09-06-2017 05:30 PM
I am running a controller on a dedicated VM and it is version 5.4.11. The APs are at another facility so adopotion is handled via the Internet. I currently have only 4 UniFi AP-AC-Lite APs adopted however I am noticing a lot of close_wait, time_wait, fin_wait_2 on my controller.
I tried to recently add two more units and they never showed up on the controller. I verified the inform address multiple times, verified connectivity from APs with ping, verified firewall logs for inbound 8080 sessions from APs and everything looks good. The traffic was getting through however the controller never picked them up so I could adopt. This is what led me to netstat and checking connections so the issue may be related or may not be however, I wanted to see if anyone had experience with this before because I am at a stalemate. Any help would be much appreciated!
05-13-2018 08:40 PM
I have something similar happening but only when I run the controller in Docker in bridge mode, which uses the docker-proxy application.
What happens is that any remote UAPs (coming in via NAT on 8080 on my Mikrotik router) leave FIN_WAIT2 and CLOSE_WAIT connection statuses (about 25,000 of each) after a few days.
This does NOT happen for local UAPs, nor does it happen if I use host networking in docker.
Very odd, for now I have that workaround but one day I may have time to investigate.
03-12-2019 03:54 AM
I have a similar problem where I host a Unifi Controller on Debian behinde Mikrotik Firewall NAT for my customers. About 100 sites with 500 devices.
Due to many heartbeat missed states of devices on all sites I checked the firewall and recognized many tcp close wait states. Also the input drop rule for invalid connections rise very quickly, all coming to port 8080 from customer sites.
Did you find a solution @rwojo?
Interesting is also the laggy network on other services, like mail or winbox access from outside. It requires many attempts to get an email out or connect. Teamviewer also only works if I get lucky.
What I have to check is if the system works if I replace the Mikrotik with another firewall.
03-12-2019 04:33 AM
I believe I heard someone else post that it's a issue with one of the mikrotik firmware versions.
USG-XG-8 • USG-4-PRO • USG
US-XG-16 • US-48-500W • US-24-POE-250W 2x • US-16-POE-150W 3x • US-24 • US-8-150W • US-8
UAP XG • UAP-SHD • UAP-HD • UAP-NanoHD 2x • UAP-AC-PRO 2x • UAP-AC-LITE • UAP-AC-IW • UAP-AC-M • UAP-AC-M-PRO 2x
UAS-XG • UCK-G2-PLUS • UCK-G2 • UCK
03-13-2019 05:42 AM
Interesting. I don't have any other issues related to my MikroTik at all so I don't think I have the same issue as that thread describes.
Mine seems mire more related to running the UniFi controller in docker in different networking modes.
When unifi has had issues as well, I didn't have any other related issues on my network. Just unifi.