UBNT EdgeRouter LAN Config Issue
-
@krisleslie said in UBNT EdgeRouter LAN Config Issue:
@dashrender at one point they were connected and had to be disconnected. The assistant never gave a reason to why. In hindsight prolly due to improper setup.
Problem I have is he took it upon himself to make a lot of the decisions vs consulting me. I had bigger fish to fry but its all coming back to haunt me. Very suck at this point.
Does this mean the sites don't really need to be connected then?
-
@krisleslie keep all of the IP addresses on the ER L for now just fix your DHCP add 10.10.0.1/22 If that address is not currently used. That will be your new gateway but you need to keep all the other ones until everything else is fixed so that everything will work to the Internet. you want to keep the/22. You do not want to/21 unless that.4 was part of your main network. All of us believe that that was your guest Wi-Fi so that has nothing to do with your/22.
-
Site 1 which is the headquarters is where I am at. Our site is huge for us but tiny when I compare it to my enterprise offices Ive worked at. We have two virtual hosts on XenServer at this site with about 20 guest vms. We have 6 switches all ubiquiti except 3. We have a security system with ubiquiti with roughly 25 or 30 cameras. 5 uniquiti WAPs. We have voip, hosted with NTG, last i checked about 30 phones. About 50 staff not including contractors and other partners. Then we have students anywhere from 10-75 at a time.
The explosion of ip devices came when people started brining byod devices, so im seeing tablets, phones watches and God knows what else.
Then we have Site 2 is a ROBO. Literally same equipment except only one ubiquiti switch, no nvr or cameras. 2 WAPs. Slower internet but its only 10 staff or less and up to 15 students.
Site 3 is done by another company so no involvement for me
Site 4 is also being managed by another company. 5 staff. No students or up to 5. Tiny office little work being done.
Site 3 will never vpn into us ever.
Site 4 in theory will.
-
Site 2 is roughly a 45 min drive. Site 4 is almost 4 hours. So im strongly considering never to put equipment there. In fact I want to take their systems and swap them for Chromebooks. The staff there 80% of their work is done online.
-
So it sounds like your main network has around (2 VM Hosts, 20 VMs, 6 switches, 30 cameras, 5 WAP, 30 phones, 50 PCs, 75 students) 218 IPs call it 240 when you toss in the firewall and printers.
You're close to the typical /24, but I don't see where you've breached it yet, until BYOD.
Do those BYOD devices need to be on the production network? If not, move them to something like 10.20.0.x/23.
Assuming our early mentioned belief that 10.10.4.x was for guest access, this means you can make your production network 10.10.0.x/22 and be fine. No need to go to 10.10.0.x/21.
-
@krisleslie said in UBNT EdgeRouter LAN Config Issue:
Site 2 is roughly a 45 min drive. Site 4 is almost 4 hours. So im strongly considering never to put equipment there. In fact I want to take their systems and swap them for Chromebooks. The staff there 80% of their work is done online.
It's that other 20% that kills ya.
-
At one point I wanted site 4 to be a point to back up to, but I keep seeing how people strongly suggest azure for that.
I guess to stay focused, once I can clear the office, Ill start making the changes to the scope.
-
@krisleslie said in UBNT EdgeRouter LAN Config Issue:
At one point I wanted site 4 to be a point to back up to, but I keep seeing how people strongly suggest azure for that.
Who do you see suggestion Azure? No one around here on ML.
-
@krisleslie said in UBNT EdgeRouter LAN Config Issue:
I guess to stay focused, once I can clear the office, Ill start making the changes to the scope.
If you can kick all those BYOD devices off now until you get things fixed.. that might help you a lot. You can also do the DHCP reservations changes now @JaredBusch recommends, and change the DHCP lease time now.
-
@dashrender not on here. But in the non profit world we get a yearly allotment especially for Azure. I have used Azure only to spin up a vm or two but mainly just to test how feasible it was.
-
@krisleslie said in UBNT EdgeRouter LAN Config Issue:
@dashrender not on here. But in the non profit world we get a yearly allotment especially for Azure. I have used Azure only to spin up a vm or two but mainly just to test how feasible it was.
Would that yearly allotment include enough space to store your backups?
-
@dashrender last night i dropped all leases lol.
-
@krisleslie said in UBNT EdgeRouter LAN Config Issue:
@dashrender not on here. But in the non profit world we get a yearly allotment especially for Azure. I have used Azure only to spin up a vm or two but mainly just to test how feasible it was.
How about starting a new thread to talk about backups for your situation? Help you keep things separated.
-
@dashrender i will brother. I can say the performance i pray will get better after all the changes.
-
@krisleslie said in UBNT EdgeRouter LAN Config Issue:
@dashrender i will brother. I can say the performance i pray will get better after all the changes.
While you do have a funky setup - I'm not sure I would expect any performance issues from it. Where are you seeing issues?
-
@dashrender yep. Been fixing them as we go. The building we are in, we chose (unfortunately) to reuse wiring and to add new wiring where needed. This building is roughly 50 years old. Been through at least 10 business changes.
I think most issues now are probably due to config more than wiring.
-
@krisleslie said in UBNT EdgeRouter LAN Config Issue:
w wiring where needed. This building is roughly 50 years old. Been through at least 10 business changes.
Right, but what issues in performance are you seeing?
-
@dashrender VOIP has been an issue (we used cable business class). But the router being compromised also lead to failures.
-
Strongly considering swapping to fiber since its finally being rolled out.
-
@krisleslie said in UBNT EdgeRouter LAN Config Issue:
Strongly considering swapping to fiber since its finally being rolled out.
Do it. Latency response times and such are all way better. Generally network monitoring and customer service or better also.