Ubiquiti Unifi Controller on FreeNAS

[Patrick M. Hausen]

Address resolution failed for http://pkg.FreeBSD.org/FreeBSD:12:amd64/latest.

@ThreeDee must have overlooked that. Your address resolution is not working for the jail. Does the jail have an IP address? Does it have a default gateway? What is the "resolver" property of the jail set to? If it is "/etc/resolv.conf" that means copy the configuration of the host whenever the jail is started. Which is the preferred way in most cases. Can your FreeNAS host resolve host names "on the Internet"?

 

[Netdewt]

Somehow pkg update && pkg upgrade was left out of the code above. Thanks.

All installed now. So far I am not getting a sign in from Unifi at my jail IP. But the IP is online. Maybe I missed something with the bridge and vnet settings.

Edit, my jail IP isn't online this morning. So, still tracking down what the problem might be.

 

[ThreeDee]

initial jail setup that I do and works for me:

Create a NEW jail using advanced
Name it whatever.. I selected 12.2 jail
I checked VNET and BPF
vnet_default_interface = auto
IPv4 Interface = vnet0
IPv4 Adress = whatever matches your network
IPv4 Netmask = whatever matches your network .. probably 24 for most
IPv4 Default Router = Gateway address

 

[Netdewt]

initial jail setup that I do and works for me:

Whoops, I added these, it nuked my home network, and now I can't connect to TrueNAS at all. I did not have BPF checked and vnet default interface was set to none. Not quite sure at the moment how to regain control. No IPs online.

Code:

I checked VNET and BPF
vnet_default_interface = auto

 

[Patrick M. Hausen]

If you use the "auto" setting, TrueNAS will create a bridge with your main interface as a member. That sometimes messes up things if there are already other bridge interfaces present. A reboot should fix that and bring networking back.

 

[Patrick M. Hausen]

After you added the screenshots - you cannot combine "auto" and pick a particular pre-created bridge down in the network settings at the same time. You need to decide if you want to use "auto" and have TrueNAS manage the bridging or not. If the former, delete all manual bridge interfaces, set to "auto", your jail will be conbected via bridge0 (auto-created) to the physical interface that has the default gateway.

If the latter, set it to "none" again and configure manually. You said your jail IP was online. I.e. it pings? Did you enable and start the Unifi servicr in the jail?

 

[Netdewt]

After you added the screenshots - you cannot combine "auto" and pick a particular pre-created bridge down in the network settings at the same time. You need to decide if you want to use "auto" and have TrueNAS manage the bridging or not. If the former, delete all manual bridge interfaces, set to "auto", your jail will be conbected via bridge0 (auto-created) to the physical interface that has the default gateway.

If the latter, set it to "none" again and configure manually. You said your jail IP was online. I.e. it pings? Did you enable and start the Unifi servicr in the jail?

IP was there. Now it's not.

Every time I boot up the NAS it nukes my network and I have to restart the gateway. So I have to figure out how to get it back without the UI.

 

[Patrick M. Hausen]

iocage set boot=off <your-jail-name>

This way it won't autostart. And hopefully your NAS will stay alive.

 

[Netdewt]

iocage set boot=off <your-jail-name>

This way it won't autostart. And hopefully your NAS will stay alive.

Nothing plugged in except HDMI, TrueNAS will not boot at all. Maybe if I unplug the HDDs again?

 

[Patrick M. Hausen]

There is no way the creation of a jail can prevent your NAS from booting, no matter what the parameters. There must be a different cause.

Unplug one of the network interfaces! You created a bridge connecting both, creating a loop in your network. The following broadcast storm is what brings down your gateway.

 

[Netdewt]

Unplugging HDDs, boots right up.

However, no jails are found with them unplugged, so I can't set boot=off.

So, instead I turned off my second network interface and deleted the bridge. Plugged HDDs back in and booted. All is back to the way it was.

So now, what settings do I need in Network interfaces to use the auto bridge?

 

[Patrick M. Hausen]

Delete all bridge interfaces. Set the jail to "auto". Reboot. You should end up with an automatically created bridge0 with yor LAN interface and some vnet* interface as members once the jail is booted. You can check that with ifconfig on the command line.

 

[Netdewt]

Delete all bridge interfaces. Set the jail to "auto". Reboot. You should end up with an automatically created bridge0 with yor LAN interface and some vnet* interface as members once the jail is booted. You can check that with ifconfig on the command line.

So, in this configuration, would the same interface be hosting both IP addresses, or would it use my second interface?

 

[Patrick M. Hausen]

It would of course be the same interface.

If you insist on using the second just follow my earlier guide and dont use auto. You said the jail "pinged". So network was perfectly OK. You also wrote you could not access that Unifi thing. After which I asked "after the pkg install did you actually enable and start the service?". A software package that is installed but not running is hard to access in your browser.

Plus, by default the Unifi controller listens on port 8080 and 8443 so you need to add ":8080" to your URL ...

To give you some more background: a vnet jail is a completely independent installation of FreeBSD running arbitrary stuff. pkg install installs things. Starting/stopping/enabling/disabling services is a different task.

If the package/service is called "unifi" oder "unifi6" then sysrc unifi_enable=YES followed by service unifi start all inside the jail will do the trick. Nothing TrueNAS specific about that, really. If you intend to run things in jails you need some FreeBSD sysadmin basics.

 

[Netdewt]

Plus, by default the Unifi controller listens on port 8080 and 8443 so you need to add ":8080" to your URL ...

This must be why it wasn't working. I just navigated to the plain IP.

Edit, I tried now with the auto method on one interface and :8080. Unifi works. Many thanks.

If the package/service is called "unifi" oder "unifi6" then sysrc unifi_enable=YES followed by service unifi start all inside the jail will do the trick. Nothing TrueNAS specific about that, really. If you intend to run things in jails you need some FreeBSD sysadmin basics.

Understood. I do believe I started the Unifi service as spelled out by Jailer and ThreeDee.

Thanks again for your persistence. I'm thinking where might be a good place to learn more Unix. Online course? I fumble in the dark a lot not knowing the basics here.

The Unix Workbench

Offered by Johns Hopkins University. Unix forms a foundation that is often very helpful for accomplishing other goals you might have for you ... Enroll for free.

www.coursera.org

 

[Jailer]

I'm thinking where might be a good place to learn more Unix.

You learned a few things today right? That's how you learn. Take notes as you go when you are trying something new so you have something to reference if you need to do it again.

What's really nice about TrueNAS/FreeBSD and jails is if you screw it up too badly you can just nuke the jail and quickly start over again without disturbing any of the surrounding OS. I love jails because of this.

 

[Netdewt]

You learned a few things today right? That's how you learn. Take notes as you go when you are trying something new so you have something to reference if you need to do it again.

What's really nice about TrueNAS/FreeBSD and jails is if you screw it up too badly you can just nuke the jail and quickly start over again without disturbing any of the surrounding OS. I love jails because of this.

Oh for sure. I’m just a pain on here asking stupid questions. I’ve always wanted to understand more Unix, but I’m a big trial and error learner, and I didn’t take any classes in this back in the day.

I do photography stuff for a living and I’m usually the tech guy people come to (low bar in this industry), but there is a whole lot I don’t know. I do get a lot of satisfaction getting systems and networks going.

 

[ThreeDee]

Oh for sure. I’m just a pain on here asking stupid questions. I’ve always wanted to understand more Unix, but I’m a big trial and error learner, and I didn’t take any classes in this back in the day.

I do photography stuff for a living and I’m usually the tech guy people come to (low bar in this industry), but there is a whole lot I don’t know. I do get a lot of satisfaction getting systems and networks going.

Great that you got it working!

wise man once say .. "only stupid question ... is the un-asked question" .. I'm like you and a fumbler and if it wasn't for the helpful folks here, I wouldn't be able to run TrueNAS. I just follow directions and it works... and then pass on "their" knowledge/what "they" told me to do.. trying to remember to give proper credit where it's due so nobody thinks that I actually know what I'm doing .. because I don't.

I'm just a lowly Windows hardware guy

 

[Patrick M. Hausen]

For learning I'd recomnend the FreeBSD handbook:

FreeBSD Handbook

A constantly evolving, comprehensive resource for FreeBSD users

docs.freebsd.org

and practically anything my Michael W. Lucas, starting with "Absolute FreeBSD":

Operating Systems – Michael W Lucas

And of course the TrueNAS documentation for ZFS related things, sharing, all the TN specific features.

One of the major problems with support in this forum seems to me that more and more questions do not deal with TrueNAS at all. As I wrote a jail is a completely separate FreeBSD virtual machine. You can install anything in there. And people come asking for help with Unifi, Nextcloud, ...
In your case I just happen to run a Unifi controller myself. That's why I knew about the different port. And of course I am not blaming you for coming here for help. But there is a Unifi support forum. Just saying

Yesterday someone else came up with a Python/Django based document management system he tries to install. How the heck is anyone on this forum supposed to know? Unless by accident he/she runs that software.

I think that we are in danger of running into a larger problem of scale here. How wide and how deep can we as a community go with third party software - which (I am repeating myself) has absolutely no connection to TrueNAS whatsoever.

Most of the regulars who help here including myself are experienced system administrators who have seen quite a diverse set of server and application software and of course I will continue to help where I can. Possibly it is time for a document with the fundamentals about jails, FreeBSD and how to install third party apps. And how this open source thing works in the first place and that in many cases there are communities around product X that may be a better address.

Just a couple of thoughts. I am glad I could help, and of course I encourage you to come back with any further questions.

Kind regards,
Patrick

 

[Netdewt]

In your case I just happen to run a Unifi controller myself. That's why I knew about the different port. And of course I am not blaming you for coming here for help. But there is a Unifi support forum. Just saying

In defense of myself and the other dumb people, I didn't think I was onto having issues with Unifi yet!

Many thanks.

Here's a smaller question, that you very well may not know. WebRTC (remote management) isn't working on the Unifi install. Everything else does. Someone on the Unifi forum suggested it could be a NAT problem within the VNET. Is there anything about the VNET that could interfere with this?