• UnifiNetworkFaffery

Issues with inform address

SWITCH: 192.168.1.89   b4:fb:e4:c9:06:be

# Login and run:
set-inform http://192.168.1.24:8080/inform

IPv6 PD issues

There are well-documented problems with the way Prefix Delegation behaves with ISPs that do/don't support a certain option, Internode in particular does seem to crop up a fair bit.

Symptoms: USG CPU usage is pegged at ~50% when IPv6 and Prefix Delegation is in use, the PD client perl script keeps crashing/restarting in a tight loop.

Cause: The client sends/requests IA_NA, and the ISP doesn't support it, so it bombs out.

Fix: A Unifi CLI setting can be done on the USG that reconfigures the client to not request IA_NA, thus avoiding this problem until it's rebooted/reprovisioned. The permanent fix is to make a json config file on the controller, which is provisioned to the USG.

Diagnosis and solutions are documented here:

• https://community.ui.com/questions/Multiple-dhcpv6-pd-response-pl-processes/b737ab57-d723-4975-aaac-00ba7376ba21

• https://community.ui.com/questions/High-CPU-usage-when-enabling-IPv6/9db6b746-9c91-4087-8c1b-7797d291bf11

In Unifi's internal config tree representation, we're looking at: show interfaces ethernet eth0 pppoe 0 dhcpv6-pd prefix-only

Guidance on doing the advanced json config is here: https://help.ui.com/hc/en-us/articles/215458888-UniFi-USG-Advanced-Configuration

# /var/lib/unifi/sites/default/config.gateway.json
{
    "interfaces": {
        "ethernet": {
            "eth0": {
                "pppoe": {
                    "0": {
                        "dhcpv6-pd": {
                            "prefix-only": "''"
                        }
                    }
                }
            }
        }
    }
}

This change will update the provisioned config on the USG here: /var/run/dhcp6c-pppoe0-pd.conf

Once this is done, USG CPU usage should drop to pretty much zero.

More about what's going on: here's what Internode says about their IPv6 setup:

Here's what you get when your connection is set up for IPv6:

Your existing IPv4 address (if static) and any existing framed route(s).
A dual-stack IPv4/IPv6 PPP session.
A dynamic /64 IPv6 prefix for your PPP session.
A static /56 IPv6 prefix for your LAN (if you are using a router with Prefix Delegation).

The two endpoints we need to care about are the ends of the PPP session (technically PPPoE). I think our end gets an IPv6 address as a result of the PPP negotiation, but other functionality is added by using DHCPv6 to configure more client-side stuff, like DNS resolvers and stuff. One of those is getting a delegated prefix to serve up with radvd, and another option looks to be IA_NA, by which our side can get an IPv6 address for itself.

But we don't need that, because we already have a local-end (ie. the router and PPPoE client) address thanks to the PPP negotiation, as Internode promised (a dynamic /64 prefix for your PPP session).

By setting prefix-only in the Unifi config, we don't ask for IA_NA, and we just ask for prefix delegation, which is all we need.

PPPoE logging

It is pretty much non-existent, sadyly.

General log viewing: https://help.ui.com/hc/en-us/articles/204959834-UniFi-How-to-View-Log-Files#3

I went ahead and raised the global log level as suggested here, it kinda helps now: https://community.ui.com/questions/ppp-logging/d81578bc-c34d-4a01-931e-2c52a7354480

set system syslog global facility all level debug

It comes through as pppd messages in syslog, this kinda works to read it on the USG: show log | egrep -v 'WAN_IN|sudo:|mcad:'| less