UniFi Controller upgraded to v5.9.29

 

Please be advised that the UniFi controller hosted in the Lightspeed cloud has been upgraded from version 5.8.30 to version 5.9.29. This is the first release for UniFi SDN Contoller 5.9, which is Ubiquiti’s current stable release branch.

Release Notes:

  • For people who are migrating from v3, there’re many changes to APIs and it’s not backward compatible. You may need to update the shell library (unifi_sh_api) and/or your customized portal/external portal code.
  • For hotspot management console, make sure you have bookmark the URL with site ID (i.e. x66cipn3, or whatever random string is generated for that site). For example:
    https://unifi.yourdomain.com:8443/manage/hotspot/site/SITE_ID
  • You cannot re-use a VLAN ID for dynamic VLAN if it is set as a static value for another SSID on the same AP. So, if I have a SSID set to use VLAN 10, I cannot use VLAN ID 10 for RADIUS controlled VLAN users as those users will not get an IP.
  • Smart Queue QoS is similar to the implementation as in EdgeOS (see HERE). It’s worth noting that maximum throughput will be affected when using Smart Queue QoS, as traffic is not offloaded. There are some rough guidelines in the article linked above.
  • DFS channels can not be used for wireless uplink in the US. Please use non-DFS channels if you need to use wireless uplink on dual band UAPs.
  • Official UniFi MIBs can be downloaded from HERE and HERE (those are 2 different files).
  • A full changelog has been attached, showing changes back to the first public release (1.2.1).

Other Notes:

  • As of 5.7.x+ we only support Java 8. At this time Java 9 is not supported.
  • Features like airtime fairness, bandsteering, load balancing and minimum RSSI are default disabled. If you need them you need to go to Settings>Site and check Enable advanced features.
  • If you previously used Google Maps for a site map, then you have to enable this feature again by adding an API key. This is done under Settings>Controller. There is a linked guide with instructions.

Important Notes:

  • New Cloud Access requires outbound 8883/tcp to be open/unrestricted. 
  • Linux systems must be running a version of MongoDB prior to 3.6.x. We recommend 3.4.x. This is most likely to be an issue on Ubuntu 18.04 LTS, as it currently offers MongoDB 3.6.x. 
  • The proper keystore alias and name are `unifi`. If your custom SSL cert is no longer working, please verify that you are using the proper keystore and alias. A bug previously allowed `ubnt` to work, although that was never technically correct. If you find mention of these invalid steps on the community, please point them out so we can fix them. 
  • The initial database migration will take longer than normal. It is expected to see mongo using most, if not all, of the available CPU cycles during this process. Please be patient, this process could easily take 15+ minutes, depending on the amount of historical stats, as well as the system specs. As always, err on the side of caution, and make a backup before upgrading.
  • The controller will not start if it is set to bind to a privileged port (<1024), as it now runs as a non-root user.
  • Support for PicoM2 and 1st gen AC models was dropped in 5.7.x. Please see our announcement HERE.
  • As of release branch 5.7.x we’ve made some important changes to the Wireless Uplink feature (feature details HERE).
    • We removed the “Enable automatic uplink failover” from wireless uplinks as it is no longer needed.
    • We added the ability to opt an AP in or out of wireless uplinking to another AP. This is done by checking the “Allow meshing to another access point” option found under device properties>Config>Wireless Uplink.
      • This option should be disabled on wired APs, but is required to be enabled on wireless APs.
      • If you disable this option on a downlink/wireless AP, then your AP will be disconnected from the network and require further action (including physical access).
      • If upgrading from 5.6>5.7 then this already be disabled on wired APs, but if upgrading from an earlier 5.7. release then this may be enabled on wired APs. 
      • Again, this option should be enabled on downlink/wireless UAPs only. It should not be enabled on wired UAPs. 
    • We added the ability to set uplink priorties. This allows you to define the preferred uplinks for a downlink/wireless AP.
  • Fixed IPs (DHCP reservations) are now required to use unique IPs. The same IP cannot be assigned to more than one device. For configurations that already contain duplicates, only the most recently active device will have its fixed IP provisioned to USG. The controller’s server.log will contain a log message skip provisioning duplicate fixed IP for user[] indicating which was omitted where there are conflicts.

Known Issues:

  • airTime will not work if a radio is disabled and/or there isn’t any SSID present. This will be fixed in a future release. If you enable it, and it still isn’t working, then you may need to force a refresh without cache. 
  • If you start both a 2.4GHz and 5GHz scan in quick succession, then it will fail.
  • It is expected that airView will stop occasionally. A stop/start sequence should restore functionality.
  • If you start an airTime scan while airView is running, then airView will stop and you’ll need to perform a stop/start sequence to get it working again. This will be fixed in the future.
  • Port mapping for USG (UGW3) is incorrect under performance statistics. This will be fixed in a future release.

Possible Upgrade Paths:

  • <=5.9.26, <=5.8.30, <=5.7.28, <=5.6.40 and most earlier releases (going back to 3.1.0). There may be some version specific exceptions to this list.

Known Issues:

  • Some statistics on the dashboard are still under development. Please share any and all feedback!

New Features:

  • New Dashboard.
  • IPS Dashboard.
  • IPS Signature Suppression.
  • Add support IPS signature categories control.
  • Add per radio uplink control.
  • Add speed and duplex config for USG interfaces.
  • Add Fallback VLAN support for USW when using 802.1X.
  • Add local SSO login.
  • Add Controller HD and Micro SD free space monitoring to admin notification settings.
  • Analytic Reporting.
  • New Cloud Access integration.

 

Controller bugfixes/changes since 5.8:

  • Add tooltip for Hotspot RADIUS authorization.
  • Add description to DPI blocking rules.
  • Add info about IDS to IPS warnings in Settings.
  • Add tooltip with an explanation why clients are blocked on dashboard.
  • Add modal to confirm override inform url in Settings/Controller.
  • Add enable port forwarding option.
  • Add firewall default match log control.
  • Add support for IPv6 on IPS view.
  • Add WAN Class of Service QoS tagging support, for Google Fiber and similar fiber ISPs that require it.
  • Add No-IP to the list of dynamic DNS providers.
  • Add Download Device Info button to get device information from backend cache.
  • Add tooltip for DHCP option 43.
  • Add Remove Payment button to transactions list.
  • Add Remove Personal Data button to transactions list.
  • Add: Maps labels – Reset options to All.
  • Add TX power and EIRP to detailed view.
  • Add validation preventing duplicate fixed IPs.
  • Add STP block port event.
  • Allow setting Management VLAN at Access Points.
  • Allow customizing AC-IW/Pro Ethernet port profile.
  • Dashboard – Port Usage widget: adjust tooltips to use new style and position automatically.
  • Import locally configured speed/duplex settings during USG adoption.
  • Topology chart – in case of low depth make the chart wider.
  • Hide IoT icon on dashboard.
  • Hide IPS side navigation item when no USG is present.
  • Hide Fast Roaming feature for WEP networks.
  • Performance improvements.
  • Update translations.
  • Anomalies pane squashed when properties pane is shown.
  • Remove duplicated left border for Property Panel.
  • Remove TKIP only option from WPA security mode.
  • RF Environment RSSI Histogram not visible.
  • Dashboard: fix case when showing tooltip caused dashboard to scroll to top.
  • Fix DPI app IDs with multiple items duplicated in DPI group.
  • Fix debugging metrics tooltip.
  • Fix RADIUS Profile tooltip in WPA Enterprise settings.
  • Fix AP Statistics Graph – some dots are not responsible.
  • Fix: Moving firewall rules does not work on Firefox.
  • Fix UAP-XG/BaseStationXG PHY reporting (also requires firmware 3.9.55 or later).
  • Fix IPS/IDS response body support.
  • Fix statistics reporting on UAP when all radios are disabled.
  • Fix known causes of Decrypt Error for all USGs.
  • Fix highlighting menu in Settings.
  • Fix displaying IP address of gateway discovered by Discovery Tool.
  • Fix device buttons on Site Overview.
  • Fix a potential bug affecting autobackup on Windows 10.
  • Fix a bug preventing the ability to download Device Info via the UniFi Cloud Access tie-in.
  • Fix inform IP logging to minimize spam.
  • Fix a bug which may cause unifi.yourdomain.com to be provisioned to devices for both the management and STUN URLs.
  • Fix a bug which affected MAC Authentication Bypass provisioning on UAPs.
  • Fix refreshing Assoc. widget and Dashboard Navigation optimization.
  • Fix overlapping icons inside nav menu.
  • Fix: AP name in AP Retry Rate chart tooltip is sometimes missing.
  • Prevent AP Retry Rate plot higher than 100% for old firmware.
  • Fix duplicated OAuth redirect URIs.
  • Fix incorrect height of empty dashboard widgets on a narrow screen.
  • Prevent Association Failures, WiFi Clients and Time To Associate widgets to interfere with each other.
  • Fix case when Clients tab in Property Panel is not working.
  • Fix some bugs in Fast Roaming provisioning.
  • Fix rogue count in Radio AI.
  • Fix a migration issue.
  • Topology: truncate ESSID if too long (more than 14 chars).
  • Topology: fix reported LAN clients when using LACP on USW.
  • Fix controller settings for reporter.
  • Fix translations for unavailable modules on Custom Dashboard.
  • Fix case when ‘Edit widgets’ button is (not) visible when it should(n’t) be.
  • Reset button in Site settings not available when Download/Upload values were changed via Pre-populate option.
  • Fix AP downlinks accordion heading.
  • Fix a condition which may prevent the admin’s ability to disable UniFi Cloud access.
  • Fix stacking “Devices with upgrades”.
  • Dashboard Health Status should not indicate devices that are Disconnected during FW Upgrade.
  • Fix pagination on DPI Category view.
  • Fix: DPI Category view – categories not clickable.
  • Fix missing translation for disabled network.
  • Fix that WAN Interface in UPnP is not visible.
  • Fix empty stats when using WAN2 interface.
  • Improve binaryPrefix service to work with negative numbers.
  • Improve client list performance.
  • Improve accuracy of reported wireless uplink candidates.
  • Scheduled upgrades time ranges should respect 12/24h format settings from preferences.
  • “Show Pending Devices” should be enabled by default for all new Admins.
  • Tweak X axis tick resolution (switch from weeks to months at 4 months breakpoint, not 6 as was earlier).
  • Fix missing time range in chart’s tooltip in case of 5 minutes granularity.
  • Fix console error related with coverage on Google maps.
  • Fix AC-EDU Streams condensed list display.
  • Fix a bug with AC-IW/IW-Pro provisioning which caused traffic to stop forwarding when the management VLAN and a WLAN VLAN are the same.
  • Fix RADIUS accounting for switching products.
  • Update free space alert.
  • Switch port tooltip incorrect offset and location.
  • AP Mesh -> custom Antenna gain: Missing validation error when no value specified.
  • Device list – BSSID tooltip cut off sometimes.
  • Set alert email HTML encoding to UTF-8.
  • Don’t exclude all port forwarded ports from policy routing.
  • Don’t mark `Managed By Other` devices as upgradable.
  • Take locally configured WAN VLAN ID into account when adopting USG.
  • Raise minimum firmware version for UAP/USW to 3.7.21.
  • Raise minimum firmware version for USG-XG to 4.4.27.
  • Various bug fixes and improvements.