UBNT-Discovery on WAN
- UBNT-benpin on: ipsec client for 3rd party VPN providers
- UBNT-benpin on: DDM information from the SFP
- UBNT-benpin on: gponctl cmd for er-x-sfp
- waterside on: ITU-T G.984.3 for er-x-sfp
- primexx on: Better User Password Handling on EdgeOS
- QinQ support
- EdgeRouter with 2 x SFP+
- Request: EdgeRouter Dual WAN port forwarding
- IPsec VTI with dynamic IP address
- Support Dnsmasq Static Option so Reservations Outside of Dyn Pools Don't Gen Numerous Warnings
- edgerouter load balancing with multiple ping ip
- Session Based Load Balancing for EdgeRouters (EdgeMax)
- Load balancing: Saturating primary WAN before offloading traffic to secondary WAN
- VPN IPsec Xauth PSK for roadwarrior (Cisco VPN Style)
- DNS for router itself