UBNT EdgeRouter LAN Config Issue
-
@krisleslie said in UBNT EdgeRouter LAN Config Issue:
Strongly considering swapping to fiber since its finally being rolled out.
Do it. Latency response times and such are all way better. Generally network monitoring and customer service or better also.
-
@jaredbusch i agree i use to work in a few nocs. I miss our old t1 provider they actively stayed in communication
-
@jaredbusch said in UBNT EdgeRouter LAN Config Issue:
@krisleslie said in UBNT EdgeRouter LAN Config Issue:
Strongly considering swapping to fiber since its finally being rolled out.
Do it. Latency response times and such are all way better. Generally network monitoring and customer service or better also.
This is totally service based.
CenturyLink is deploying fiber but no redundancies (single ring) and aren't offering any of the other typical features of higher cost solutions (like Cox provides locally).
Just make sure you find out what they are offering. -
Stepping back to take another stab at this issue.
@Dashrender from the Edge Router, how should the interface be set up for my LAN?
-
@krisleslie said in UBNT EdgeRouter LAN Config Issue:
Stepping back to take another stab at this issue.
@Dashrender from the Edge Router, how should the interface be set up for my LAN?
ug way back machine here...
you still have devices pointing at multiple /22 IPs for default gateways?
-
Yes and I apologize brother.
I guess for me, I need to break this down into chunks and accomplish specific things first. I'm still a bit "noob".
From the Ubiquiti router, of course, it's been wiped and re-setup. I have one interface still set up with the 10.10.2.x through 4.x from the router.
I'm not clear if moving forward starting from the router, what has to be accomplished.
-
@krisleslie said in UBNT EdgeRouter LAN Config Issue:
Yes and I apologize brother.
I guess for me, I need to break this down into chunks and accomplish specific things first. I'm still a bit "noob".
From the Ubiquiti router, of course, it's been wiped and re-setup. I have one interface still set up with the 10.10.2.x through 4.x from the router.
I'm not clear if moving forward starting from the router, what has to be accomplished.
Got it.
I think from a router standpoint, as long as you have the normal NAT features enabled, you're good to go. Nothing more on the router should be needed. -
So from the router we still have 3 different lans set up. There is 2.x, 3.x and 4.x
I assume the 0.x and 1.x were originally intended to be reserved for the ROBO (kinda backwards). However, because that is an issue in itself for another post Ill let that one go lol
-
@krisleslie said in UBNT EdgeRouter LAN Config Issue:
So from the router we still have 3 different lans set up. There is 2.x, 3.x and 4.x
I assume the 0.x and 1.x were originally intended to be reserved for the ROBO (kinda backwards). However, because that is an issue in itself for another post Ill let that one go lol
Once you start using a /22 on the 2.x network, you'll have instant access to 0.x and 1.x networks.
-
In your final design, what do you want your LAN gateway to be and what do you want your public WiFi gateway to be?
I would use this setup.
Plan your LAN to be
10.10.0.0/22
. This means LAN computers will function on10.10.0.1 - 10.10.3.254
.
Plan your Public WiFi on10.10.4.0/24
. This mean you will use10.10.4.1 - 10.10.4.254
. It also means if you need a larger Public WiFi space, you ca expand it so a/23
or even/22
without overlapping you LAN.On your ERL
eth0 setup for your WANeth1 setup for your LAN with IP addresses:
10.10.0.1/22 - New permanent LAN Gateway (use this one when you run the setup wizard)
10.10.2.1/22 - one of the existing gateways
10.10.3.1/22 - one of the existing gatewayseth2 setup for your WiFi with IP address:
10.10.4.1/24If your Public WiFi is a VLAN on a shared UAP with the private WiFi (very common) then instead of eth2, you set up a VLAN on eth1 with the
10.10.4.1/24
address. -
Then you verify everything works as is.
Once you have this setup, you can add a firewall rule to block access form the 10.10.4.0/24 subnet to the LAN subnet and ensure everything works as intended.
Now, you can begin to change your stuff.
First, go to all static devices and change their subnet mask from whatever they are to
255.255.252.0
but do not change their current IP address or their current gateway as that would be potentially disruptive to the working environment.Change your VPN tunnels to use the new subnet.
Next change your DHCP scope to hand out the
10.10.0.0/22
scope and the new gateway IP of10.10.0.1/21
Once all the dynamic stuff has a new IP address, change the default gateway in the static devices.
You can also now change the IP address of the static devices if you want to reorganize them. But that is just a normal management task, not critical to the functionality.
-
Thanks guys!
So for my interface on eth1 include the following:
10.10.0.1
10.10.1.1
10.10.2.1
10.10.3.1I use Ubiquiti for the wireless also and the company wifi is using whatever is free from the dhcp server scope (the windows 2012 r2 box). So when I reset the Guest Wifi just only include 10.10.4.1 and when I need more space, just switch from /24 to /22 as need permits.
-
@jaredbusch said in UBNT EdgeRouter LAN Config Issue:
a larger Public WiFi space, you ca expand it so a /23 or even /22 without overlapping you LAN.
lastly after everything is moved to using 10.10.0.1/22 as the gateway, you can remove the other IPs from the ERL
-
@krisleslie said in UBNT EdgeRouter LAN Config Issue:
Thanks guys!
So for my interface on eth1 include the following:
10.10.0.1
10.10.1.1
10.10.2.1
10.10.3.1If you aren't using 10.10.1.1 right now, you can skip it.
-
I guess the confusing part for me, is from my point of view, I'm trying to figure out why would I need all 4 of the LANS there on the router? I assume this is so the router can see between each network and route.
-
@krisleslie said in UBNT EdgeRouter LAN Config Issue:
So when I reset the Guest Wifi just only include 10.10.4.1 and when I need more space, just switch from /24 to /22 as need permits.
Correct.
Depending on how you setup the guest network, you'll need to have it set to use the correct VLAN. This can be one at the SSID level on the controller. -
Not using it but if this would lessen the burden, I would go ahead and get it done now vs waiting for it to fall in my pants months down the road lol.
-
@krisleslie said in UBNT EdgeRouter LAN Config Issue:
I guess the confusing part for me, is from my point of view, I'm trying to figure out why would I need all 4 of the LANS there on the router? I assume this is so the router can see between each network and route.
It's because you don't want to break what you have today.
-
GOTCHA!
So what should have occured originally was, when the router was configured, it should have only included the 10.10.0.1 gateway for the eth1 interface. Then from the Windows Server, when setting up the scope, each scope should have been spelled out as 10.10.0.1 - 10.10.3.254 then I could have came back and made one more scope to only be 10.10.4.1 through 10.10.4.254 (just for guest wifi).
-
@dashrender said in UBNT EdgeRouter LAN Config Issue:
@krisleslie said in UBNT EdgeRouter LAN Config Issue:
I guess the confusing part for me, is from my point of view, I'm trying to figure out why would I need all 4 of the LANS there on the router? I assume this is so the router can see between each network and route.
It's because you don't want to break what you have today.
Correct. This design I laid out is a swing migration design.
It lets everything work as it currently functions throughout the entire process.