Scheduled maintenance: Community will be offline Monday June 17th, 1:00 AM - 6:00 AM (PT)
New Member
Posts: 8
Registered: ‎12-13-2018
Kudos: 1
Solutions: 1

Re: EdgeMAX EdgeRouter software version v2.0.0 has been released!

On my ER4, I have two configurations and two system images.. When you switch back to the prior version, it switches back to the config at that time. Same thing if you switch back to the new version, the config flips back to the one you had at that time.
Established Member
Posts: 804
Registered: ‎01-29-2014
Kudos: 322
Solutions: 36

Re: EdgeMAX EdgeRouter software version v2.0.0 has been released!

[ Edited ]

@mrkygeek wrote:

Not sure if anyone else reported this error EdgeRouter PoE v2.0.0:

collectd[12092]: read-function of plugin `battery' failed. Will suspend it for 86400.000 seconds.
collectd[12092]: battery plugin: All available input methods failed.

 

EdgeRouter PoE has no battery backup as far as I know so not sure why this service keeps checking battery.

 


Collectd is not part of the default image. Did you happen to install freeradius? You need the --no-install-recommends switch.  

New Member
Posts: 35
Registered: ‎10-01-2015
Kudos: 1

Re: EdgeMAX EdgeRouter software version v2.0.0 has been released!

Thanks, that was it. I don’t run freeradius on Edgerouter anymore but left a script behind that installed some packages. Got it cleaned up and done see the errror anymore.
New Member
Posts: 18
Registered: ‎05-12-2013
Kudos: 1

Re: EdgeMAX EdgeRouter software version v2.0.0 has been released!

On edge routerpoe-5, pppoe don't estabilish connection on eth4 interface no errors in log. In betta.1 all work ok.

Problem appeared in betta2, exist in betta3, in release still not fixed.

Veteran Member
Posts: 8,262
Registered: ‎03-24-2016
Kudos: 2168
Solutions: 951

Re: EdgeMAX EdgeRouter software version v2.0.0 has been released!

@kpratte 

 

Post your config, as previous QoS snippet lacked stuff.

What output does "sudo tc monitor" generate in ssh session1 , while disabling/enabling shaper in session2?  On v2.0 and previous.

New Member
Posts: 4
Registered: ‎04-02-2015
Kudos: 1

Re: EdgeMAX EdgeRouter software version v2.0.0 has been released!

So... Should I upgrade my EdgeRouter Lite with PPPoE connection to my ISP or should I wait for the next release? I'm tempted to upgrade, but after reading this thread I'm not quite sure what to do. I have a really simple set up for home use only (more or less what the set up wizard did).

New Member
Posts: 28
Registered: ‎09-24-2016
Kudos: 10
Solutions: 1

Re: EdgeMAX EdgeRouter software version v2.0.0 has been released!

[ Edited ]

@bdowne

>> you and I might be using the exact same ISP. Man Wink Except I'm using a SFP module instead of the NTU bridge…

I'm also using a SFP. 

Fiber -> SFP (ETH3) -> VLAN6 -> PPPoE

The difference is that I have an ER4 and hwnat does not exist on cavium-based routers.

 

In your previous post you said the MTU on your SFP was 1508. It has to be 1512.

 

 

On my connection I had to set (NL-XS4all, VLAN6, PPPoE, FTTH on SFP/ETH3):
ETH3 (SFP/FTTH): MTU==1512
ETH3.6: MTU==1508
ETH3.6 PPPoE: MTU==1500

 

 

ER-4 (FTTH on SFP), 2x AP-AC-LR, AP-AC-MESH-Pro, UVC-G3 dome.
New Member
Posts: 20
Registered: ‎04-28-2018
Kudos: 2

Re: EdgeMAX EdgeRouter software version v2.0.0 has been released!


@FineDogBiscuits wrote:

So... Should I upgrade my EdgeRouter Lite with PPPoE connection to my ISP or should I wait for the next release? I'm tempted to upgrade, but after reading this thread I'm not quite sure what to do. I have a really simple set up for home use only (more or less what the set up wizard did).


After upgrading I don't see must haves in the new firmware.  

Highlighted
New Member
Posts: 20
Registered: ‎04-28-2018
Kudos: 2

Re: EdgeMAX EdgeRouter software version v2.0.0 has been released!

@ciedema
> After upgrade it wouldn't restart so I needed to reset it.

  1. How did you upgrade: WebGUI or SSH?
  2. Which version did you upgrade from?

> While applying a the config from the Web, a few times it came up with an error 'Save failed'

 3. Can you please send me sanitized configuration and I will try to reproduce this issue on my lab router?

 

 

1. Upgraded via WebGUI

2. from 1.10.8

3. Attached

 

 

Attachment
Emerging Member
Posts: 66
Registered: ‎02-11-2018
Kudos: 1

Re: EdgeMAX EdgeRouter software version v2.0.0 has been released!

[ Edited ]

"This log message indicates that offloading flow cache was cleared. This is done (a) during startup, (b) when you change offloading table size via CLI or (c) when interface link goes down. This functionality was present in v1.10.x but it was not visible in logs because of different log level"

None of these happens on my router, but I have these messages...

New Member
Posts: 28
Registered: ‎12-10-2015
Kudos: 2

Re: EdgeMAX EdgeRouter software version v2.0.0 has been released!

Using a ER-6P, I seem to be getting this at boot and everytime I change the configuration of the L2TP server:

Jan 16 14:32:08 HM-Router xl2tpd[17902]: death_handler: Fatal signal 15 received
Jan 16 14:32:08 HM-Router systemd[1]: xl2tpd.service: Main process exited, code=exited, status=1/FAILURE
Jan 16 14:32:08 HM-Router systemd[1]: xl2tpd.service: Unit entered failed state.
Jan 16 14:32:08 HM-Router systemd[1]: xl2tpd.service: Failed with result 'exit-code'.
Jan 16 14:32:08 HM-Router xl2tpd[18251]: setsockopt recvref[30]: Protocol not available

I used to get the "fatal signal" and the "protocol not available" warnings before, but not having the xl2tpd daemon crash. Therefore, with this release I'm unable to connect with any client via L2TP. All else seems to work fine on our router, load-balancing 3 WANs, offloading and several firewall rules.

 

Any ideas?

Ubiquiti Employee
Posts: 1,289
Registered: ‎07-20-2015
Kudos: 1632
Solutions: 82

Re: EdgeMAX EdgeRouter software version v2.0.0 has been released!

@sholdee
> GPL Archive available?
e50 - https://dl.ubnt.com/firmwares/edgemax/v2.0.x/GPL.ER-e50.v2.0.0.5155111.tar.bz2
e100 - https://dl.ubnt.com/firmwares/edgemax/v2.0.x/GPL.ER-e100.v2.0.0.5155284.tar.bz2
e200 - https://dl.ubnt.com/firmwares/edgemax/v2.0.x/GPL.ER-e200.v2.0.0.5155284.tar.bz2
e300 - https://dl.ubnt.com/firmwares/edgemax/v2.0.x/GPL.ER-e300.v2.0.0.5155284.tar.bz2
e1000 - https://dl.ubnt.com/firmwares/edgemax/v2.0.x/GPL.ER-e1000.v2.0.0.5155284.tar.bz2

 

@DeviceLocksmith
> I've found another minor bug: systemd is showing degraded status due to an issue with root mount
> ubnt@router:~$ systemctl status
> * router
> State: degraded
> Jobs: 0 queued
> Failed: 1 units
> Since: Wed 1969-12-31 18:00:12 CST; 49 years 0 months ago
This will be fixed in v2.0.1 where we will upgrade systemd from 232-25+deb9u4 to 232-25+deb9u7

 

@ooferomen
> after 2 days uptime my ER-X crashed, unresponsive on WAN or LAN.
> hwnat was enabled, i disabled it and then 24 hours later is crashed again the same way. no LoadBalancing or tunnels.
Maybe DHCP daemon crashed and that's why LAN clients can no longer renew their IP lease?
Can you please reproduce this symptom again and then try to discover ER-X via UBNT Discovery Java app -> https://www.ui.com/downloads/tools/beta/discovery-tool/ubnt-discovery.zip
If this app can discover your ER-X then you should double-click on it and then press "Rescue Web UI" button. From there you will be able to generate tech-support file to troubleshoot this issue.

 

@bodean
> Are they holding off putting the firmware up online?
Too much bugs were discovered in v2.0.0 for ER-X :facepalm: We shall publish v2.0.1 on download site.

 

@3bs
> On edge routerpoe-5, pppoe don't estabilish connection on eth4 interface no errors in log
> Problem appeared in betta2, exist in betta3, in release still not fixed.
Yeah, I recall your post in beta.2 thread (here) - you posted PPPoE configuration, but I was not able to reproduce this issue. In order to proceed with this issue please post full configuration

 

@ciedema
> While applying a the config from the Web, a few times it came up with an error 'Save failed'.
I loaded your config via GI and then via CLI and it was applied successfully each time.

  1. How often did you encounter "Save fail" error?
  2. Have you been able to apply config after "Save fail"?

@sles
> After upgrade to 2.0.0 dmesg is full of messages
> Flushing IPv4 cache
> What is this? Why?

  1. What is your ER model?
  2. Please post output of `dmesg`
  3. Please post output of `cat /var/log/messages`

@porgos
> Jan 16 14:32:08 HM-Router xl2tpd[17902]: death_handler: Fatal signal 15 received
> Jan 16 14:32:08 HM-Router systemd[1]: xl2tpd.service: Main process exited, code=exited, status=1/FAILURE
> Jan 16 14:32:08 HM-Router systemd[1]: xl2tpd.service: Unit entered failed state.
> Jan 16 14:32:08 HM-Router systemd[1]: xl2tpd.service: Failed with result 'exit-code'.

> I used to get the "fatal signal" and the "protocol not available" warnings before, but not having the xl2tpd daemon crash.
That's weird because "Fatal signal 15 received" means that someone is sending SIGTERM to xl2tpd.

  1. Do you have IPSec VPN tunnels running?
  2. Please post your configuration?
  3. Please show output of following CLI commands:
    systemctl status xl2tpd.service
    journalctl -u xl2tpd.service
    cat /etc/xl2tpd/xl2tpd.conf
    cat /etc/ppp/options.xl2tpd
    show interfaces
    ip route
New Member
Posts: 8
Registered: ‎02-08-2018
Kudos: 1

Re: EdgeMAX EdgeRouter software version v2.0.0 has been released!

[ Edited ]

So I ran into a minor issue today.  I purchased a new POE 5 router for a client.  I believe it had a stock firmware of 1.2 or something like that.  I tried to update the firmware to 2.0.0 via the GUI right away without any configuration changes and it failed saying "an error uploading" or something along those lines.  I updated it to 1.10.8 without any issues and then was able to push 2.0.0 to it no problem.  Router has been running fine since.  

Emerging Member
Posts: 89
Registered: ‎07-18-2016
Kudos: 35
Solutions: 3

Re: EdgeMAX EdgeRouter software version v2.0.0 has been released!

@UBNT-afomins

@ooferomen
> after 2 days uptime my ER-X crashed, unresponsive on WAN or LAN.
> hwnat was enabled, i disabled it and then 24 hours later is crashed again the same way. no LoadBalancing or tunnels.
Maybe DHCP daemon crashed and that's why LAN clients can no longer renew their IP lease? 
Can you please reproduce this symptom again and then try to discover ER-X via UBNT Discovery Java app -> https://www.ui.com/downloads/tools/beta/discovery-tool/ubnt-discovery.zip
If this app can discover your ER-X then you should double-click on it and then press "Rescue Web UI" button. From there you will be able to generate tech-support file to troubleshoot this issue.

 

ER-X isn't doing DHCP so it's not that, also like i said the WAN didn't respond to ICMP(ping from my phone). Coming up on 3 days uptime right now.

Member
Posts: 200
Registered: ‎04-28-2015
Kudos: 107
Solutions: 1

Re: EdgeMAX EdgeRouter software version v2.0.0 has been released!

My home ER-X has exhibited a new and troublesome behavior on 2.0.0 that I've not had on the 1.10.x builds:

 

Three times now, the first two time occuring after a couple of days of uptime, the router has frozen and become unresponsive -- unable to be reached at any of its interface IPs and unable to route traffic.  Cold reboot brought it back online.

 

After the second time, it stayed online and working less than half an hour before it again froze up.

 

At that time, I reverted to 1.10.8 and it's returned to stability.

 

Is there anything that can be captured to assist in debugging?

New Member
Posts: 18
Registered: ‎05-12-2013
Kudos: 1

Re: EdgeMAX EdgeRouter software version v2.0.0 has been released!


@UBNT-afomins wrote:

 

 

@3bs
> On edge routerpoe-5, pppoe don't estabilish connection on eth4 interface no errors in log
> Problem appeared in betta2, exist in betta3, in release still not fixed.
Yeah, I recall your post in beta.2 thread (here) - you posted PPPoE configuration, but I was not able to reproduce this issue. In order to proceed with this issue please post full configuration

 


 

config

Spoiler
3bs@EdgeRouterPOE:~$ show configuration
firewall {
all-ping enable
broadcast-ping disable
group {
address-group IPTV_RTK {
address 198.18.56.226
address 46.61.193.82
}
}
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
modify LAN_out_modify {
rule 10 {
action modify
description "restore mark from connection"
modify {
connmark {
restore-mark
}
}
}
}
modify RTK_IN_pppoe_modify {
rule 10 {
action modify
description "mark RTK packets"
modify {
connmark {
set-mark 1
}
}
protocol tcp_udp
state {
new enable
}
}
}
modify TTK_IN_pppoe_modify {
rule 10 {
action modify
description "mark TTK packets"
modify {
connmark {
set-mark 2
}
}
protocol tcp_udp
state {
new enable
}
}
}
name RTK_IN_eth0 {
default-action drop
}
name RTK_IN_eth1 {
default-action drop
rule 10 {
action accept
destination {
address 224.0.0.0/4
}
protocol udp
source {
group {
address-group IPTV_RTK
}
}
}
rule 20 {
action accept
description "accept established + related packets"
protocol all
state {
established enable
invalid disable
new disable
related enable
}
}
}
name RTK_IN_pppoe {
default-action drop
rule 10 {
action accept
description "accept established + related packets"
protocol all
state {
established enable
invalid disable
new disable
related enable
}
}
rule 20 {
action drop
description "drop invalid packets"
protocol all
state {
established disable
invalid enable
new disable
related disable
}
}
rule 30 {
action accept
description "accept web"
destination {
address 172.16.0.73
port 80
}
protocol tcp
}
rule 40 {
action accept
description "accept dht"
destination {
address 172.16.0.75
port 21345
}
protocol tcp_udp
}
rule 44 {
action drop
description hacker
protocol all
source {
address 90.84.47.122
}
}
}
name RTK_LOCAL_eth0 {
default-action drop
}
name RTK_LOCAL_eth1 {
default-action drop
rule 10 {
action accept
protocol igmp
}
}
name RTK_LOCAL_pppoe {
default-action drop
rule 10 {
action accept
description "accept icmp"
protocol icmp
}
rule 20 {
action accept
description "accept established + related packets"
protocol all
state {
established enable
invalid disable
new disable
related enable
}
}
rule 30 {
action drop
description "drop invalid packets"
protocol all
state {
established disable
invalid enable
new disable
related disable
}
}
rule 40 {
action accept
description "accept ssh"
destination {
port 443
}
protocol tcp
}
rule 50 {
action accept
description "accept openvpn"
destination {
port 1194
}
protocol tcp
}
}
name TTK_IN_eth4 {
default-action drop
}
name TTK_IN_pppoe {
default-action drop
rule 10 {
action accept
description "accept established + related packets"
protocol all
state {
established enable
invalid disable
new disable
related enable
}
}
rule 20 {
action drop
description "drop invalid packets"
protocol all
state {
established disable
invalid enable
new disable
related disable
}
}
rule 30 {
action accept
description "accept web"
destination {
address 172.16.0.73
port 80
}
protocol tcp
}
rule 40 {
action accept
description "accept dht"
destination {
address 172.16.0.75
port 21345
}
protocol tcp_udp
}
}
name TTK_LOCAL_eth4 {
default-action drop
}
name TTK_LOCAL_pppoe {
default-action drop
rule 10 {
action accept
description "accept icmp"
protocol icmp
}
rule 20 {
action accept
description "accept established + related packets"
protocol all
state {
established enable
invalid disable
new disable
related enable
}
}
rule 30 {
action drop
description "drop invalid packets"
protocol all
state {
established disable
invalid enable
new disable
related disable
}
}
rule 40 {
action accept
description "accept ssh"
destination {
port 443
}
protocol tcp
}
rule 50 {
action accept
description "accept openvpn"
destination {
port 1194
}
protocol tcp
}
}
options {
mss-clamp {
interface-type pppoe
mss 1452
}
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
}
interfaces {
ethernet eth0 {
address 169.254.33.1/16
description RTK
duplex auto
firewall {
in {
name RTK_IN_eth0
}
local {
name RTK_LOCAL_eth0
}
}
poe {
output off
}
pppoe 0 {
default-route none
description "pppoe RTK"
firewall {
in {
modify RTK_IN_pppoe_modify
name RTK_IN_pppoe
}
local {
name RTK_LOCAL_pppoe
}
}
ipv6 {
dup-addr-detect-transmits 1
}
mtu 1492
name-server none
password ****************
user-id login_rtk
}
speed auto
}
ethernet eth1 {
address dhcp
description "IPTV RTK"
dhcp-options {
client-option "send vendor-class-identifier "Motorola_RTC_VIP1003";"
default-route no-update
default-route-distance 210
name-server no-update
}
duplex auto
firewall {
in {
name RTK_IN_eth1
}
local {
name RTK_LOCAL_eth1
}
}
mac 90:9d:7d:6f:df:85
poe {
output off
}
speed auto
}
ethernet eth2 {
duplex auto
poe {
output off
}
speed auto
}
ethernet eth3 {
duplex auto
poe {
output off
}
speed auto
}
ethernet eth4 {
address 169.254.33.2/32
description TTK
duplex auto
firewall {
in {
name TTK_IN_eth4
}
local {
name TTK_LOCAL_eth4
}
}
poe {
output off
}
pppoe 1 {
default-route none
description "pppoe TTK"
firewall {
in {
modify TTK_IN_pppoe_modify
name TTK_IN_pppoe
}
local {
name TTK_LOCAL_pppoe
}
}
mtu 1492
name-server none
password ****************
user-id login_ttk
}
speed auto
}
loopback lo {
address 172.16.100.1/32
}
openvpn vtun0 {
description "openvpn server"
encryption bf128
hash sha1
ip {
ospf {
cost 10
dead-interval 120
hello-interval 30
network point-to-multipoint
priority 1
retransmit-interval 5
transmit-delay 1
}
}
mode server
openvpn-option "--mssfix 1450 --tun-mtu 1500 --persist-key --persist-tun --sndbuf 0 --rcvbuf 0 --reneg-sec 0 --reneg-bytes 0"
protocol tcp-passive
server {
client acer {
ip 172.16.255.2
}
client angarsk {
ip 172.16.255.15
subnet 172.16.5.0/24
subnet 172.16.100.15/32
}
client bat {
ip 172.16.255.13
subnet 172.16.3.0/24
subnet 172.16.100.13/32
}
client bat_office {
ip 172.16.255.16
subnet 172.16.6.0/24
subnet 172.16.100.16/32
}
client hrustalnyi {
ip 172.16.255.17
subnet 172.16.7.0/24
subnet 172.16.100.17/32
}
client maman {
ip 172.16.255.11
subnet 172.16.1.0/24
subnet 172.16.100.11/32
}
client map {
ip 172.16.255.116
subnet 172.16.16.0/24
subnet 192.168.201.0/24
subnet 172.16.100.116/32
}
client moscow {
ip 172.16.255.19
subnet 172.16.9.0/24
subnet 192.168.2.0/24
}
client mrs {
ip 172.16.255.18
subnet 172.16.8.0/24
subnet 172.16.100.18/32
}
client olkhon {
ip 172.16.255.14
subnet 172.16.4.0/24
subnet 192.168.0.1/32
subnet 192.168.200.0/24
subnet 172.16.100.14/32
}
client sashka {
ip 172.16.255.12
subnet 192.168.1.1/32
subnet 172.16.2.0/24
subnet 172.16.100.12/32
}
subnet 172.16.255.0/24
topology subnet
}
tls {
ca-cert-file /config/auth/ca.crt
cert-file /config/auth/ubnt.crt
dh-file /config/auth/dh1024.pem
key-file /config/auth/ubnt.key
}
}
openvpn vtun1 {
description "VPN to VPS"
device-type tap
encryption bf128
hash sha1
ip {
ospf {
cost 5
dead-interval 40
hello-interval 10
network broadcast
priority 0
retransmit-interval 5
transmit-delay 1
}
}
mode client
openvpn-option "--mssfix 1450 --tun-mtu 1500 --persist-key --persist-tun --sndbuf 0 --rcvbuf 0 --reneg-sec 0 --comp-lzo --keysize 256"
protocol udp
remote-host vps.3bs.su
remote-port 1194
tls {
ca-cert-file /config/auth/ca.crt
cert-file /config/auth/ubnt-client.crt
key-file /config/auth/ubnt-client.key
}
}
switch switch0 {
address 172.16.0.1/24
description LAN
firewall {
in {
modify LAN_out_modify
}
}
mtu 1500
switch-port {
interface eth2 {
}
interface eth3 {
}
vlan-aware disable
}
}
tunnel tun1 {
address 172.16.250.1/30
description "iptv to bat"
encapsulation ipip
local-ip 172.16.100.1
multicast disable
remote-ip 172.16.100.13
ttl 255
}
tunnel tun2 {
address 172.16.250.5/30
description "iptv to bat_office"
encapsulation ipip
local-ip 172.16.100.1
multicast disable
remote-ip 172.16.100.16
ttl 255
}
}
protocols {
igmp-proxy {
disable-quickleave
interface eth0 {
role disabled
threshold 1
}
interface eth1 {
alt-subnet 198.18.56.226/32
alt-subnet 46.61.193.82/32
role upstream
threshold 1
}
interface eth2 {
role disabled
threshold 1
}
interface eth3 {
role disabled
threshold 1
}
interface eth4 {
alt-subnet 16.16.16.16/32
alt-subnet 10.18.0.1/32
role disabled
threshold 1
}
interface lo {
role disabled
threshold 1
}
interface pppoe0 {
role disabled
threshold 1
}
interface pppoe1 {
role disabled
threshold 1
}
interface switch0 {
role downstream
threshold 1
}
interface tun1 {
role downstream
threshold 1
}
interface tun2 {
role downstream
threshold 1
}
interface vtun0 {
role disabled
threshold 1
}
interface vtun1 {
role disabled
threshold 1
}
}
ospf {
area 0.0.0.0 {
network 172.16.253.0/29
network 172.16.0.0/24
network 172.16.255.0/24
network 172.16.100.0/24
}
bfd {
interface vtun0
}
parameters {
abr-type cisco
router-id 172.16.100.1
}
passive-interface default
passive-interface-exclude vtun1
passive-interface-exclude vtun0
}
static {
interface-route 0.0.0.0/0 {
next-hop-interface pppoe0 {
}
next-hop-interface pppoe1 {
distance 10
}
}
interface-route 8.8.4.4/32 {
next-hop-interface pppoe1 {
}
}
interface-route 31.216.167.12/32 {
next-hop-interface pppoe1 {
}
}
interface-route 141.105.33.222/32 {
next-hop-interface pppoe1 {
description glazkovskoe.ru
}
}
interface-route 188.168.31.14/32 {
next-hop-interface pppoe1 {
description "for settka.online"
}
}
route 192.168.0.1/32 {
next-hop 172.16.255.14 {
}
}
route 192.168.1.1/32 {
next-hop 172.16.255.12 {
}
}
route 192.168.2.0/24 {
next-hop 172.16.255.19 {
}
}
route 192.168.201.0/24 {
next-hop 172.16.255.116 {
}
}
route 192.168.202.0/24 {
next-hop 172.16.0.23 {
}
}
route 212.20.3.0/24 {
next-hop 10.82.192.1 {
}
}
table 1 {
interface-route 0.0.0.0/0 {
next-hop-interface pppoe0 {
}
}
mark 1
}
table 2 {
interface-route 0.0.0.0/0 {
next-hop-interface pppoe1 {
}
}
mark 2
}
}
}
service {
dhcp-server {
disabled false
hostfile-update disable
shared-network-name DHCP {
authoritative disable
subnet 172.16.0.0/24 {
default-router 172.16.0.1
dns-server 176.103.130.132
dns-server 176.103.130.134
dns-server 172.16.0.1
lease 86400
ntp-server 172.16.0.1
start 172.16.0.61 {
stop 172.16.0.69
}
}
}
static-arp disable
use-dnsmasq disable
}
dns {
forwarding {
cache-size 150
listen-on switch0
}
}
lldp {
interface eth0 {
disable
}
interface eth1 {
disable
}
interface eth4 {
disable
}
}
nat {
rule 10 {
description "port forwarding web RTK"
destination {
address 90.188.238.166
port 80
}
inbound-interface pppoe0
inside-address {
address 172.16.0.73
port 80
}
protocol tcp
type destination
}
rule 20 {
description "port forwarding web TTK"
destination {
address 141.105.33.2
port 80
}
inbound-interface pppoe1
inside-address {
address 172.16.0.73
port 80
}
protocol tcp
type destination
}
rule 30 {
description "port forwarding dht RTK"
destination {
port 21345
}
inbound-interface pppoe0
inside-address {
address 172.16.0.75
port 21345
}
protocol tcp_udp
type destination
}
rule 40 {
description "port forwarding dht TTK"
destination {
port 21345
}
inbound-interface pppoe1
inside-address {
address 172.16.0.75
port 21345
}
protocol tcp_udp
type destination
}
rule 100 {
description "harpin nat RTK"
destination {
address 90.188.238.166
port 80
}
inbound-interface switch0
inside-address {
address 172.16.0.73
port 80
}
protocol tcp
type destination
}
rule 5010 {
description "masquerade RTK"
log disable
outbound-interface pppoe0
protocol all
source {
address 172.16.0.1-172.16.0.99
}
type masquerade
}
rule 5020 {
description "masquerade TTK"
log disable
outbound-interface pppoe1
protocol all
source {
address 172.16.0.1-172.16.0.99
}
type masquerade
}
rule 5030 {
description "for IPTV"
log disable
outbound-interface eth1
protocol all
source {
address 172.16.0.1-172.16.0.99
}
type masquerade
}
rule 5040 {
description "for IPTV bat"
log disable
outbound-interface eth1
protocol all
source {
address 172.16.6.1-172.16.6.30
}
type masquerade
}
rule 5100 {
description "hairpin nat"
destination {
address 172.16.0.0/24
}
log disable
outbound-interface switch0
protocol tcp
source {
address 172.16.0.0/24
}
type masquerade
}
}
snmp {
community public {
authorization ro
}
listen-address 172.16.0.1 {
port 161
}
}
ssh {
port 443
protocol-version v2
}
ubnt-discover {
interface eth0 {
disable
}
interface eth1 {
disable
}
interface eth4 {
disable
}
interface pppoe0 {
disable
}
interface pppoe1 {
disable
}
}
}
system {
config-management {
commit-revisions 50
}
host-name EdgeRouterPOE
ipv6 {
disable
disable-forwarding
}
login {
user 3bs {
authentication {
encrypted-password ****************
plaintext-password ****************
}
level admin
}
}
name-server 77.88.8.8
name-server 8.8.8.8
name-server 8.8.4.4
ntp {
server ntp1.niiftri.irkutsk.ru {
prefer
}
server ntp2.vniiftri.ru {
}
server vniiftri.khv.ru {
}
}
offload {
hwnat disable
ipsec enable
ipv4 {
forwarding enable
pppoe enable
vlan disable
}
}
static-host-mapping {
host-name sdp.svc.iptv.rt.ru {
inet 212.20.3.172
inet 212.20.3.173
}
host-name vmx.svc.iptv.rt.ru {
inet 212.20.3.172
inet 212.20.3.173
}
}
syslog {
global {
facility all {
level notice
}
facility protocols {
level debug
}
}
}
time-zone Asia/Irkutsk
}

 

 

 

Emerging Member
Posts: 55
Registered: ‎08-26-2015
Kudos: 17

Re: EdgeMAX EdgeRouter software version v2.0.0 has been released!

[ Edited ]

@Lanna wrote:

but the ER-X itself now has no GUI or SSH access. It's doesn't even answer pings. Tried a power cycle by resetting the upstream port PoE, but still no go.


I also have the same problem, the layer2 aspect of the er-x is working with the vlan config however I can't access its management IP anymore. For the Ubiquiti team, here's the simple config it had:

set interfaces ethernet eth0 duplex auto
set interfaces ethernet eth0 mtu 2018
set interfaces ethernet eth0 speed auto
set interfaces ethernet eth1 duplex auto
set interfaces ethernet eth1 mtu 2018
set interfaces ethernet eth1 speed auto
set interfaces ethernet eth2 duplex auto
set interfaces ethernet eth2 mtu 2018
set interfaces ethernet eth2 speed auto
set interfaces ethernet eth3 duplex auto
set interfaces ethernet eth3 mtu 2018
set interfaces ethernet eth3 speed auto
set interfaces ethernet eth4 duplex auto
set interfaces ethernet eth4 mtu 2018
set interfaces ethernet eth4 speed auto
set interfaces loopback lo
set interfaces switch switch0 mtu 2018
set interfaces switch switch0 switch-port interface eth0 vlan vid 5
set interfaces switch switch0 switch-port interface eth0 vlan vid 6
set interfaces switch switch0 switch-port interface eth1 vlan vid 5
set interfaces switch switch0 switch-port interface eth1 vlan vid 6
set interfaces switch switch0 switch-port interface eth2 vlan pvid 6
set interfaces switch switch0 switch-port interface eth3 vlan pvid 6
set interfaces switch switch0 switch-port interface eth4 vlan pvid 6
set interfaces switch switch0 switch-port vlan-aware enable
set interfaces switch switch0 vif 5 address 172.30.0.6/22
set interfaces switch switch0 vif 5 description management
set interfaces switch switch0 vif 5 ip ospf dead-interval 40
set interfaces switch switch0 vif 5 ip ospf hello-interval 10
set interfaces switch switch0 vif 5 ip ospf priority 1
set interfaces switch switch0 vif 5 ip ospf retransmit-interval 5
set interfaces switch switch0 vif 5 ip ospf transmit-delay 1
set interfaces switch switch0 vif 5 mtu 1500
set interfaces switch switch0 vif 6 description localnet
set interfaces switch switch0 vif 6 mtu 1500
set protocols ospf area 0.0.25.1 area-type normal
set protocols ospf area 0.0.25.1 network 172.30.0.0/22
set protocols ospf auto-cost reference-bandwidth 1000
set protocols ospf parameters abr-type cisco
set protocols ospf parameters router-id 172.30.0.6
set service gui http-port 80
set service gui https-port 443
set service gui listen-address 172.30.0.6
set service gui older-ciphers enable
set service ssh listen-address 172.30.0.6
set service ssh port 22
set service ssh protocol-version v2
set service ubnt-discover disable
set service unms connection 'xxxxx'
set system conntrack expect-table-size 2048
set system conntrack hash-size 32768
set system conntrack modules sip disable
set system conntrack table-size 131072
set system conntrack tcp half-open-connections 512
set system conntrack tcp loose enable
set system conntrack tcp max-retrans 3
set system domain-name xxx
set system host-name sw1-ph-gco
set system login user xxx authentication encrypted-password 'xxx'
set system login user xxx authentication plaintext-password ''
set system login user xxx level admin
set system name-server 192.168.0.15
set system name-server 192.168.0.1
set system ntp server 0.ubnt.pool.ntp.org
set system ntp server 1.ubnt.pool.ntp.org
set system ntp server 2.ubnt.pool.ntp.org
set system ntp server 3.ubnt.pool.ntp.org
set system offload hwnat enable
set system options reboot-on-panic true
set system syslog global facility all level err
set system syslog global facility protocols level err
set system time-zone Australia/Brisbane

 

@UBNT-afomins here's a config which breaks after upgrading from v1.10.8.5142457.181120.1809 to v2.0

 

Router details after reverting back:

xxx@sw1-ph-gco:~$ show version
Version:      v1.10.8
Build ID:     5142457
Build on:     11/20/18 18:09
Copyright:    2012-2018 Ubiquiti Networks, Inc.
HW model:     EdgeRouter X 5-Port
HW S/N:       xxx
Uptime:       09:19:54 up  1:33,  1 user,  load average: 1.00, 1.02, 1.07

 

Emerging Member
Posts: 66
Registered: ‎02-11-2018
Kudos: 1

Re: EdgeMAX EdgeRouter software version v2.0.0 has been released!

@UBNT-afomins ERPoe-5 dmesg and messages are attached in one file thank you!
Ubiquiti Employee
Posts: 1,289
Registered: ‎07-20-2015
Kudos: 1632
Solutions: 82

Re: EdgeMAX EdgeRouter software version v2.0.0 has been released!

@ooferomen
> after 2 days uptime my ER-X crashed, unresponsive on WAN or LAN.
> hwnat was enabled, i disabled it and then 24 hours later is crashed again the same way. no LoadBalancing or tunnels.
> ER-X isn't doing DHCP ... also like i said the WAN didn't respond to ICMP

 

@MattHardeman
> the first two time occuring after a couple of days of uptime, the router has frozen and become unresponsive -- unable to be reached at any of its interface IPs and unable to route traffic. Cold reboot brought it back online.
> the second time, it stayed online and working less than half an hour before it again froze up.

 

@MattHardeman and @ooferomen are experiencing very similar ER-X hang.

  1. How do you power your ER-X? With PSU or with PoE on eth0 interface?
  2. Please show sanitized config:
    show configuration
  3. Please show output of following shell commands:
    dmesg
    cat /var/log/messages
    show interfaces
    ip route
    show ubnt offload
    

@sles
> After upgrade to 2.0.0 dmesg is full of messages
> Flushing IPv4 cache
> What is this? Why?
There is another reason for "Flushing cache" message - when IPv4/IPv6 route is being added/deleted then offloading cache is flushed. In simple SOHO environments this should not cause any troubles because routing table is updated very rarely. However in more complex ISP/Enterprise enviroments, especially with dynamic routing protocols this might cause throughput degradation because of frequent routing table updates that trigger offload cache flush.

 

If route flushing is causing problems on your environment then you can disable it with set system offload ipv4 disable-flow-flushing-upon-fib-changes CLI command

  1. Do you have dynamic routing protocols (BGP or OSPF) that frequently updates routing table?
  2. Do you see frequent route add/del messages when you run "sudo ip monitor" shell command?

@3bs
> On edge routerpoe-5, pppoe don't estabilish connection on eth4 interface no errors in log
> Problem appeared in betta2, exist in betta3, in release still not fixed.
> config
Thanks for sharing your config. I'm deploy it on my ER and report back tomorrow