Since #Ubiquiti has long abandoned its #EdgeRouter Lite products and abandoned #EdgeOS, what are all the cool kids using for their home #router and #firewall? Is there a community firmware for this? Or should I look around for something just as powerful? A WebUI is great, but I'm also cool with CLI.

EdgeRouter 4 under OpenBSD with Failover WAN https://www.undeadly.org/cgi?action=article;sid=20250516062907 #openbsd #octeon #networking #router #edgerouter #wan #failover #ifstated #nat #dhcp #dns #libresoftware #freesoftware

This week I will be replacing my router (#Ubiquiti #Edgerouter Lite) with an Alta Labs #Route10. The ERL has been great, but there is one specific condition which causes severe performance issues. The ERL can offload #ipv6, #vlan and #pppoe at 1gbs, but not all at once. So, if you try to transfer a lot of ipv6 traffic, it drops to software and it then affects all traffic passing through. The main "culprit" is Steam which prefers ipv6 (as it should!) The new router should not have that limitation.

A fun hour or so of troubleshooting #IPv6 just to realise that I'd forgotten to reconfigure the #dhcpPrefixDelegation onto the #vif after making it #vlanaware #edgerouter #slaac #ubiquity

@nuintari https://www.openbsd.org/octeon.html

My #edgerouter lite works good with #OpenBSD
Never had any luck with installing #NetBSD on it.

Or you can use #openwrt

So I am using this #edgerouter with #OpenBSD
But i have issues turning it on. It can't find usb on poweron, so on the console i give the reset command. and it boots normally.. just a small inconvenience

I wrote a post about installing #OpenWrt on my #EdgeRouter X, just to share information. The post also has links to IPv6 configurations for the stock firmware, which did not work for me, but might work for others.

https://blog.nytsoi.net/2024/09/19/edgerouter-x-openwrt

CC @mweiss@infosec.exchange

Ok, so I installed #OpenWRT on the #EdgeRouter X I talked about yesterday, and… it went great! Had to flash it in two parts but it worked perfect, #IPv6 works out of the box, and my network is up and running again. And I got a public IP from the ISP so even that worry is gone.

Now I just need to figure out the firewall rules to allow IPv6 traffic to hit my home server (and the server only).

#Strömsö

RE: https://social.ahlcode.fi/notes/9yagd93cmi3k6e14

Welp, wasted a whole evening on trying to get #IPv6 to work on my #EdgeRouter X. Maybe I should install #OpenWRT on it... Anyway, turns out my new ISP has their own NAT on IPv4 and that's just great for my #SelfHosting. Gotta call them tomorrow and see if I could get a public IP somehow.

The Ubiquiti Edgerouter-X is a nifty router. With hardware offloading enabled the performance is good enough to route gigabit fiber.

With the new (still in beta) firmware version 3 they added a better webinterface and the option to configure Wireguard VPN tunnels.

Please don't use this Wireguard option to tunnel between home and a remote server. Both on gigabit connections.

Wireguard tunneling is done on the CPU, and that has no power whatsoever.

About three months ago, @neil wrote a post about detecting being on a call using webcam activity. I said at the time I was going to write up how I did it without running software on the endpoint, and I finally put the post together today: https://i.am.eddmil.es/calltracking/

Thw post explains how to use conntrack on any #Linux based firewall to detect a user being on Meet/Teams/Zoom/Slack or Jitsi calls. My example is an #Ubiquiti #Edgerouter, but should need very little modding for other Linux routers.

Changing the #switch0 interface on #edgerouter to #vlanaware broke #dhcp until the process was restarted - took ages to figure out why the phone was refusing to connect to the #wifi #unableToConnect is not a helpful error message!

I'm thinking about switching from a #Ubiquiti #EdgeRouter to something with #OPNsense on it. My home Internet can do 1gbps/45mbps although this fall I'll probably end up with symmetric 1.2gbps. I'm upgrading my access points to WiFi 7 (the new Ubiquiti APs) so the WiFi will support the throughput even if our devices don't yet.

The frustrating thing with the EdgeRouter is that it's basically been abandoned the last few years by its manufacturer. They are still selling plenty of them but... 1/n

#FancyBear still hacking ubiquitous gear, despite patch availability.

#Ubiquiti’s #EdgeRouter ships with its config open to the internet and default credentials. The feds are telling everyone to secure their boxes and look for indications of compromise.

Ubiquiti, on the other hand, simply issued a broken patch. In #SBBlogwatch, we put the “quit” in Ubiquiti. At @TechstrongGroup’s @SecurityBlvd: https://securityboulevard.com/2024/02/fbi-ubiquiti-edgerouter-apt28-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc

Russian hackers are targeting home & small business routers, including ones made by Ubiquiti.

arstechnica.com/security/2024/02/kremlin-backed-hackers-are-infecting-ubiquity-edgerouters-fbi-warns/

#infosec #cybersecurity #Ubiquiti #EdgeRouter #routers

Using ZeroTier to selectively route some of my home network traffic out through a virtual server in another country

https://graha.ms/posts/blog/2023-12-21-zerotier-tunneling/

This is not new information, but it was new to me. You can configure a #Ubiquiti #EdgeRouter to offload specific aspects of its processing directly to its hardware and bypass its CPU (which happened to be the bottleneck for me). I subscribe to a 1Gbps service, but I was only getting 300Mbps speeds and I couldn't figure out why.

https://help.ui.com/hc/en-us/articles/115006567467-EdgeRouter-Hardware-Offloading

I turned on these offloading options and **boom** 900Mbps.

Holy crud. Ubiquiti launched the beta of a major release for the EdgeRouter, with built-in Wireguard support! Is our long night over?

Sooo! I'm sort of digging #openwrt on the #edgerouter in the #homelab . Its plenty fast and so far things are working. It has a bit of a learning curve for sure and I can't seem to get the damn dhcp-relay to work. It looks like my dhcp server is responding but it never gets back to the client. No #wireless up in this biatch :)

Experts released #PoC exploit for #Ubiquiti #EdgeRouter flaw
https://securityaffairs.com/148334/hacking/ubiquiti-edgerouter-flaw.html
#securityaffairs #hacking