Ghosts in our 6 New Ubiquity Pros - provision issues.

Ubiquiti Networks UniFi UAP-PRO Enterprise WiFi System - hard to recommend
at this point. We saw people mention this brand here on the list - people
like them. So what could we have set incorrectly ? They drop link and
re-provision on their own at odd times day or night.

We have completed everything tech support asked of us. (Really, lame
emails they respond with as if they didn't read your text - they won't
call and you can't call them). We used POE from ciscos - then changed to
their POE provided. They didn't recommend it, but we plugged them all into
APC UPSes..... no difference. They all re-provision at different times
even when no one is connected or in the building at odd hours like 2am.
Each one does this 2-3 times per 24 hour period.

Has anyone else experienced this?
Anyone know what we may have set incorrectly ?
Is this normal - do people put up with the 2 mins the APs are unavailable
about 3 times a day? (UniFi support acts like it's not a big issues.)

We use the UniFi controller on mac os x. We use their EdgeMax Edge Router.
All the latest software in everything UniFi.

Thank You
Bob Evans

I have a variety of their gear and don't have problems like this. Have you run a cable tester on the wiring? This sounds quite odd and is something I haven't seen.

They do most of their support in their forums vs email. The email is mainly for RMA support.

What version software is on your controller and the UAP-Pros?

Jared Mauch

What version of the controller are you using, we're running 3.something at that works fine.

We've turned off auto update on all of the sites on the server, and Nagios monitors them, we certainly don't see reboots 2-3 times a day, the last time ours rebooted was when we lost power at our office.

Contact me off list if you want me to take a look.

Regards,

Hal Ponton

Senior Network Engineer

Buzcom / FibreWiFi

Tel: 07429 979 217
Email: hal@buzcom.net

I've had their gear for a few years now. It's effectively up until I upgrade the software. Might want to ask on their forums or on the WISPA UBNT list.

Bob, I've deployed tons of Ubiquiti gear, and have seen this problem before. It always turns out to be poor quality cable installation. POE does not tolerate low quality connectors, especially in outdoor environments. There are many aspects to a quality cabling job, so the best thing you can do is seek out a qualified installer with outdoor POE experience.

The most common problem I see is people using crimp-on RJ45 connectors directly on the ends of their cable runs. This is not how structured cabling is designed to work, in particular because most crimp-on connectors are intended for stranded copper wire (such as that used in very flexible patch cords, designed to run horizontally over only a few dozens of feet), whereas the "riser" and "plenum" cable used for long-distance runs has solid core wires. The tiny teeth in standard crimp connectors are designed to penetrate stranded wire, to make a solid electrical contact. With solid core wire, they just bend to the side of the copper core, making tenuous contact, which will conduct POE current poorly (resulting in the resets you see) and eventually fail altogether as the improper connection corrodes over time.

The correct installation process is to use "punch-down" RJ45 jacks at each end of the cable run, and connect from those jacks to your equipment (radio at one end, POE switch at the other). On the outdoor side, the jack/plug junction needs to be in a NEMA weatherproof enclosure, with weathertight fittings. And, for human and equipment safety, you must use shielded Cat5e/6 cable anytime you go outdoors, grounding only one end (usually the radio end), and protecting the cable with an inline lightning protector between the RJ45 jack and the radio.

If you haven't done that, then that's the first thing to fix.

BTW, avoid homemade patch cables whenever possible. Quality factory cables are hydraulically pressed and the plug is hermetically fused for a vastly superior connection compared to anything you can do with simple hand crimpers. And all outdoor cables must be UV-grade cabling with weatherproof sheathing and water repellant inside (so-called "flooded" cable).

-mel beckman

Ubiquiti Networks UniFi UAP-PRO Enterprise WiFi System - hard to recommend
at this point. We saw people mention this brand here on the list - people
like them. So what could we have set incorrectly ? They drop link and
re-provision on their own at odd times day or night.

Drop link all the way down to layer 1? What does re-provision mean? Lose/re acquire DHCP lease? \

What is your network topology? What kind of switches are you using? What's the length of the cable runs? Have you had an electrician check your wiring?
How many access points are you running? How many fail? Do they fail in any kind of cluster/pattern?

That's just the basic questions.

Lots more information needed if you want free support from the NANOG hive mind

They have millions of satisfied customers in deployments from some of the worlds largest shopping malls to multi state ISPs. Different gear across that customer base of course.

We have completed everything tech support asked of us. (Really, lame
emails they respond with as if they didn't read your text - they won't
call and you can't call them). We used POE from ciscos - then changed to
their POE provided.

POE from ciscos.... mid span injector, or switch port?

  They didn't recommend it, but we plugged them all into

APC UPSes..... no difference.

The midspan injectors you mean? Hmmmm, wonder why they didn't want you to put them in UPS. Did they provide any explanation?

  They all re-provision at different times

even when no one is connected or in the building at odd hours like 2am.
Each one does this 2-3 times per 24 hour period.

Interesting. Any repeated offenders?

Has anyone else experienced this?
Anyone know what we may have set incorrectly ?
Is this normal - do people put up with the 2 mins the APs are unavailable
about 3 times a day? (UniFi support acts like it's not a big issues.)

Do they come back on their own? What's the "downtime" time window?

We use the UniFi controller on mac os x.

Mac OSX isn't a server platform. Sorry. Use Windows 2k12 or Ubuntu Server (or your favorite debian or Redhat flavor). I've had zero problems on either of those platforms.

What's the topology between the access points and your controller "server"?

Yep. Networks. Layer 1 before everything else! So many bad cabling jobs for sure.

Are people using the tough cable? That has held up really well in the installations I've done. For a few years with zero issues.

That's possible but I if they are re-provisioning on a regular schedule I kind of doubt it. It would be easy to test though. Plug an AP directly into your switch with a quality pre-manufactured patch cord and see how it acts. If it exhibits the same symptom it is probably not cabling. Also, have you checked your interface counters for any packet errors? Don't forget to look at your controller because if the controller became unreachable for any length of time that could easily cause your APs to re-provision as they reconnect with the controller. I might set up a ping every second from the site of the access points to the controller and make sure the availability of the controller is 100%. If you are on Cisco switches you should have log messages regarding PoE be granted on particular ports as well as up down messages on the interfaces. Do you see the ports going up and down? It is important to have NTP on the APs and switches so that you can correlate events in time (i.e. did the AP reboot causing the Ethernet link to drop or did the link drop causing the reboot?)

Steven Naslund
Chicago IL

Here is another though. If your APs are re-provisioning every eight hours, what is your DHCP lease time? Are you sure the APs are able to renew their leases (if not, could your scope be full)? Do you see the IP addresses on the APs changing when they come back up? These could indicate a DHCP server issue. If the AP gets a new IP address it will likely have to be re-adopted to the controller. You might want to static address one or more APs to test this theory.

Steven Naslund
Chicago IL

Do you want to set one of the radios to my Unifi server to confirm it is or
isn't a controller problem?

If you simply turn off your controller you can confirm as well. The
devices will run as provisioned until told otherwise.

Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373

Thanks Jared
Cables are 3 to 6 feet long - swapped them out already. All cables
manufacture made purchased. They plug into the switch directly. Each
switch is them multi-mode fiber back to a main switch where the edgeMax
router and other gear are connected.

Bob Evans

The current ToughCable really is fantastic. I'd only suggest the bigger
one ("carrier"). The old green stuff definitely deterred a lot of people,
understandably.

Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373

Mike,
Good to know they are reliable. It is an odd looking problem.
We will try the forums.
Thank You
Bob Evans

It sounds like a PoE issue. I'm also happy to take a look. Anything in the controller logs?

Are your DHCP leases short? Or are you seeing the edge router reboot? What version on the edge router? The 1.7.0rc2 was posted and compared to 1.5 and 1.6 it fixes a reboot issue I saw unless you disabled vlan offload.

Jared Mauch

This isn't the behavior I've seen with UBNT. They only provision on a change, even if disconnected for a long time.

You can check this in the UniFi logs directory.

Jared Mauch

Mel,
Thanks, for all the detail.

Everything is in doors and directly connected by new 3 to 6 foot
manufactured cables on a cisco switches. All cables have been changed -
even tired crossover cables - same results.

I'm thinking it has something to do with the controller
communications...All these APs shouldn't need a controller after
configuration and boot up. But we leave it up.

Thank You
Bob Evans
CTO

I run lots of these. How many APs? Have you reset them to default yet?

https://community.ubnt.com/t5/UniFi-Frequently-Asked-Questions/UniFi-How-do-I-reset-the-UAP-to-factory-default-settings/ta-p/412585

Steve Mikulasik

The IP can change on the UniFi without having to re-adopt or re-provision. APs are identified by MAC address at the UniFi protocol level (not layer 2).

That's possible but I if they are re-provisioning on a regular schedule I
kind of doubt it. It would be easy to test though. Plug an AP directly
into your switch with a quality pre-manufactured patch cord and see how it
acts. If it exhibits the same symptom it is probably not cabling. Also,
have you checked your interface counters for any packet errors?

Yes, no packet errors crcs or frags.

Don't
forget to look at your controller because if the controller became
unreachable for any length of time that could easily cause your APs to
re-provision as they reconnect with the controller.

This is did not know - thought the controller was just to provision and
monitor. After all why would a manufacturer make one point of failure for
a campus setup that uses thier own edgerouter for the dhcp etc. Doesnt
seem correct. But will will investigate it.

I might set up a ping
every second from the site of the access points to the controller and make
sure the availability of the controller is 100%.

Yes that and what the ciscos report on the port link.

If you are on Cisco
switches you should have log messages regarding PoE be granted on
particular ports as well as up down messages on the interfaces.

Yep and we get them.

Do you
see the ports going up and down? It is important to have NTP on the APs
and switches so that you can correlate events in time (i.e. did the AP
reboot causing the Ethernet link to drop or did the link drop causing the
reboot?)

I am sure its the APs dropping - as non of the other devices VOIP phones
etc drop in the logs.

Thanks Steven
Bob

The UBNT controller is only required when setting up the APs or for certain guest portal functions. I'd just leave it connected all of the time.