Upcoming Maintenance Alert:

The UBNT Community will be upgraded at 5pm MDT on April 25th. During this time the community forums will be set to read-only status.

Learn more

×
New Idea

Add Qualcomm Fast Path support

Submitted by -
Status: Accepted

It seems the Qualcomm Fast Path module improves the performance a lot.

 

It will be great if this can be added into EdgeOS.

 

See also:

https://forum.lede-project.org/t/qualcomm-fast-path-for-lede/4582

Update to OpenVPN 2.4.0 on Edgerouter

Submitted by -
Status: Accepted

Please update the OpenVPN version as the current server only supports TLS 1.0)

 

Thanks

Edgerouter Centralized Management Console

Submitted by -
Status: Accepted

It would be nice to see something like AirControl or UniFi for managing / viewing multiple edge routers (centralized configuration backups, mass firmware updates, etc). Anything like this in the works? Maybe call it EdgeControl and mimic the functionality of AirControl?

Please publish SNMP MIBs

Submitted by -
Status: Accepted

EdgeSwitches currently support/use several standard MIBs, however there are some OIDs that are unique/proprietary to EdgeSwitches and are not defined elsewhere.

 

Observium and others apparently have obtained a set of EdgeSwitch MIBs, included as part of their (3rd-party) monitoring solution distributions but not otherwise available from UBNT directly.  The last count has almost 40 separate MIB files for EdgeSwitches.

 

There are now a pair of UniFi MIBs available and referenced in the release notes for current releases, but there do not seem to be any other MIBs available.

 

It seems most are searching for and using these 3rd-party references, but ideally UBNT should be providing these directly.  Perhaps another section on the product download pages for 'SNMP MIBS" in addition to the existing "Firmware" and "Documentation" sections could be added with this content?

 

Upgrade to strongswan 5.5.x

Submitted by -
Status: Accepted

Upgrade to strongswan 5.5.x, because version 5.2.2 in release 1.8.0 broke some setups due to bug:

 

https://wiki.strongswan.org/issues/431

 

This is only fixed in 5.5.x;  and the workarounds are inconvenient.

Support SFP+ on EdgeMax

Submitted by -
Status: Accepted

Hi,

 

 

can you please add SFP+ support to your ever growing list of wanted features? This to support 10Gbps.

 

Thanks,

RS

Firmware Update

Submitted by -
Status: Accepted

A button to check for new firmware, instead of having to check back here for a new version. Even better how about an option for an Autoupdate.

Disable autonegotiation option for gigabit fiber

Submitted by -
Status: Accepted

 

Could there be a "1000m/full duplex" option?

 

When connecting to AT&T they ask that it not be on Auto, but a fixed speed

Policy Based Routing (PBR) for IPv6

Submitted by -
Status: Accepted

Currently PBR isn't supported for IPv, but this seems trivial to add and would allow usage of multiple IPv6 interfaces/subnets on different networks (for example a guest network, etc).

 

See the thread at http://community.ubnt.com/t5/EdgeMAX/PBR-for-IPv6/m-p/627015 for details and even patch sets from VyOS.

Upgrade iperf3

Submitted by -
Status: Accepted

Looks like ipref3 has not been updated in a awhile. Can we get this updated to the latest build?

 

Here is there release notes.

 

2016-06-08: Security Issue: iperf-3.1.3, iperf-3.0.12 released

SHA256: 60d8db69b1d74a64d78566c2317c373a85fef691b8d277737ee5d29f448595bf  iperf-3.1.3.tar.gz
SHA256: 9393d646e4e616f0cd7864bc8ceacc379f5d36b08003a3d8d65cd7c99d15daec  iperf-3.0.12.tar.gz

These releases address a security issue that could cause a crash of an iperf3 process (it could theoretically lead to a remote code execution). Although the risk for common use cases is believed to be low, all users are encouraged to update to these versions or newer as soon as possible. More information on the security vulnerability can be found in the following ESnet Software Security Advisory:

https://raw.githubusercontent.com/esnet/security/master/cve-2016-4303/esnet-secadv-2016-0001.txt.asc

iperf-3.1.3 also includes support for fair-queueing, per-socket based pacing of tests on platforms that support it (currently recent Linux distributions), as well as several other fixes.

 

@UBNT-stig

Serve updates securely

Submitted by -
Status: Accepted

Currently updates are served over HTTP in the clear and just have md5s in the tarball. This means that anyone who can MITM the download while I'm updating my router can root it Man Sad


There are a few things that can be done to make this more secure:

  1. Serve updates over HTTPS.
  2. Add OpenPGP signatures that are verified by default by the router before installing the image (with an option to disable for custom firmware images).

Upgrade MTR base Version

Submitted by -
Status: Accepted

MTR is lacking in support for the -z option and is behind a few versions, i would like to see this upgaded and be included in the 1.9.1 Ax branch or the 1.9.1 Bx branch

 

https://packages.debian.org/stretch/mtr

 

Current EdgeOs Branch

                                                                               My traceroute  [v0.82]

Command:

  ?|h     help

  d       switching display mode

  e       toggle MPLS information on/off

  n       toggle DNS on/off

  o str   set the columns to display, default str='LRS N BAWV'

  j       toggle latency(LS NABWV)/jitter(DR AGJMXI) stats

  c <n>   report cycle n, default n=infinite

  i <n>   set the ping interval to n seconds, default n=1

  f <n>   set the initial time-to-live(ttl), default n=1

  m <n>   set the max time-to-live, default n= # of hops

  s <n>   set the packet size to n or random(n<0)

  b <c>   set ping bit pattern to c(0..255) or random(c<0)

  Q <t>   set ping packet's TOS 

 

 

 

And this is from my mac

 

                                                            My traceroute  [v0.87]

Command:

  ?|h     help

  p       pause (SPACE to resume)

  d       switching display mode

  e       toggle MPLS information on/off

  n       toggle DNS on/off

  r       reset all counters

  o str   set the columns to display, default str='LRS N BAWV'

  j       toggle latency(LS NABWV)/jitter(DR AGJMXI) stats

  c <n>   report cycle n, default n=infinite

  i <n>   set the ping interval to n seconds, default n=1

  f <n>   set the initial time-to-live(ttl), default n=1

  m <n>   set the max time-to-live, default n= # of hops

  s <n>   set the packet size to n or random(n<0)

  b <c>   set ping bit pattern to c(0..255) or random(c<0)

  Q <t>   set ping packet's TOS to t

  u       switch between ICMP ECHO and UDP datagrams

  y       switching IP info

  z       toggle ASN info on/off

 

press any key to go back...

Update pppd version / RFC 4638 support

Submitted by -
Status: Accepted

Make it work on all environments not only on some environments.