1
22.1 Legacy Series / Re: Virtual IP Bind HAProxy Issue
« on: March 22, 2022, 02:13:22 pm »
Happy to report that the patch solved my issue, as well. Thank you!
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
I have just tested the patch, it fixed the VIP issue and no more error related to VIP in log.
Thanks for your help.
Can you point me to a tutorial on how to apply patches to my install? I have seen these posted from time to time, but have never learned how to apply them manually (which I assume is something I need to do).
/firewall_virtual_ip.php: The command `/sbin/ifconfig 'lo0' inet '10.17.0.1' -alias' failed to execute
Hmm, no feedback at all?
So who reverts the option? Can you check the configuration history?
In general, however, your issue is that something listens to the IP you want HAProxy to listen to. Disabling the service bind doesn't do anything for HAProxy plugin so it's another service, likely the web GUI configured to listen to said interface manually, which we don't recommend for exactly this reason.
I Agree with above comment. I use AWS R53 and Tunnel Broker(HE.net) which are built in options in the old dyndns client. They don't exist in the ddclient settings. It doesn't have to be an all in one in my opinion. I've seen projects for aws53 updates that could maybe be worked into a new module. For example: https://github.com/crazy-max/ddns-route53
Just set this up myself, there are a few Unifi-isms, I'm running:
3 x Unifi AC AP Pros
1 x Unifi Pro 48 Port Gen2 switch
1 x Unifi Pro 24 Port POE Gen2 switch
A number of Flex and Flex Mini switches
- Firstly, firmware 4.3.20 is key for me. On APs and switches. .21 and .22 caused all sorts of havoc. I shall be staying on this firmware version
- Firewalls rules as you have above, destination 224.0.0.251, UDP, port 5353, inbound all VLANs you want to repeat
- Enable 'Multicast Enhancement' on each wifi network that you have mDNS repeater setup for on the Unifi controller (Settings -> Wifi - > Edit -> Advanced
- Enable IGMP Snooping on the Unifi for each VLAN/profile setup with mDNS (Settings -> Advanced Features ->Network Isolation -> Edit)
- I had to allow all traffic BACK from my AppleTVs, to the streaming devices (iphones, computers). I think the port range is huge, so I decided to create 2 groups and allow all traffic between them. Airport express seemed to work ok without this, but I believe AppleTV needs to be able to initiate connections back to the iPhone, computer, etc.
.. think that's it
Firewalls rules as you have above, destination 224.0.0.251, UDP, port 5353, inbound all VLANs you want to repeat