Reply
New Member
Posts: 4
Registered: ‎04-14-2018

Re: [USG] Firmware v4.4.29 now available

Anyone run an uncredentialed or credentialed Nessus scan of the new version? 

New Member
Posts: 9
Registered: ‎07-26-2018

Re: [USG] Firmware v4.4.29 now available

@gator911Also like dblndr I am running DPI and IPS but no hits on IPS yet and have 2d4h of uptime on the USG3 with 4.4.29 on 5.8.30 controller.

I am running 50% on average for memory and 25% avg CPU usage. That is what IPS and DPI ran at when I had it on for 4.4.22 so it seems like it is on just no hits. Really has me curious as I ran 20% average on both with IPS/IDS off and DPI on.

New Member
Posts: 35
Registered: ‎10-14-2016
Kudos: 6
Solutions: 1

Re: [USG] Firmware v4.4.29 now available

why? 

New Member
Posts: 7
Registered: ‎06-22-2018

Re: [USG] Firmware v4.4.29 now available

I've noticed the same problem ...

 

Web interface to UCK reports USG-3P memory usage of 21%, the android app reports 47%.


CloudKey 0.12.0 / Controller 5.9.29
USG-3P 4.4.29.5124210
USW-16-150W 3.9.54.9373
2x UAP-AC-PRO 3.9.54.9373
New Member
Posts: 2
Registered: ‎10-18-2017

Re: [USG] Firmware v4.4.29 now available

I'm getting this with 4.4.29 on a USG

 

Process 11569 (linkcheck) has crashed (parent 1 (init) signal 10, code 128, addr            (nil)), coredumps disabled

Sep 23 18:46:38 Firewall linkcheck: speedtest.getBestServer(): no such host speedtest.pilotfiber.com:8080#012

Sep 23 18:47:34 Firewall linkcheck: speedtest.getBestServer(): no such host speedtest.pilotfiber.com:8080#012

Sep 23 18:47:53 Firewall kernel: Process 11569 (linkcheck) has crashed (parent 1 (init) signal 10, code 128, addr            (nil)), coredumps disabled

Sep 23 18:50:43 Firewall syswrapper: kill-linkcheck. reason: linkcheck not updating

Sep 23 19:37:22 Firewall mcad: mca-edgemax.edgemax_stats_routes(): parsing response failed(-1)

Sep 23 19:48:34 Firewall mcad: mca-edgemax.edgemax_stats_routes(): parsing response failed(-1)


I don't have Link monitoring - FW runs about 20hrs and then stops processing traffic. UNMS still thinks the firewall is alive and working, but can't pass traffic through it. I think it may be the speedtest.

 

If I ssh to console, I can reach the internet from the firewall, but nothing behind it.

 

I'll see if disabling SpeedTest does anyting for me.

 

New Member
Posts: 10
Registered: ‎12-09-2016
Kudos: 1

Re: [USG] Firmware v4.4.29 now available

[ Edited ]

Updated last night and this afternoon (maybe 20 hours in), was seeing random package loss and slowdowns.  Rebooted the USG and everything is back to normal.  I disabled the periodic speed test again to see if that resolved the issue.  Hoping I do not have a reoccurance again tommrow.

 

EDIT: As I started to dig in, I noticed a spike in memory usage around the time the issue started.  The CPU spikes are the reboot times one for the update and one for the recovery.

Screen Shot 2018-09-23 at 8.38.19 PM.png

 

I also noticed a spike in drops, I think this is around the time this started.

Screen Shot 2018-09-23 at 8.41.04 PM.png

 

EDIT 2: The issue occured again a few hours after the reboot with the reoccuring speedtest disabled.  I have now downgraded to 4.4.28 and opened a support ticket.  I am hopeful the issue can be identified with the data I provided.

 

Regular Member
Posts: 387
Registered: ‎09-28-2017
Kudos: 99
Solutions: 29

Re: [USG] Firmware v4.4.29 now available

@rcrum003  This is a known problem and will be worked on soon.

 

Sep 23 18:47:34 Firewall linkcheck: speedtest.getBestServer(): no such host speedtest.pilotfiber.com:8080#012

Sep 23 18:47:53 Firewall kernel: Process 11569 (linkcheck) has crashed (parent 1 (init) signal 10, code 128, addr

The host will not resolve because the port is being submitted as part of the domain.

The result is linkcheck is crashing. 

 

Turn off speedtest to prevent problem for now.  Do not perform manual speedtest either.

Emerging Member
Posts: 76
Registered: ‎07-03-2018
Kudos: 6
Solutions: 1

Re: [USG] Firmware v4.4.29 now available

Upgrade by url from 4.4.28 to 4.4.29 only by reboot:

 

<12>Sep 24 09:16:40 Router-Home mcad: ace_reporter.create_socket(): create_socket(ipv4): SO_LINGER 2:No such file or directory
<26>Sep 24 09:16:43 Router-Home xl2tpd[4420]: death_handler: Fatal signal 15 received
<26>Sep 24 09:16:43 Router-Home xl2tpd[5263]: setsockopt recvref[30]: Protocol not available
<11>Sep 24 09:16:50 Router-Home mcad: mca-edgemax.edgemax_stats_routes(): parsing response failed(-1)

 

Uck 0.11.12

CK 5.8.30

 

UniFi Security Gateway 4P , Unifi Cloud Key, UniFi Switch 8 POE-150W, UniFi Switch 16 POE-150W, 2 x UniFi AP-AC-Pro, 1x UniFi NanoHD
New Member
Posts: 24
Registered: ‎11-16-2017
Kudos: 4

Re: [USG] Firmware v4.4.29 now available

Way to late for me.... 

 

1. Stuked in the Upgrade-Loop

2. Saw this hint with the frimeware for the controller and upgraded 

3. Suprise Suprise, i am stuck in in the Adoption-Loop AND no accacc to the internet

 

We'll done. 

 

So ssh won't work, anyone else an idea for me?

 

Thanks in advance for your help! 

Emerging Member
Posts: 80
Registered: ‎04-16-2016
Kudos: 11

Re: [USG] Firmware v4.4.29 now available

Hi,

 

I don't have a good news: you need someone in your site Man Happy 

To have some luck, I was pooling the power cord and it helps sometimes (in my case, it did, I was able to flash the router).

 

Somehow, without internet access, you can try to use the cached firmware, from your cloudkey/server (I hope, you have).

 

cached.JPG

But still you need to be "in real" over there to perform ssh.

 

I went for upgrades step by step 4.4.18 > 4.4.22 > 4.4.29 again.

4.4.28 completely demolished my "farm".

 

To fix gauges, I went for the static routes for the WAN failover (I have two WANs and the failover works finally).

The static routes activate "black gauges" on any firmware to be honest.

 

The speed test works, but the statistics still don't work as expected. I have strange behaviour.

 

The CPU load is stabilized finally over night (I don't know why, I had plenty of spikes accross couple of hours).

I have quite heavy traffic.

I am running the cluster over UBNT. That's why I need the redundancy over WAN.

 

My WAN1 60/30 - the radiolink, WAN2 - 4G unlimited

speedtest.JPGgauges.JPGcpustats.JPGstaticrout.JPG

 

Good luck Man Happy 

New Member
Posts: 7
Registered: ‎02-06-2018
Kudos: 1

Re: [USG] Firmware v4.4.29 now available

The speedtest issue is still there.

 

USG-Pro: Firmware v.4.4.29

Controller: 5.9.26-11369-1

UCK Firmware: UCK.mtk7623.v0.11.5.2e0309d.180709.0813

1Gbps/1Gbps dedicated fiber internet connection: 

Speedtest.png
USG-Pro.png
New Member
Posts: 15
Registered: ‎04-14-2018
Kudos: 3

Re: [USG] Firmware v4.4.29 now available

24h Hours later not only the USG in the Remote Site is down but also the accesspoints... kind a sucks, a update which is pushed to clients should by no means kill a remote sites network

New Member
Posts: 24
Registered: ‎11-16-2017
Kudos: 4

Re: [USG] Firmware v4.4.29 now available

Thanks, will try.

 

I am also in contact with the support team - still no solution. They sugested to turn of the speed test and than reebot the USG. Well i´ve done it and there is still the same problem...

New Member
Posts: 24
Registered: ‎11-16-2017
Kudos: 4

Re: [USG] Firmware v4.4.29 now available

So far i´ve done the following:

 

1. Endless Chat with the support - the are friendly, but you have to que with all the disconnects..

2. Rolled back to 4.4.28 - no success

3. Rolled back to 4.4.22 - no success

4. Again in cue with the support

 

5. Learnd a lot: NEVER EVER touch a running system!!

Emerging Member
Posts: 76
Registered: ‎07-03-2018
Kudos: 6
Solutions: 1

Re: [USG] Firmware v4.4.29 now available

Also loosing vpn no data is flowing. After connect with vpn i can reach internet , after a couple of minuts or some time after an half our still vpn connection but no internet. Re connect vpn internet is back again for some time.
UniFi Security Gateway 4P , Unifi Cloud Key, UniFi Switch 8 POE-150W, UniFi Switch 16 POE-150W, 2 x UniFi AP-AC-Pro, 1x UniFi NanoHD
New Member
Posts: 7
Registered: ‎12-06-2017
Kudos: 104

Re: [USG] Firmware v4.4.29 now available

Had adoption issues with my USG pro 4, the solution from support was to:

 

1. Disable dpi/ips/speedtest in controller

2. Hard reboot USG

3. Wait for adoption

4. Reenable dpi/ips/speedtest

 

Seems to be working well for me now.

usg 4.4.29.5124212 | controller 5.8.30 on cloudkey v0.11

Emerging Member
Posts: 60
Registered: ‎12-01-2017
Kudos: 2

Re: [USG] Firmware v4.4.29 now available

[ Edited ]

I waited until the update was pushed out to my USG3P and upgraded it yesterday via the controller GUI. Controller 5.8.30 on Win10 x64 PC. DPI is enabled but IPS and auto speed test are disabled. No VLANs.

 

19+ hours up since the update and no issues to report.

 

4.4.29.5124210 is what I'm showing. Others seem to have 212. No clue what the difference might be.

 

 

USG-3P 4.4.36
AC-Lite\Pro 4.0.10
AC-HD 4.0.10
Controller 5.9.29
Unifi USG memory usage.png
New Member
Posts: 13
Registered: ‎03-09-2017
Kudos: 2

Re: [USG] Firmware v4.4.29 now available


@UBNT-cmb wrote:

@faswva wrote:

@erusk wrote:

Do you have DHCP information in a config.gateway.json, by chance?  I had this same thing recently.  It was because of a naming change.  Had to update my json to reflect the new network names.


I don't recall anything like that but I will have a look.


That's my guess as well. That message comes up when there are duplicate "shared-network-name" entries for the same subnet, and that's the only circumstance where I've heard of or seen that. 


Looking at the config.gateway.json pulled down from the Cloud Key and the one from the USG Pro.

 

I don't see any obvious differences in the DCHP sections.  Network names appear to be the same.

 

How would I know that anything has changed? It there a way to compare what the USG Pro has vs. the Cloud Key?

 

FWIW, I haven't made any naming or configuration changes since I first installed/set up my system.

Are you both suggesting that the firmware upgrade would have overwritten something on the USG Pro so that, now, there is a naming mis-match between it and the Cloud Key?

 

Should I take this up with Ubiquiti support?

 

Thanks for your comments and help!

New Member
Posts: 15
Registered: ‎09-18-2017
Kudos: 1

Re: [USG] Firmware v4.4.29 now available


@faswva wrote:

@UBNT-cmb wrote:

@faswva wrote:

@erusk wrote:

Do you have DHCP information in a config.gateway.json, by chance?  I had this same thing recently.  It was because of a naming change.  Had to update my json to reflect the new network names.


I don't recall anything like that but I will have a look.


That's my guess as well. That message comes up when there are duplicate "shared-network-name" entries for the same subnet, and that's the only circumstance where I've heard of or seen that. 


Looking at the config.gateway.json pulled down from the Cloud Key and the one from the USG Pro.

 

I don't see any obvious differences in the DCHP sections.  Network names appear to be the same.

 

How would I know that anything has changed? It there a way to compare what the USG Pro has vs. the Cloud Key?

 

FWIW, I haven't made any naming or configuration changes since I first installed/set up my system.

Are you both suggesting that the firmware upgrade would have overwritten something on the USG Pro so that, now, there is a naming mis-match between it and the Cloud Key?

 

Should I take this up with Ubiquiti support?

 

Thanks for your comments and help!


 

SSH into your USG and do a:

 

show configuration commands | grep dhcp

 

In the output, look for the sections like:

 

set service dhcp-server shared-network-name net_Guest_eth1_192.168.1.0-24

 

Then compare to your config.gateway.json file.  When I had this issue I think it's because my json didn't have the interface name (eth1) and one of the later controller updates starting adding that.  Changing my json to include the interface name like the controller was now pushing out fixed the issue.

 

New Member
Posts: 13
Registered: ‎03-09-2017
Kudos: 2

Re: [USG] Firmware v4.4.29 now available


@erusk wrote:

@faswva wrote:

@UBNT-cmb wrote:

@faswva wrote:

@erusk wrote:

Do you have DHCP information in a config.gateway.json, by chance?  I had this same thing recently.  It was because of a naming change.  Had to update my json to reflect the new network names.


I don't recall anything like that but I will have a look.


That's my guess as well. That message comes up when there are duplicate "shared-network-name" entries for the same subnet, and that's the only circumstance where I've heard of or seen that. 


Looking at the config.gateway.json pulled down from the Cloud Key and the one from the USG Pro.

 

I don't see any obvious differences in the DCHP sections.  Network names appear to be the same.

 

How would I know that anything has changed? It there a way to compare what the USG Pro has vs. the Cloud Key?

 

FWIW, I haven't made any naming or configuration changes since I first installed/set up my system.

Are you both suggesting that the firmware upgrade would have overwritten something on the USG Pro so that, now, there is a naming mis-match between it and the Cloud Key?

 

Should I take this up with Ubiquiti support?

 

Thanks for your comments and help!


 

SSH into your USG and do a:

 

show configuration commands | grep dhcp

 

In the output, look for the sections like:

 

set service dhcp-server shared-network-name net_Guest_eth1_192.168.1.0-24

 

Then compare to your config.gateway.json file.  When I had this issue I think it's because my json didn't have the interface name (eth1) and one of the later controller updates starting adding that.  Changing my json to include the interface name like the controller was now pushing out fixed the issue.

 


@erusk

 

I did as you suggested but still see no differences.  

What I don't see is any interface assignements in the names - no "eth1", etc., in any of the configs.

 

 

Reply