Reply
Highlighted
Established Member
Posts: 1,581
Registered: ‎05-15-2013
Kudos: 622
Solutions: 19
Accepted Solution

Google Fiber + ERL anyone?

Curious, anyone using ERL with a Google Fiber connetion? Performance? Willing to share any gotchas?

 

I was able to find some general Fiber info on 'The Lounge" forum, but nothing ERL specific.

(http://community.ubnt.com/t5/The-Lounge/some-basic-google-fiber-customer-install-details/m-p/362239#..._

 

Thanks in advance!

Brent


Accepted Solutions
Member
Posts: 162
Registered: ‎04-24-2013
Kudos: 28
Solutions: 2

Re: Google Fiber + ERL anyone?

[ Edited ]

Whilst not Google Fibre, I am using one on a Hyperoptic 1Gbps connection ( http://www.hyperoptic.com ), and it is working absoloutely great/I am able to achieve *full* 944Mbps wire speed!

 

It does lack a few of the more enterprise-y features found in a proper firewall/router appliance, but it is rock solid for the price and contains all the standard routing features you should need and a hell of a lot more!

 

I have found a few problems where things don't work like you expect, but, the support here is excellent... I just replaced a Sonicwall with a ERL due to Sonicwall paid support not being able to help me with an advanced NAT setup, yet the staff here went above and beyond for free - I now have a great working setup.

 

The GUI looks amazing but is *seriously* lacking features for pretty much anything other than a very basic config, I would call it a work in progress/beta and if your setup requires anything half advanced, expect to use the CLI... The CLI is feature full and can pretty much do anything you require.... You just have to adapt to it, and, to Ubiquti's credit, they add more and more features to the GUI with every version.

 

An example is DHCP options - I wanted to apply one for my sip phones to auto provision... I was able to do this via the CLI, but options are not supported via the GUI so if I now make a change to DHCP in the GUI, it will loose my custom DHCP settings Man Sad

 

Despite the GUI lacking, it is an amazing product and other than port count, it outclasses many routers that cost a hell of a lot more.

View solution in original post


All Replies
Previous Employee
Posts: 13,551
Registered: ‎06-10-2011
Kudos: 5468
Solutions: 1656
Contributions: 2

Re: Google Fiber + ERL anyone?

Could you elaborate on specific concerns that you have? Might be easier for people to provide feedback?

Member
Posts: 162
Registered: ‎04-24-2013
Kudos: 28
Solutions: 2

Re: Google Fiber + ERL anyone?

[ Edited ]

Whilst not Google Fibre, I am using one on a Hyperoptic 1Gbps connection ( http://www.hyperoptic.com ), and it is working absoloutely great/I am able to achieve *full* 944Mbps wire speed!

 

It does lack a few of the more enterprise-y features found in a proper firewall/router appliance, but it is rock solid for the price and contains all the standard routing features you should need and a hell of a lot more!

 

I have found a few problems where things don't work like you expect, but, the support here is excellent... I just replaced a Sonicwall with a ERL due to Sonicwall paid support not being able to help me with an advanced NAT setup, yet the staff here went above and beyond for free - I now have a great working setup.

 

The GUI looks amazing but is *seriously* lacking features for pretty much anything other than a very basic config, I would call it a work in progress/beta and if your setup requires anything half advanced, expect to use the CLI... The CLI is feature full and can pretty much do anything you require.... You just have to adapt to it, and, to Ubiquti's credit, they add more and more features to the GUI with every version.

 

An example is DHCP options - I wanted to apply one for my sip phones to auto provision... I was able to do this via the CLI, but options are not supported via the GUI so if I now make a change to DHCP in the GUI, it will loose my custom DHCP settings Man Sad

 

Despite the GUI lacking, it is an amazing product and other than port count, it outclasses many routers that cost a hell of a lot more.

Senior Member
Posts: 2,842
Registered: ‎05-19-2013
Kudos: 1254
Solutions: 26

Re: Google Fiber + ERL anyone?

Not sure what the concern is about. If the throughput ability of ERL is what the concern is, then bcdouglas answered it. I have answered it in another thread (link below) too.

 

https://community.ubnt.com/t5/EdgeMAX/Is-EdgeMAX-Lite-grunty-enough-for-a-Fibre-100-50-connection/td...

Previous Employee
Posts: 13,551
Registered: ‎06-10-2011
Kudos: 5468
Solutions: 1656
Contributions: 2

Re: Google Fiber + ERL anyone?

Yeah the current GUI certainly does not cover all the features, and as mentioned we are using an incremental approach to add more features/enhancements as permitted by resource availability. Thanks for your feedback! Icon Smile

Regular Member
Posts: 347
Registered: ‎01-06-2013
Kudos: 86
Solutions: 10

Re: Google Fiber + ERL anyone?

[ Edited ]

Off topic, about Google Fibre 

I remember seeing a video of google Fibre being install the engineer installing it said you have to use the router provided.

There's no testing like in production!
Established Member
Posts: 1,581
Registered: ‎05-15-2013
Kudos: 622
Solutions: 19

Re: Google Fiber + ERL anyone?

Thanks for the replies guys.  I realize my OP was vague...wasn't really looking for anything specific, but experiences of folks using Google Fiber with ERL.

 

It does indeed look like the "Google Network" device must be used.  I was hoping for a plain fibre to Ethernet bridging device simiular to a cable "modem", but instead, Google has an all inclusive box with wifi and 4 LAN ports. This all makes sense for the typical home user, but, I'd venture to say we here on the forum are not the typical home user.  I like my UBNT-based home setup so I'll most likely be adding an extra hop to my set up.  

Fibre-> Google Network Device -> ERL -> Computer

Yes, I know...I'm complaining about Google Fiber.  ...I am happy it's coming to my area soon (Austin).

Cheers guys,

Brent

SuperUser
Posts: 21,761
Registered: ‎11-20-2011
Kudos: 7921
Solutions: 233

Re: Google Fiber + ERL anyone?

Supplying a locked down CPE gives them less support issues. It also gives them a OAM endpoint to test against.


isp builder | linux sorcerer | datacenter automation conjurer | blog: blog.engineered.online
link to our slack channel on the blog
Established Member
Posts: 1,765
Registered: ‎10-28-2010
Kudos: 1231
Solutions: 23

Re: Google Fiber + ERL anyone?

[ Edited ]

OAM?

 

 Operation Administration & Maintenance?

Member
Posts: 250
Registered: ‎02-03-2014
Kudos: 19
Solutions: 9

Re: Google Fiber + ERL anyone?

A combination of VLANing on the WAN and specific QoS must be used to safely bypass the Google Network box.

Please reference these:

Part 2, QoS: http://flyovercountry.org/2014/02/google-fiber-gigabit-speeds-your-router-part-2-qos/

Additional IGMP proxy may be needed.

https://www.dropbox.com/s/zg9ju9373t0fnpu/GoogleFiberRouterGuide.pdf

I found these all referenced in a google fiber forum.

https://productforums.google.com/forum/#!msg/fiber/AbNh8ij72Mw/VAg2bQH75gwJ

This has been confirmed by Google in various threads. In short, it's possible but difficult.

Member
Posts: 269
Registered: ‎03-19-2014
Kudos: 22
Solutions: 1

Re: Google Fiber + ERL anyone?

[ Edited ]

vendor lockdown nor locked-down/proprietary software didn't give them more points, for sure.

and yes, xPON "providers" more prone to enforce/re-introduce traffic cap and similar limitaitions aswell as very dense/opressive DPI and traffic shaping.

also xPON folks kinda famous for persistently messing up/breaking stuff via TR-069(read bout it, btw, aswell as bout TR-111 and TR-98, among others portions).

also keep in mind thats all passive optical networking stuff, like xPON(and all those deployers, like AT&T, Warner, Google and etc), was made primarily for purpose of ease burdens of consumer dataflow mirroring to bulk surveliance agencies, rather than improve scalability, performance or network financial expenses, cuz its double-down in virtuall ALL other respects compared to conventional ("active" optics).

so not much points for xPON, even for remote villages(expenses - same. drawbacks/flaws - bigger).

just get decent 1Gbps copper/fiber ethernet service/offering/subscription and plug in you favorite/battle-proven/tested networking gear(probably Ubnt-labeled) into it and don't worry and beeeee happy.

Regular Member
Posts: 605
Registered: ‎09-23-2015
Kudos: 229
Solutions: 6

Re: Google Fiber + ERL anyone?

[ Edited ]

FYI – With much appreciation to Atlantisman and the others who paved the way, I’ve written an updated how-to guide on replacing the GFNB with only a UBNT EdgeRouter Lite, for anyone who wants to take that approach:

 

http://www.stevejenkins.com/blog/2015/11/replace-your-google-fiber-network-box-with-a-ubiquiti-edger...

This is where I used to list my UBNT gear, but now it's mostly stuff I'm not allowed to talk about yet. Man Wink
942.22 Mbps down / 926.27 Mbps up (http://result.googlefiber.net/share/316298352.png)
My Blog: http://www.stevejenkins.com/
New Member
Posts: 4
Registered: ‎06-13-2016

Re: Google Fiber + ERL anyone?

Question for Steve Jenkins,

 

Following your blog, using your config.boot via info in an amazon review of the edgerouter lite I succeeded in getting the ERL configured. I used the GUI to download the default config, unzipped- untarred the DL'd file, I then replaced the config.boot with the one from your blog and  then tarred and gzipped the entire shebang. Used the gui to upload/restore and it obviously set everthing up. The only thing I changed was the time to america/central.

 

Now the fun part... And yes this is pushing the limits of my understanding. I plug eth1 into the fiberjack and connect eth0 to my switch, computer into one of the available switch ports and cannot seem to obtain an IP from google.

 

Any simple suggestions? I already tried power cycling the google fiber jack (not the google fiber box) Is there some setting I may be missing? My google service is the 100 mbit in the Kansas City area, I was told the fiber jack is the limiting point that determines access speed. When in the UBNT GUI I've noticed reference to 1000 mbit connections.

Would I need to modify any of those settings?

 

 

Regular Member
Posts: 605
Registered: ‎09-23-2015
Kudos: 229
Solutions: 6

Re: Google Fiber + ERL anyone?

Hi, @One_Beerhunter. You shouldn't need to modify any settings to work with 100Mbit vs 1Gbit, and it sounds like you've got the Ethernet cables plugged in to the correct ports.

 

When you access the ERL GUI Dashboard, are you seeing a WAN IP on the VLAN (eth1.2)? I've updated my article and included a screen shot in the "Final Steps" section that shows what my Dashboard looks like with everything working right. In the IP Addr column, you should have 192.168.1.1/24 private LAN IP range on eth0, nothing on eth1, and your WAN IP (could be both IPv4 and IPv6) for eth1.2.

 

Also, your Google Fiber Box is not plugged in to your configuration at all, correct? Just the Google Fiber Jack.

This is where I used to list my UBNT gear, but now it's mostly stuff I'm not allowed to talk about yet. Man Wink
942.22 Mbps down / 926.27 Mbps up (http://result.googlefiber.net/share/316298352.png)
My Blog: http://www.stevejenkins.com/
New Member
Posts: 4
Registered: ‎06-13-2016

Re: Google Fiber + ERL anyone?

Hi Steve,

 

Thank you for responding with antoshing speed.... :") If only all tech support was this good.

Yes, everything is as your posted image. It appears that my brain was overloaded as I failed to restart my switch...

I don't usually acknowledge being a dumb*ss... LOL  So it appears to be working. (Yippie!)

Thank you for your awesome blog, it's wealth of info, etc. You might add the method I used to get your config.boot onto my ERL as for me (more of a GUI guy) it was the easiest to understand and more people might be able to escape their google fiber box. Now all I need to do is get the Unifi controller software running on my PClinuxOS box running, maybe a guest network fo my neighbours via thee Unifi AP AC LR....

 

 

Regular Member
Posts: 605
Registered: ‎09-23-2015
Kudos: 229
Solutions: 6

Re: Google Fiber + ERL anyone?

Thanks, @One_Beerhunter. Glad to hear it was simple as simple as a restart. Man Happy

 

Getting the UniFi controller running on a Linux box is simple. I've written one article about setting it up:

 

http://www.stevejenkins.com/blog/2016/05/diy-cloud-hosting-ubiquiti-ubnt-unifi-controller/

 

and another about how to quickly update between versions:

 

http://www.stevejenkins.com/blog/2016/06/upgrade-your-linux-unifi-controller-version-in-5-minutes/

 

When I get a chance this week, I will update my article with your GUI-only method. If I understand it, you essentially did the following, correct?

 

1) Downloaded my config.boot

2) Tweaked the config.boot to match your needs (time zone)

3) Downloaded the default configuration backup (gzipped tarball) via the GUI

4) Unziped the tarball, replace the edited config.boot file in the tarball, recompressed the tarball, then "restored" it to the ERL via the GUI

5) Rebooted the ERL via the GUI to pick up the changes

 

If I missed a step, please let me know!

This is where I used to list my UBNT gear, but now it's mostly stuff I'm not allowed to talk about yet. Man Wink
942.22 Mbps down / 926.27 Mbps up (http://result.googlefiber.net/share/316298352.png)
My Blog: http://www.stevejenkins.com/
New Member
Posts: 4
Registered: ‎06-13-2016

Re: Google Fiber + ERL anyone?

[ Edited ]

From the UBNT gui (lower left system tab) download the default config, unzip, untar and replace default config.boot with your config.boot

There is a whole directory structure:

/config>

/config/auth
/config/scripts
/config/support
/config/url-filtering
/config/user-data
/config/wizard
/config/config.boot  <<<<<Only replace this file.
/config/config.boot.2015-01-01-0000.pre-migration

Tar the config folder to config.tar

Gzip config.tar to config.tar.gz

From the UBNT gui (lower left system tab) restore

New Member
Posts: 4
Registered: ‎07-25-2016

Re: Google Fiber + ERL anyone?

Hello,

 

I recently moved to KC and got Google Fiber.  I've been trying to get my edge router configured to replace my Fiber box but I can't seem to get it to work.  I've replaced the config.boot file with that provided by Steve but when connect eth1 to the Google Fiber wall jack...nothing.  Doesn't even light up, fiber jack nor eth1.  I can access the GUI interface via eth0.  I see vlan 1.2, eth1 ent2 and en0.  Only eth0 is showing a connection.  When I remove eth1 and plug it back into the Google box the wall Jack starts working again.  What am I missing here? 

New Member
Posts: 11
Registered: ‎04-19-2016
Kudos: 1

Re: Google Fiber + ERL anyone?

[ Edited ]

hello

If your Fiber jack does not light up when you plug the cable from your ERL, it is Probably powered by POE...

 

You will need to find out the voltage needed and get a seperate power supply to run the fiber jack ( a POE injector)..

 

Google has been using POE lately for the Fiber jacks...I am not sure of voltage, as I have the older fiber jack that has a seperate power supply...

 

By the way...POE = Power Over Ethernet...

 

I hope this helps answer your concern, BUT I dont know the voltage needed, or if you could just use a power supply that would fit a connector in the newer style fiber jack....

 

EDIT..... I Can Offer a Config that I have Worked up for Google Fiber in KC that Enables IPv6 support and is Very Stable for Me and Works Very Well It Is Based Off of Steve Jenkins Config.... See Below.....

firewall {
    all-ping enable
    broadcast-ping disable
    ipv6-name WAN6_IN {
        default-action drop
        rule 10 {
            action accept
            description "Allow established/related"
            state {
                established enable
                related enable
            }
        }
        rule 20 {
            action drop
            description "Drop invalid state"
            state {
                invalid enable
            }
        }
    }
    ipv6-name WAN6_LOCAL {
        default-action drop
        rule 10 {
            action accept
            description "Allow established/related"
            state {
                established enable
                related enable
            }
        }
        rule 20 {
            action drop
            description "Drop invalid state"
            state {
                invalid enable
            }
        }
        rule 30 {
            action accept
            description "Allow ICMPv6"
            icmpv6 {
            }
            protocol ipv6-icmp
        }
        rule 40 {
            action accept
            description "Allow DHCPv6"
            destination {
                port 546
            }
            protocol udp
            source {
                port 547
            }
        }
    }
    ipv6-receive-redirects disable
    ipv6-src-route disable
    ip-src-route disable
    log-martians enable
    name LAN_IN {
        default-action accept
        rule 1 {
            action drop
            description "drop invalid state"
            state {
                invalid enable
            }
        }
    }
    name WAN_IN {
        default-action drop
        description "WAN to Internal"
        rule 1 {
            action accept
            description "Allow established/related"
            log disable
            protocol all
            state {
                established enable
                related enable
            }
        }
        rule 2 {
            action drop
            description "Drop invalid state"
            log disable
            protocol all
            state {
                invalid enable
            }
        }
    }
    name WAN_LOCAL {
        default-action drop
        description "WAN to Router"
        rule 1 {
            action accept
            description "Allow established/related"
            protocol all
            state {
                established enable
                related enable
            }
        }
        rule 2 {
            action drop
            description "Drop invalid state"
            protocol all
            state {
                invalid enable
            }
        }
        rule 3 {
            action accept
            description "Allow ICMP"
            log disable
            protocol icmp
        }
    }
    options {
        mss-clamp {
            interface-type all
            mss 1460
        }
    }
    receive-redirects disable
    send-redirects enable
    source-validation disable
    syn-cookies enable
}
interfaces {
    ethernet eth0 {
        address 192.168.1.1/24
        description LAN
        duplex auto
        firewall {
            in {
                name LAN_IN
            }
        }
        speed auto
    }
    ethernet eth1 {
        description "Google Fiber Jack"
        duplex auto
        speed auto
        vif 2 {
            address dhcp
            description "Google Fiber WAN"
            dhcp-options {
                default-route update
                default-route-distance 210
                name-server no-update
            }
            dhcpv6-pd {
                pd 0 {
                    interface eth0 {
                        host-address ::1
                        prefix-id :1
                        service slaac
                    }
                    prefix-length /56
                }
                rapid-commit enable
            }
            egress-qos 0:3
            firewall {
                in {
                    ipv6-name WAN6_IN
                    name WAN_IN
                }
                local {
                    ipv6-name WAN6_LOCAL
                    name WAN_LOCAL
                }
            }
        }
    }
    ethernet eth2 {
        address 192.168.3.1/24
        description "Local Config Port"
        duplex auto
        firewall {
            in {
                name LAN_IN
            }
        }
        speed auto
    }
    loopback lo {
    }
}
port-forward {
    auto-firewall enable
    hairpin-nat enable
    lan-interface eth0
    wan-interface eth1.2
}
service {
    dhcp-server {
        disabled false
        hostfile-update enable
        shared-network-name LAN {
            authoritative disable
            subnet 192.168.1.0/24 {
                default-router 192.168.1.1
                dns-server 8.8.8.8
                dns-server 8.8.4.4
                lease 86400
                start 192.168.1.101 {
                    stop 192.168.1.254
                }
            }
        }
    }
    dns {
        forwarding {
            cache-size 1000
            listen-on eth0
            name-server 8.8.8.8
            name-server 8.8.4.4
            name-server 2001:4860:4860::8888
            name-server 2001:4860:4860::8844
        }
    }
    gui {
        http-port 80
        https-port 443
        older-ciphers enable
    }
    nat {
        rule 5000 {
            description "Masquerade for WAN"
            log disable
            outbound-interface eth1.2
            protocol all
            type masquerade
        }
    }
    ssh {
        port 22
        protocol-version v2
    }
    upnp2 {
        listen-on eth0
        nat-pmp disable
        secure-mode disable
        wan eth1.2
    }
}
system {
    host-name UBNT-Gateway
    login {
        user ubnt {
            authentication {
                encrypted-password ********
                plaintext-password ""
            }
            full-name ""
            level admin
        }
    }
    name-server 8.8.8.8
    name-server 8.8.4.4
    name-server 2001:4860:4860::8888
    name-server 2001:4860:4860::8844
    name-server 127.0.0.1
    ntp {
        server 0.ubnt.pool.ntp.org {
        }
        server 1.ubnt.pool.ntp.org {
        }
        server 2.ubnt.pool.ntp.org {
        }
        server 3.ubnt.pool.ntp.org {
        }
    }
    offload {
        hwnat disable
        ipsec enable
        ipv4 {
            forwarding enable
            vlan enable
        }
        ipv6 {
            forwarding enable
            vlan enable
        }
    }
    syslog {
        global {
            facility all {
                level notice
            }
            facility protocols {
                level debug
            }
        }
    }
    time-zone America/Chicago
    traffic-analysis {
        dpi disable
        export enable
    }
}


/* Warning: Do not remove the following line. */
/* === vyatta-config-version: "config-management@1:conntrack@1:cron@1:dhcp-relay@1:dhcp-server@4:firewall@5:ipsec@5:nat@3:qos@1:quagga@2:system@4:ubnt-pptp@1:ubnt-util@1:vrrp@1:webgui@1:webproxy@1:zone-policy@1" === */
/* Release version: v1.8.5.4884695.160608.1057 */

New Member
Posts: 4
Registered: ‎07-25-2016

Re: Google Fiber + ERL anyone?

Thanks, I just figured that out while comparing the the ERL config.boot to the ER PoE 5 config.boot script here:

 

https://gist.github.com/stevejenkins/d18d269a7651e9f493b3

 

The GFRG110 require PoE the GFRG100 does not.  https://support.google.com/fiber/answer/2667494

 

I'm wondering if I should just replace my ERL with the ER PoE model now or just buy the PoE adapter.  

 

They are using 48V to power the fiber jack.  So I guess if I did get the adapter I'd need the POE-48-24W-G.  I wish there was somewhere I could coinfirm this but I can't find the voltage listed anywhere by Google. 

 

 

 

 

Reply