Router:Ubiquiti EdgeRouter Lite: Difference between revisions

← Older edit

Router:Ubiquiti EdgeRouter Lite (view source)

Revision as of 09:15, 25 February 2018

3,764 bytes added , 25 February 2018

→‎Enabling UPnP/NAT-PMP/PCP

TomJepp

51

edits

Revision as of 18:02, 30 July 2017 (view source) TomJepp (talk \| contribs) No edit summary ← Older edit		Latest revision as of 09:15, 25 February 2018 (view source) TomJepp (talk \| contribs) (→‎Enabling UPnP/NAT-PMP/PCP)
(7 intermediate revisions by 2 users not shown)
The Ubiquiti EdgeMAX ERLite-3 (EdgeRouter Lite 3) can be used as a router (with a suitable modem) with A&A's services. The router is based on a dual-core MIPS64 processor and runs a Linux distribution called EdgeOS which uses a configuration system forked from Vyatta with a web-based interface on top. ~~This configuration was tested with a UBNT EdgeRouter Lite running v1.9.1 firmware, and a BT ECI FTTC modem.~~ = You'll need = * ana PPPoE ADSL or FTTC modem, or a fibre ONT (for FTTP). A&A's supplied modems & routers can be configured into a bridge mode for this. = Basic Automatic Configuration =▼ As of recent firmware versions (at least since v1.9.7-hotfix.4) you can almost achieve a working configuration just by using the Basic Setup wizard in the router's web interface, but there are currently a couple of extra configuration changes you have to do manually to fix IPv6 support. * Connect a computer to the router, access its web interface and start the Basic Setup wizard. Set the 'Internet connection type' option to PPPoE and give it the PPP username and password of your A&A line. Enable the DHCPv6 PD option (which allows for almost entirely automatic configuration of IPv6) and set the IPv6 prefix length that you have set up for your line on the A&A control pages (if you're not sure, it would normally be /64 by default): [[File:EdgeOS Basic Setup Wizard.png\|640px]] * Configure the rest of the Basic Settings Wizard settings however you like or leave them as the defaults. * Finish the wizard and reboot. Connect your PPPoE modem to the eth0 port on the router, and your LAN to the eth1 port (to match the conventions used by the setup wizard). You should now have a working IPv4 internet connection. * The two things that need to be done to fix IPv6 support are enabling the IPv6 option for the PPPoE connection, and setting up a default route to use the PPPoE interface because an IPv6 route doesn't get added by default when the connection is established. To add those settings enter the router's command-line interface either by using the '''CLI''' button on the web interface or using SSH and then enter the following commands: <nowiki>configure set interfaces ethernet eth0 pppoe 0 ipv6 enable set protocols static interface-route6 ::/0 next-hop-interface pppoe0 commit save exit</nowiki> * You don't need to reboot for the changes to take effect and your PPP session should reconnect and come back up with IPv6 configured and working. == Other configuration options == === Enabling a 1500 MTU === To enable 1500 MTU if you know that your modem can support baby jumbo frames: <nowiki>configure set interfaces ethernet eth0 pppoe 0 mtu 1500 set interfaces ethernet eth0 mtu 1508 delete firewall options mss-clamp commit save exit</nowiki> === Enabling UPnP/NAT-PMP/PCP === UPnP, NAT-PMP & PCP are protocols that allow devices behind your router to automatically forward ports. This can be useful to allow devices such as games consoles to work more easily, but it does have security implications as it allows programs to open holes in your firewall. To enable the [https://community.ubnt.com/t5/EdgeMAX/UPnP-vs-UPnP2-What-s-the-difference-between-upnp-and-upnp2/td-p/1312305 MiniUPnP server] to allow local clients to forward ports using UPnP/NAT-PMP/PCP: <nowiki>configure set service upnp2 listen-on eth1 set service upnp2 nat-pmp enable set service upnp2 secure-mode enable set service upnp2 wan pppoe0 commit save exit</nowiki> === Hardware offloading === To enable as much hardware offloading as possible ("[https://help.ubnt.com/hc/en-us/articles/115006567467-EdgeRouter-Hardware-Offloading-Explained Note: It is currently not possible to enable IPv6 offloading for PPPoE and VLANs simultaneously.]"): <nowiki>configure set system offload ipv4 forwarding enable set system offload ipv4 gre enable set system offload ipv4 pppoe enable set system offload ipv4 vlan enable set system offload ipsec enable set system offload ipv6 forwarding enable set system offload ipv6 pppoe enable set system offload ipv6 vlan disable commit save exit</nowiki> = Manual configuration = ~~= Assumptions =~~ * '''eth0''' is plugged directly into the modem or ONT * '''eth1''' will be used for your LAN * You're using a Home::1 or similar service with one IPv4 address for WAN. * Your internal LAN IPv4 range is 192.168.0.0/24, of which you'll use 100 -> 149 for DHCP. * A&A have allocated you 2001:8b0:db8::/48 and your internal LAN IPv6 range is 2001:8b0:db8:1234::/64. You'll need to change these values in the configuration to match your actual setup. * You have some familiarity with the EdgeRouter Lite and EdgeOS. If you're running an older version of EdgeOS or if you prefer to configure your router manually rather than using the setup wizard, you can also use a configuration like the following. ▲= Configuration = ~~Don't just blindly copy & paste this whole configuration!~~ Don't just blindly copy & paste this whole configuration! Pay attention to the comments (lines starting with #) - they give a basic overview of what each section does. You'll need to change the IPv6 addresses in this configuration to match the ones shown for you on the control pages, and add your username and password. # These offload settings are the best compromise from my personal experience # as PPPoE isdownload speeds are generally low enough on A&A connections to not need hardware acceleration # If you don't use VLANs internally, you might enable ipv6 pppoe offload and disable ipv6 vlan offload for better IPv6 download performance # as you can only have one of those two enabled at once set system offload hwnat disable set traffic-control smart-queue wan-qos upload rate 20mbit set traffic-control smart-queue wan-qos wan-interface pppoe0 = Useful commands = To check the PPP log: tail -f /var/log/vyatta/ppp_pppoe0.log To disconnect/connect PPP manually: disconnect interface pppoe0 connect interface pppoe0 To inspect the ports that have been opened for UPnP/NAT-PMP/PCP (this only works when using the 'upnp2' configuration option rather than the older 'upnp' option which uses a different server): show upnp2 rules [[Category:3rd Party Routers]]