• 2 min read
  • I just picked up some new networking gear, so this will be the first of a multi-part blog post about my learnings configuring Unifi gear.

    One issue I noticed right away was that it is not possible, via CLI nor GUI, to configure fixed IP address for a host that relies on more than 1 of the configured networks/VLANs. Since I have a home server (user VLAN) that is also hosting the controller softare (management VLAN) and also acts as a gateway for sending packets over its VPN interface (VPN VLAN), this was necessary for me.

    It is possible but requires a bit of manual configuration using a config.gateway.json file. First, if you have configured a fixed IP for the host, unset it.

    Then, merge in the DHCP mappings in your config.gateway.json file:

    {
      "service":{
        "dhcp-server":{
          "shared-network-name":{
            "LAN_192.168.1.0-24":{
              "subnet":{
                "192.168.1.0/24":{
                  "static-mapping":{
                    "00-aa-22-bb-44-cc.mgmt":{
                      "ip-address":"192.168.1.5",
                      "mac-address":"00:aa:22:bb:44:cc"
                    }
                  }
                }
              }
            },
            "LAN_Users_192.168.10.0-24":{
              "subnet":{
                "192.168.10.0/24":{
                  "static-mapping":{
                    "00-aa-22-bb-44-cc.users":{
                      "ip-address":"192.168.10.5",
                      "mac-address":"00:aa:22:bb:44:cc"
                    }
                  }
                }
              }
            },
            "LAN_VPN_192.168.20.0-24":{
              "subnet":{
                "192.168.20.0/24":{
                  "static-mapping":{
                    "00-aa-22-bb-44-cc.vpn":{
                      "ip-address":"192.168.20.5",
                      "mac-address":"00:aa:22:bb:44:cc"
                    }
                  }
                }
              }
            }
          }
        }
      }
    }

    The key here is that the string child of the static-mapping node must be unique. Unifi will put in the MAC separated by dashes by default, so above I just tacked on the VLAN name to each name.

    Re-provision your USG and you should be good to go. If you run into trouble an want to debug DHCP req/ack sequences, setup verbose logging:

    configure
    set service dhcp-server global-parameters 'log-facility local2;'
    set system syslog file dhcpd facility local2 level debug
    set system syslog file dhcpd archive files 5
    set system syslog file dhcpd archive size 5000
    commit

    You’ll find the DHCP log under /var/log/user/dhcpd. Simply reboot to go back to normal logging.