*** Official Ubiquiti Discussion Thread ***

[sparkymark75]

Is anyone having issues getting IPv6 working with Unifi?

I've set WAN1 to DHCPv6 with a PD of 56. I put in the Cloudflare IPv6 DNS. I then set one of the Networks to use DHCPv6 and leave it on Auto (which seems to suggest its using SLAAC) but none of the devices on that network get an IPv6 address (Windows PC and iPhone). I don't even see an IPv6 address in the Internet page in the UCG Ultra.

I'm on BT FTTP for info.

 

[Caged]

I had it on for a couple of days and it didn't even log anything. So turned it off as its not worth the performance hit.

It can't look inside HTTPS so unless you're hosting your own services that somehow aren't secured (use Cloudflare Tunnel or pretty much anything other than port forwarding) or it can inspect DNS traffic to check for data exfiltration (I can see no mention of this) then it's likely achieving nothing.

 

[robj20]

Is anyone having issues getting IPv6 working with Unifi?

I've set WAN1 to DHCPv6 with a PD of 56. I put in the Cloudflare IPv6 DNS. I then set one of the Networks to use DHCPv6 and leave it on Auto (which seems to suggest its using SLAAC) but none of the devices on that network get an IPv6 address (Windows PC and iPhone). I don't even see an IPv6 address in the Internet page in the UCG Ultra.

I'm on BT FTTP for info.

So many say there's issues. I'm not even trying until it just works.

 

[robflate]

There's really no point using IPS/IDS, especially for home use.

I guess the real frustration is the bandwidth drop with IPS/IDS off. An 11% drop from 940 to 835 seems poor (based on @Earth[Tera].bin numbers). This is probably a naive question but why can an ISP router route the full line speed but the Gateway Ultra can’t?

​

 

[sparkymark75]

I guess the real frustration is the bandwidth drop with IPS/IDS off. An 11% drop from 940 to 835 seems poor (based on @Earth[Tera].bin numbers). This is probably a naive question but why can an ISP router route the full line speed but the Gateway Ultra can’t?

​

I don’t see that big a drop. I’d need to do a test again but I don’t recall it being that much of a drop. I find the in-built UniFi speed test to under report. I prefer nperf.com as it seems to handle faster speed connections better.

 

[Earth[Tera].bin]

I guess the real frustration is the bandwidth drop with IPS/IDS off. An 11% drop from 940 to 835 seems poor (based on @Earth[Tera].bin numbers). This is probably a naive question but why can an ISP router route the full line speed but the Gateway Ultra can't?

Wasn't an ISP router in my case but a core i7, either on my proxmox server or an unused G6 800 I had lying around. I do remember my first experience with the edgerouter X though, it would top out at 500Mb/s until I set Hardware offloading then it would achieve near 900Mb/s. So maybe it's a lack of grunt on the Ultra cpu.

'Offloading is used to execute functions of the router using the hardware directly, instead of a process of software functions. The benefit of offloading in EdgeOS is increased performance and throughput by not depending on the CPU for forwarding decisions'

I'm not an expert by any means so my theory could be BS

For reference I used nperf and Librespeed.

 

[Haggisman]

Hmm, I was just about to grab a U6 Pro when I noticed someone is selling a couple of U7 Pro in the MM for the same price - is it worth going for the newer U7 for "future proofing", or sticking with the tried & tested U6? We have no Wifi 7 devices in the house (yet) no 2.5gb infrastructure, and internet is only 500Mb

 

[BlizzardX]

Just saw the U7 Pro Wall and thought that looks awesome, much better sized than the u6 enterprise but then noticed it doesn't have the switch like the the u6 devices... Its a shame as the U6-IW is only 1GBe uplink and the u6 enterprise is so fat!

 

[the-evaluator]

Is anyone having issues getting IPv6 working with Unifi?

I've set WAN1 to DHCPv6 with a PD of 56. I put in the Cloudflare IPv6 DNS. I then set one of the Networks to use DHCPv6 and leave it on Auto (which seems to suggest its using SLAAC) but none of the devices on that network get an IPv6 address (Windows PC and iPhone). I don't even see an IPv6 address in the Internet page in the UCG Ultra.

I'm on BT FTTP for info.

No problems here, also with BT FTTP.

My WAN settings are the same as yours - DHCPv6, PD size of 56.

The LAN settings differ, here's mine:

That's the settings for VLAN 1. For VLAN 2 the IPv6 Prefix ID is 2 and so on.

As you can see, it's working fine. This is from a client in VLAN 3:

[root@vpn ~]#  ping6 google.com
PING google.com(ams17s10-in-x0e.1e100.net (2a00:1450:400e:801::200e)) 56 data bytes
64 bytes from ams17s10-in-x0e.1e100.net (2a00:1450:400e:801::200e): icmp_seq=1 ttl=114 time=11.6 ms
64 bytes from ams17s10-in-x0e.1e100.net (2a00:1450:400e:801::200e): icmp_seq=2 ttl=114 time=11.2 ms
64 bytes from ams17s10-in-x0e.1e100.net (2a00:1450:400e:801::200e): icmp_seq=3 ttl=114 time=11.3 ms
^C
--- google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 11.223/11.378/11.585/0.152 ms
[root@vpn ~]#

If you SSH into the UCG do you see an IPv6 address against the PPPoE interface?

 

[shiver]

Just saw the U7 Pro Wall and thought that looks awesome, much better sized than the u6 enterprise but then noticed it doesn't have the switch like the the u6 devices... Its a shame as the U6-IW is only 1GBe uplink and the u6 enterprise is so fat!

I do like the additional mounting options with it though. I hope the fact they're calling it mounted or desktop AP doesn't mean they're not going to release a U7 Mesh product mind.

 

[robj20]

Are there any guides for setting up ipv6? Just for curiosity more than anything.

 

[the-evaluator]

Are there any guides for setting up ipv6? Just for curiosity more than anything.

Ubiquiti have some documentation but last time I looked at it, it was quite out of date.

Implementation varies depending on ISP. For BT it's easy enough and I've done it so can give pointers if anyone is interested.

 

[robj20]

Ubiquiti have some documentation but last time I looked at it, it was quite out of date.

Implementation varies depending on ISP. For BT it's easy enough and I've done it so can give pointers if anyone is interested.

Yeah I'm with BT at the minute. Just curious in it's implementation really.
I'm guessing it works alongside ipv4 simultaneously?
I'm so used to how ipv4 is setup regards VLANs and such I don't know where to start with adding ipv6 as well.

 

[the-evaluator]

Yeah I'm with BT at the minute. Just curious in it's implementation really.
I'm guessing it works alongside ipv4 simultaneously?
I'm so used to how ipv4 is setup regards VLANs and such I don't know where to start with adding ipv6 as well.

Yep, you'll have IPv4 & IPv6 connectivity running simultaneously.

Here's some screenshots from my setup where IPv6 is working well.

Settings -> Networks -> WAN

Settings -> Networks -> LAN (VLAN 1)

Settings -> Networks -> VLAN 3

The only difference between the 2 VLAN's is the IPv6 Prefix ID. Each VLAN needs to have a unique Prefix ID and I match that ID to the VLAN ID. I'm using Google DNS but there's plenty of choice.

A client in VLAN 1 will get an IPv6 address like this:

[root@vpn ~]# wget -qO- https://ipecho.net/plain ; echo
2a00:23c8:548c:xxx1:xxxx:xxxx:xxxx:xxxx
[root@vpn ~]#

Compared to a client in VLAN 5 (where the Prefix ID is set to 5):

[root@flighttracker ~]# wget -qO- https://ipecho.net/plain ; echo
2a00:23c8:548c:xxx5:xxxx:xxxx:xxxx:xxxx
[root@flighttracker ~]#

You'll see where the prefix ID shows up.

That's all there is to it really. As long as a client is looking for an IPv6 address it'll get one and have IPv6 connectivity.

 

[sparkymark75]

Strange, I have to use SLAAC on the WAN configuration side to get it to work on the UCG Ultra (also BT FTTP)!



and then after waiting a while, the LAN side network has configured itself...

 

[robj20]

Yep, you'll have IPv4 & IPv6 connectivity running simultaneously.

Here's some screenshots from my setup where IPv6 is working well.

Settings -> Networks -> WAN

Settings -> Networks -> LAN (VLAN 1)

Settings -> Networks -> VLAN 3

The only difference between the 2 VLAN's is the IPv6 Prefix ID. Each VLAN needs to have a unique Prefix ID and I match that ID to the VLAN ID. I'm using Google DNS but there's plenty of choice.

A client in VLAN 1 will get an IPv6 address like this:

[root@vpn ~]# wget -qO- https://ipecho.net/plain ; echo
2a00:23c8:548c:xxx1:xxxx:xxxx:xxxx:xxxx
[root@vpn ~]#

Compared to a client in VLAN 5 (where the Prefix ID is set to 5):

[root@flighttracker ~]# wget -qO- https://ipecho.net/plain ; echo
2a00:23c8:548c:xxx5:xxxx:xxxx:xxxx:xxxx
[root@flighttracker ~]#

You'll see where the prefix ID shows up.

That's all there is to it really. As long as a client is looking for an IPv6 address it'll get one and have IPv6 connectivity.

Thanks, I was getting confused about setting up the LAN but the whole point of ipv6 is there are no local IP addresses. So it gets the ipv6 address from BT I'm guessing? And we just need to add the VLAN tag. I use 10 for default full access and 20 for IOT, probably add a 30 for CCTV at some point.

Is there any point using ipv6 for devices not accessing the internet? Ie CCTV cameras.

I see I can still use quad9 DNS as well, but what are the different address lengths about, 2620:fe::11 and 2620:fe::fe:11

 

[robflate]

I don’t see that big a drop. I’d need to do a test again but I don’t recall it being that much of a drop. I find the in-built UniFi speed test to under report. I prefer nperf.com as it seems to handle faster speed connections better.

Thanks for the input. If you get chance to do a test, I'd love to know what kind of bandwidth performance hit you are seeing with the UCG Ultra. I'm assuming you're on BT from your previous posts. Also, if anyone with a 1Gb connection using a UCG Ultra with an FTTP provider that uses DHCP (Sky, TalkTalk) can chime in I'd appreciate it.

 

[robj20]

When I set the WAN to DHCPv6 and 56 and try to save I just get an error.

Never mind, doesn't have in the app, but did using the web access.
No ipv6 address allocated though, it's just blank.

Also in the LAN settings Prefix Delegation ID is greyed out.

 

[the-evaluator]

No ipv6 address allocated though, it's just blank.

No address allocated to your gateway or clients?

 

[Caged]

You need to start putting screenshots in the thread