ERL TUTORIAL FOR BEGINNERS Continued:
I will keep adding parts tp the tutorial. I will cover the following stuff I ran into setting the router up in the hopes it will help someone.:
- Hardware Offload (How to turn it OFF and ON, and how to verify it is ON). This is basically to make sure your router is capable of achieving the speed you need it to.
- In the Web GUI for EdgeOS we will assign static addresses to clients on your local network (this will be useful for when we setup a vpn later)
- Setting up the router to update a dynamic DNS service. This is useful if you have services that rely on your PC/Router having a static IP, but you actually have a dynamic IP.
- Setting up the router to work with PLEX. For some reason, I had issues with the ports PLEX uses, so I step through opening the ports.
- Setting up the router for L2TP/IPsec. I step through setting up VPN on the router, and as a bonus how to enable VPN on an iPhone.
- Opening up port 8080 for speed test socket failure error.
For now though here is part 10:
Part 10: Hardware Offload
The EdgeRouter Lite has several features that can be offloaded to hardware. This significantly increases the throughput of the router. Without Hardware offload the router will pretty much top out around 200Mb/sec or less. Fortunately, it is ON by default allowing the router to perform at pretty much gigabit speed. EdgeOS supports HW offload for:
- IPv4 forwarding
- IPv4 vlan
- IPv4 PPPoE
- IPv6 forwarding
- IPv6 vlan
- IPv6 PPPoE
- Deep Packet Inspection (DPI which is awesome and we will cover it later)
- GRE offload support (Generic Routing Encapsulation)
There are a few things that will turn off Hardware offload though. They are as follows:
- Ethernet Bridging (using ports on the EdgeRouter as a switch)
- Ethernet Bonding (also called port-channeling by Cisco or trunking by HP)
- Tunnel encapsulation (GRE offload support is offloaded now though)
- Quality of Service (QoS)
- Policy Routing (a MODIFY rule will not disable offload though)
- Unicast Reverse Path Filtering (uRPF)
- 5-tuple packet filtering (I think).
- Port Mirroring
List courtesy of RPS https://community.ubnt.com/t5/EdgeMA...d/td-p/1223408
For some reason, it may become necessary to turn OFF hardware acceleration (I can’t foresee why, but I am also not some network guy, so take that for what it is worth). If that is the case, you can log in to the CLI and disable it. Here is an example of turning it off:
One note about the CLI. When you type configure you can start changing things and the prompt goes from a $ to a #. After you make changes however they aren't applied to your router until you type commit. Once you type commit they get applied to your router, but they will not stay applied to the router following a reboot unless you actually type save. So the process goes: CONFIGURE(make the change), COMMIT(apply the change), and then SAVE (Save the change). If you commit and don't wish to save simply type EXIT DISCARD (that means you will exit the configure mode and go back to the $ prompt without making any changes).
set system offload ipv4 pppoe disable
set system offload ipv4 vlan disable
set system offload ipv4 forwarding disable
Here is an example of turning it back on:
Note: IPv4 forwarding must be enable in order to enable the other offload features.
set system offload ipv4 forwarding enable
You can verify HW offload is enabled by logging into the CLI and typing
Here is what I have offloaded for instance
In part 11 we will log into the Web GUI and assign static IPs to our PC and some other stuff. We will also take a look at the traffic analysis deep packet inspection.
Part 11 – Assigning Static IPs with the Web GUI.
In this part we are going to is assign a static IP to our PC using the EdgeOS Web GUI. This is really easy to do via the web GUI, and we need to do it anyway for setting up our VPN and forwarding ports later.
- Log in to the EdgeOS Web GUI
- At the top of the page select services
- Select the Action drop down for the LAN
- Select View Leases
You should end up with a pop up that looks like this:
Find the IP address that belongs to your PC in the list and select the MAP Static IP button. Another pop up will come up where you can assign it a name of your choice, like “MY PC” or something creative like that and then hit save.
Voila, your PC will now always have that internal IP.
You can view all your static IP selections by clicking the Static MAC/IP Mapping tab in that pop up.
Feel free to assign as many static IPs to things on your network as you like (assuming your on a home network, I don’t see the harm. Then again I know jack about networks so maybe its not a super idea. I do it anyway.
While we are in the GUI go ahead and click the Traffic Analysis Tab.
Click the Radio button on for Operation Status to Enabled
You will get some pop up, just click yes.
This will enable DPI (Deep Packet Inspection) which let’s you drill down to see exactly what each device on your network is doing and how much data they are using.
I refreshed mine so it is only showing generic data at the moment. It will show stuff down to telling you how much data facebook or pinterest or steam is using. Its pretty cool. It also takes advantage of hardware offload, so at least for me it isn’t effecting performance. Later they plan on adding functionality where you can base QoS rules and other crap off of that screen.