Great details ! Going to implement now. Thank You Bob Evans CTO
> On 6/19/15 10:57 AM, Bob Evans wrote: >> Thank You Charles, >> Been on NANOG a while - all the basic stuff we know well. Like, cables, >> cluster occurrences etc. Looking for the UniFi specific experience. Its >> not the switches, power, cables, ports show no CRC issues etc. >> >> We even setup another network with just 2 and it happens randomly - so >> its >> some code or something. Think I'm going to let one of the guys here >> login >> the the controller and see if we missed a setting in the latest code. >> NANOGs real good at having someone with specific targeted knowledge >> appear. >> > > I've got a bunch of regular UAPs spread out over multiple customers with > various network setups including ERLs as routers, CenturyLink POS modems > of various generations, Dink routers, etc. > > My controller is hosted off-site in Tacoma in our data center. > > Some issues I've run into, particularly on the consumer devices like the > older CenturyLink/Qwest modems... > > 1) Broken MTU clamping/fixing on PPPoE links, causing the UAPs to have > problems making a connection to the remote controller. > > Worked around by messing with the MSS using iptables on specifically the > tcp/8080 and tcp/8443 port on the controller end. > > Other devices, had to make sure to disable the firewall feature on > modem, in order to get it to stop eating ICMP packets (and thus breaking > pmtu). > > 2) Faulty DNS server daemons on the routers. The UAPs would have issues > randomly resolving the controller's IP address from hostname. Have this > problem time to time with anyone using the built in DNS servers on the > CenturyLink/Qwest modems. > > Resolved this issue by statically defining IP and DNS servers on the > UAPs (DNS server set to 8.8.8.8). Also had to disable the firewall on > one of the routers to get it to not intercept/mangle DNS packets. > > These two issues alone have caused me major issues with the devices > randomly being unable to get new configurations or download firmware > updates. > > > On network switches connected to the UAPs, make sure that you've got the > port set to whatever the switches' version of cisco 'portfast' is. > > In the Site Settings under the Unifi controller, disable "Enable > connectivity monitor and wireless uplink" and see if the problem eases > up. If you need to use the uplink monitor, manually set the IP you want > to check with, and make sure the UAPs can actually ping said IP. > > > I'm the head mod for /r/Ubiquiti, so feel free to bounce things off of > me privately with your Unifi setup, and I'll be happy to give you a > hand. I can also direct you to the unofficial Ubnt IRC channel where > you can get a bunch more opinions. > > > -- > Brielle Bruns > The Summit Open Source Development Group > http://www.sosdg.org / http://www.ahbl.org >
