UniFi 5.8.20 Stable Candidate has been released

by Ubiquiti Employee 3 weeks ago - last edited 2 weeks ago (31,461 Views)

Notes:

  • As always, make a backup prior to upgrading.
  • Windows users must have x64 Java installed as we only support 64-bit WebRTC library. Please see HERE and download the missing version (64bit offline Windows install package).
  • You cannot re-use a VLAN ID for dynamic VLAN if it is set as a static value for another SSID on the same AP. So, if I have a SSID set to use VLAN 10, I cannot use VLAN ID 10 for RADIUS controlled VLAN users as those users will not get an IP.
  • Smart Queue QoS is similar to the implementation as in EdgeOS (see HERE). It's worth noting that maximum throughput will be affected when using QoS, as traffic is not offloaded. There are some rough guidelines in the article linked above.
  • DFS channels can not be used for wireless uplink in the US. Please use non-DFS channels if you need to use wireless uplink on dual band UAPs. 
  • Official UniFi MIBs can be downloaded from HERE and HERE (those are 2 different files).
  • As of 5.7.x we only support Java 8. At this time Java 9 is not supported.
  • Features like airtime fairness, bandsteering, load balancing and minimum RSSI are default disabled. If you need them you need to go to Settings>Site and check Enable advanced features.
  • If you previously used Google Maps for a site map, then you have to enable this feature again by adding an API key. This is done under Settings>Controller. There is a linked guide with instructions.

 

Important Notes:

  • Linux systems must be running a version of MongoDB prior to 3.6.x. We recommend 3.4.x. This is most likely to be an issue on Ubuntu 18.04 LTS, as it currently offers MongoDB 3.6.x. An article will be posted to the help center with some general steps to downgrade MongoDB, and we will link to it in this blog post.
  • The initial database migration will take longer than normal. It is expected to see mongo using most, if not all, of the available CPU cycles during this process. Please be patient, this process could easily take 15+ minutes, depending on the amount of historical stats, as well as the system specs. As always, err on the side of caution, and make a backup before upgrading.
  • The controller will not start if it is set to bind to a privileged port (<1024), as it now runs as a non-root user. There are various ways you can fix this immediately, like authbind, although there may be better ways. We're considering options here.
  • If your controller is running on a UniFi Cloud Key (UCK), make sure it is on firmware 0.6.4 or later, otherwise the controller will not start. This firmware is available via the normal upgrade mechanism found in the controller or it's local management page. Make sure to make a backup before upgrading the UCK firmware, as you'll need it to restore after, and it's good to have a backup on hand before any controller upgrade.
  • Support for PicoM2 and 1st gen AC models was dropped in 5.7.x. Please see our announcement HERE.
  • As of release branch 5.7.x we've made some important changes to the Wireless Uplink feature (feature details HERE).
    • We removed the "Enable automatic uplink failover" from wireless uplinks as it is no longer needed.
    • We added the ability to opt an AP in or out of wireless uplinking to another AP. This is done by checking the "Allow meshing to another access point" option found under device properties>Config>Wireless Uplink.
      • This option should be disabled on wired APs, but is required to be enabled on wireless APs.
      • If you disable this option on a downlink/wireless AP, then your AP will be disconnected from the network and require further action (including physical access).
      • If upgrading from 5.6>5.7 then this already be disabled on wired APs, but if upgrading from an earlier 5.7. release then this may be enabled on wired APs. 
      • Again, this option should be enabled on downlink/wireless UAPs only. It should not be enabled on wired UAPs. 
    • We added the ability to set uplink priorties. This allows you to define the preferred uplinks for a downlink/wireless AP.
  • Fixed IPs (DHCP reservations) are now required to use unique IPs. The same IP cannot be assigned to more than one device. For configurations that already contain duplicates, only the most recently active device will have its fixed IP provisioned to USG. The controller's server.log will contain a log message skip provisioning duplicate fixed IP <IP address> for user[<MAC address>] indicating which was omitted where there are conflicts.

 

Known Issues:

  • airTime will not work if a radio is disabled and/or there isn't any SSID present. This will be fixed in a future release. If you enable it, and it still isn't working, then you may need to force a refresh without cache. 
  • If you start both a 2.4GHz and 5GHz scan in quick succession, then it will fail.
  • It is expected that airView will stop occasionally. A stop/start sequence should restore functionality.
  • If you start an airTime scan while airView is running, then airView will stop and you'll need to perform a stop/start sequence to get it working again. This will be fixed in the future.
  • Port mapping for USG (UGW3) is incorrect under performance statistics. This will be fixed in the next release (5.8.21).

 

New Features:

  • Add Scheduled Upgrades support (Beta).
  • Add site VPN route distance.
  • Add WeChat authentication to Hotspot.
  • Add netconsole logging to site config.
  • Add speed and duplex config for USG interfaces.
  • Add control for dnsmasq as DHCP server.
  • Add Wi-Fi Happiness to client STA statatistics.
  • Add app switcher.
  • Allow setting opacity on Image-type maps.
  • Allow setting Management VLAN at Access Points.
  • Property Panel: Show images of most popular client devices.
  • Assign USG Physical Ports to Logical Networks.
  • Local SSO login.

 

Controller bugfixes/changes since 5.7.x:*

  • Add description for mDNS.
  • Add tooltip that DHCP DNS must be a valid IP address only.
  • Allow Facebook-based Hotspot authorization portal to be opened in Apple Captive Network Assistant.
  • Allow setting mask /31 (255.255.255.254) for USG/WAN to be compliance with RFC3021.
  • Display warning when time series start day is before data retention settings for given granularity.
  • Use the same tab order as switches for UAP-AC-IW.
  • Update translations.
  • Device list: Invisible uplinks in Uplink column after refresh.
  • Switch stats should't allow to select device managed by other.
  • Prepopulate RADIUS Tunnel-Medium Type once "Virtual LANs (VLAN)" is selected.
  • Fix MAC auth provisioning so RADIUS assigned VLAN is set when it's enabled in the RADIUS profile.
  • Fix devices disappearing from map when changing from legacy to designer without saving and cannot change map type from Google to image at the second time.
  • Remove extra PHY port for USG-XG.
  • Show Hardware Offload as off when IPS is enabled, don't allow it to be turned on.
  • Expose HTTPS blocking for Facebook Wi-Fi portal. Note you will need to add all required Facebook subnets/hostnames to pre-authorization list manually.
  • Various backend bug fixes and improvements.

The above changelog will be updated over the coming days, to better show bugfixes and changes between 5.7 and 5.8. Below is a full list of changes, including those that may be found in earlier release branches and bugs that were found and fixed earlier in the 5.8 testing stages.

Spoiler
  • Additional DPI application icons (i.e. Slack).
  • Add description for mDNS.
  • Add tooltip that DHCP DNS must be a valid IP address only.
  • Hide gateway, broadcast and mask for User VPN networks.
  • In case of Topology with large number of nodes (> 200), draw straight lines to improve performance.
  • Improve way how Donut charts display tooltips, to prevent being overlapped by other elements.
  • Showing message about missing permission in routing utilization widget.
  • Extend form's elements to show whole value at Settings/User Groups.
  • Additional charts for Devices (Statistics -> Performance view).
  • Fix missing DPI users (name & icon).
  • Fix for airTime view in Firefox 57.
  • Add workaround for Cloud Key firmware upgrade issue, for devices on firmware 0.8.1 to 0.8.4 (reportedHERE).
  • Apply the same rules for both TCP and UDP DNS, which fixes the issue reportedHERE.
  • Add control for dnsmasq as DHCP server.
  • Allow setting mask /31 (255.255.255.254) for USG/WAN to be compliance with RFC3021.
  • Display warning when time series start day is before data retention settings for given granularity.
  • Improve device marker on maps.
  • Update status colors in VPN widget.
  • WAN & WLAN Histograms - mark current values instead of mean ones, limit glowing elements number to 3.
  • Add message with instruction to csv upload.
  • Add model EOL (end of life) pending warning.
  • Additional charts for Devices (Statistics -> Performance view).
  • Drag and drop optimizations.
  • Expand firewall group name limit to 64.
  • Hide the Aggregation option under Network when UAP supports it natively.
  • Improve way how Donut charts display tooltips, to prevent being overlapped by other elements.
  • IPv6 - Add DHCPv6 DNS Control.
  • Lock web store to US only.
  • Fix handling error responses received via WebRTC channel.
  • Fix Routing Utilisation Widget layout issues.
  • Fix Schedule Upgrade editing via WebRTC.
  • Fix displaying selected priority wireless uplink.
  • Fix displaying blank page on double click on Insights.
  • Fix filtering outdoor channels by using default value for outdoor mode.
  • Fix handling error responses received via WebRTC channel.
  • Fix missing action buttons after enabling cloud access.
  • Fix saving RADIUS profile without accounting servers.
  • Fix MAC auth provisioning so RADIUS assigned VLAN is set when it's enabled in the RADIUS profile.
  • Fix radios sorting in Configure Radios section.
  • Update device uplink name dynamically.
  • GeoIP Filtering - Block incoming/outgoing/both traffic.
  • Temporarily remove WAN/WAN2 IPv6 PPPoE option. 
  • Rename label 'Select group' to 'Any' in firewall's form.
  • SNMPv3 - Username and Password validation to match SNMPv3 standard and USG requirements.
  • Show Hardware Offload as off when IPS is enabled, don't allow it to be turned on.
  • Map fixes: Devices disappearing from map when changing from legacy to designer without saving and cannot change map type from Google to image at the second time.
  • Several device management improvements, to improve UX and mitigate some errors.
  • Allow to customize Map Device Marker label.
  • Change SSH Credentials before restore from backup in wizard.
  • Modify the way how Channel Distribution widget lays out its internal elements.
  • Disabled devices should not be taken into account in general site status.
  • Designer Map: fix setting scale in feet.
  • Fix airTime scan Details empty table.
  • Fix case when locked device could be moved on Designer map.
  • Fix dashboard related errors in js console after logging out.
  • Fix UI jitter bug in Device Property Panel airTime accordion.
  • Topology: prevent overlapping labels on wireless links.
  • Fix date format not always being localized.
  • MeshV3 Stability Improvements.
  • Fix a bug preventing email password recovery from functioning in some cases.
  • Various hardware provisioning improvements.
  • Tweak Topology lines shape to avoid overlapping with text labels.
  • Topology: show wireless Client's channel.
  • Display message when user logs into controller and there are devices with upgrade available.
  • Prepopulate RADIUS Tunnel-Medium Type once "Virtual LANs (VLAN)" is selected.
  • Don't allow setting up DHCP server on IPv6 networks unless the interface type is `static`.
  • Clarify IPS alert wording.
  • Disable hardware offload on USG when Smart Queue QoS is enabled.
  • Add event for switch PoE port disconnect and overload.
  • Expose HTTPS blocking for Facebook Wi-Fi portal. Note you will need to add all required Facebook subnets/hostnames to pre-authorization list manually.
  • Allow Facebook-based Hotspot authorization portal to be opened in Apple Captive Network Assistant.
  • Prevent site-to-site VPN from unnecessarily reprovisioning on controller start.
  • Fix State in map marker label is on the left side.
  • Fix Topology error occuring for aliases longer than 24chars.
  • Fix Invisible STA device image.
  • Fix DPI Selector per user: all categories highlighted.
  • Fix Topology path highlighting when mouse pointer is over client label.
  • Fix User DPI details sometimes application name is empty.
  • Select RADIUS VLAN when enabled for WLAN.
  • Fix Debugging Metrics.
  • Fix Topology console error.
  • Fix factory reset issue on UCK.
  • Fix pre-adoption upgrade of USG devices.
  • Fix VPN status reporting. 
  • Lower RSSI requirements for wireless adoption.
  • Remove reboot before upgrade logic from UAP upgrades
  • Improve Neighboring Access Points loading.
  • Virtual Device on map: avoid duplicated device name inside label.
  • Added missing mapping for PoE events (PoE Overload and PoE Disconnect).
  • Show additional performance graphs in AP Property Panel.
  • Added missing mapping for PoE events (PoE Overload and PoE Disconnect).
  • Allow for assigning network groups that are only VLAN based.
  • Allow to dismiss toast when there are devices with upgrade available.
  • Fix saving DHCPv6 Server configuration.
  • Throughput graph - restore max values bars.
  • Topology on Safari - fix node labels position shifted up.
  • Virtual Device on map: avoid duplicated device name inside label.
  • Reduce port stats log level to fix unnecessary log spam. 
  • PPPoE IPv6 provisioning improvements. 
  • Improve guest portal handling on gateway devices.
  • Fix filtering virtual devices on maps.
  • Fix creation of IPv6 PD LAN networks.
  • Fix validation of IPv6 IPs as group members (reported HERE). 
  • Improve Neighboring Access Points loading.
  • Virtual Device on map: avoid duplicated device name inside label.
  • Added missing mapping for PoE events (PoE Overload and PoE Disconnect).
  • Show additional performance graphs in AP Property Panel.
  • Allow for assigning network groups that are only VLAN based.
  • Allow to dismiss toast when there are devices with upgrade available.
  • Fix disabled "Queue Changes" button in batch AP LED configuration.
  • Fix saving DHCPv6 Server configuration.
  • Throughput graph - restore max values bars.
  • Topology on Safari - fix node labels position shifted up.
  • Virtual Device on map: avoid duplicated device name inside label.
  • Reduce port stats log level to fix unnecessary log spam. 
  • PPPoE IPv6 provisioning improvements. 
  • Improve guest portal handling on gateway devices.
  • Improve wireless adoption process.
  • Conditionally enable journalling on UCK after successful migration. 
  • Fix filtering virtual devices on maps.
  • Fix creation of IPv6 PD LAN networks.
  • Fix validation of IPv6 IPs as group members (reported HERE). 
  • Add USG alias validation.
  • Add port group validation.
  • Add autochannel support for devices with multiple radios (XG).
  • Add ability to open debug terminal by clicking an IP on the device overview screen.
  • Display toast with information about new controller version.
  • Update timezones list to IANA tzdb.
  • Hide message when controller minor version has not changed.
  • Fix save/provision error with UnNP.
  • Fix IPv6 related configs.
  • Fix PPPoE interface name in routing table.
  • Fix an issue causing the controller to be factory reset.
  • Prevent overlapping header text over close button.
  • Prevent port forwards from interfering with IPsec and vice versa.
  • Improve reliability of topology.
  • Fix broken batch config for radios.
  • Fix channel width inconsistency.
  • Fix cut RF Scan tooltip.
  • Fix for clients counters in property panel.
  • Fix pre-selecting timezones.
  • Fix progress bar width on opening WebRTC connection.
  • Fix release notes display.
  • Fix IPv6 RA attributes.
  • Fix RADIUS auth and accounting on guest networks when using USG. 
  • Fix port forward WAN interface. 
  • Add missing PoE event labels.
  • Fix broken device stats.
  • Add French translations.
  • Add timestamp to manually downloaded backup file.
  • Add tags column to devices page.
  • Add bypass for confirm before device downgrade.
  • Display user count graph in device performance statistics page.
  • Improve blocking opening device terminal for not supported devices.
  • Improve translation for firmware upgrade toast.
  • Fix Hotspot Manager and Site Overview with WebRTC connection.
  • Fix missing translation for Client Satisfaction in property panel.
  • Fix manually download backup file for Firefox.
  • Fix scrolling down the walls tab in map designer mode.
  • Fix incorrect internet traffic count for wireless clients.
  • Fix loading Settings page with German translations.
  • Fix saving network settings before adopting USG.
  • Fix IPv6 PD Prefix ID validation and config generation.
  • Topology path highlighting fix.
  • Hide configuration section in Elite Device settings when Cloud Access is off.
  • Prevent console errors when Map Links are toggled on and device is removed.
  • Additional columns in Clients list.
  • Show more accurate client's device images in property panel.
  • Show the WLAN VLAN is RADIUS assigned in the WLAN list, when it is.
  • Hide Elite ToS accept button for unsupported countries.
  • Mask password characters for RADIUS hotspot (reported HERE).
  • Update outdoor mode checkbox label.
  • Improve reported topology when using wireless uplinks. 
  • Fix incorrect client signal value in ap's property panel and clients list.
  • Fix empty Radio Type dropdown on Performance page.
  • Fix a bug with L3 wireless adoption.
  • Display correct labels at ports list when port is not configurable.
  • Extend Client statistics signal level range.
  • Fix unwanted username/password autocomplete.
  • Hide Elite ToS accept button for not supported countries in property panel.
  • Fix client signal binding.
  • Fix downloading autobackup (which is saved on SD card) via unifi.ubnt.com (reported HERE).
  • Fix editing WLANs via group config.
  • Fix filtering of top APs, and improve performance of stats filtering.
  • Fix available wireless uplinks so disabled radios/APs are not displayed (reported HERE). 
  • Fix upgrade failed event when scheduled upgrade runs and device is on latest firmware.
  • Only enable source validation for single WAN use cases.
  • Rename duplicated translation key for connectivity monitor.
  • Disable host record for static DHCP mappings.
  • Fix setting speed/duplex on disabled interfaces of USG-XG-8.
  • Temporarily limit MongoDB support to releases prior to 3.6.x (currently 3.4.x is recommended).
  • Add tooltip for enabling geoIP filtering.
  • Improve accuracy of reported wireless uplink candidates.
  • Adding display of RSTP in switch properties panel when it's enabled.
  • DPI refactor, also prevent more than 6 items on the list.
  • Fix timezone selection in Wizard.
  • Fix DPI Donut Chart on click handler.
  • Fix DNS rules for guest VLANs.
  • Fix restoring from autobackup on SD card.
  • Fix authorize.net support - the guest's email is now properly sent when that field is enabled.
  • Disable open terminal after click on IP address for sites without advanced features enabled.
  • Omit /0 networks from USG guest firewall group config as they are unsupported. 
  • Hide Fast Roaming feature for Open networks.
  • Improve wireless uplink migration. 
  • Statistics/Performance: fix time range selection.

 

Recommended Firmware:

 

Download: