Closed mvgijssel closed 5 months ago
Disabled spanning tree protocol on the hallway unifi switch for the tp link port.
Currently internet / ping6 is not working on haos when enabling ipv6. Could be due to USG as described here https://community.ui.com/questions/Unifi-USG-Problem-with-IPv6/dbe432ee-54e5-4436-bad1-fb95350d56e8.
The provisioner is no longer reachable at 192.168.1.31 for some reason 🤔.
Used the ipv6 sld template, maybe should be mixed profile in the switch?
Set the prefix delegation ID to 0 as mentioned here https://www.reddit.com/r/Ubiquiti/comments/f5k8mn/can_a_novice_get_some_ipv6_help/.
The provisioner is no longer reachable at 192.168.1.31 for some reason 🤔.
Switching the cables between the PS5 (previous cat5e) and the provisioner (previous cat 7) it now seems to work. Haven't validated if the PS5 now has internet access, but at least the provisioner works.
Updated the USG to disable rapid-commit, restarted the Home Assistant ipv6 interface but to no avail:
ssh -o PubkeyAuthentication=no ubnt@192.168.1.1
configure
set interfaces ethernet eth0 dhcpv6-pd rapid-commit disable
commit;save;exit
release dhcpv6-pd interface eth0
delete dhcpv6-pd duid
renew dhcpv6-pd interface eth0
Set prefix delegation id to blank?
Installed the tp link omada router instead of the USG
https://www.reddit.com/r/Nanoleaf/comments/13kzie9/homekit_nanoleaf_matter_thread_bulbs_not_behaving/ disable the Nanoleaf cloud sync feature
Decided to give up on Nanoleaf essentials, because it's simply too unstable https://www.google.com/search?q=nanoleaf+essentials+unstable+site:www.reddit.com&sca_esv=599184041&sa=X&ved=2ahUKEwjA4s32_eSDAxVW1AIHHVOzDG8QrQIoBHoECB8QBQ&biw=1410&bih=1059&dpr=2#ip=1 after trying so many different things. I think the thread coverage is good enough with two apple tvs and a SkyConnect stick, so doing it without a mesh extender for now.
After removing the nanoleaf nodes I'll monitor the matter server to see if there still a lot of errors happening and/or if reconnecting nodes takes a long time.
Current Unifi firewall portforwarding rules:
Name | From | Port | Dest Port/IP | Enabled |
---|---|---|---|---|
provisioner-teleport | * | 443 | 192.168.1.31:443 | |
unifi-controller-inform | * | 8080 | 192.168.1.2:8080 | |
unifi-controller-stun | * | 3478 | 192.168.1.2:3478 |
Configure ipv6 wan in the omada controller as follows
Configure ipv6 lan in the omada controller as follows
Pinged the ipv6 address from the WAN which returns just fine from mobile tethering. Pinged the ipv6 addresses of the provisioner and hypervisor which both did not resolve, making me believe the firewall is blocking inbound ipv6 traffic correctly.
Using
trying to get the new PCI ethernetcard passthrough to work
Check if vfio-pci
module is loaded
lsmod
Check what driver the pci card is using (this should be vfio-pci and not e1000)
lspci -vnn
Using PR got it to work https://github.com/vgijssel/setup/pull/648
Ideas to improve thread stability:
Articles
https://www.derekseaman.com/2023/10/part-3-smart-home-matter-and-thread-deep-dive.html
https://tomasmcguinness.com/2023/02/10/matter-unifi-and-mdns/
https://github.com/home-assistant/core/issues/89331
TODO
[x] Setup omada controller
[x] Adopt router
[x] Configure LAN networking change
[x] Setup omada controller static ip
[x] Update switch firmware (otherwise adoption does not work)
[x] Adopt switches
[x] Name switches
[x] Setup static ips switches
[x] Setup TP-Link cloud account
[x] Configure IGMP + MLD snooping
[x] Configure ipv6 networking and wan
[x] Setup firewall for Unifi controller
[x] Setup firewall for Teleport
[x] Firewall prevent ipv6 addresses from becoming publicly available
[x] Remove Unifi USG + switches
[x] Replace Unifi APs with TP-Link EAP
[x] Setup 2fa
[x] Purchase pci Ethernet card for haos (Intel PRO/1000 GT, chose Intel over Realtek to have higher stability in Linux/NixOS)
[x] Factory reset Unifi equipment
[x] Install pci card haos (https://github.com/vgijssel/setup/pull/648)