Tag: engineering

  • Digging into Ubiquiti’s UFiber OLT

    As some of you might know, currently I’m working as a network engineer on a medium size ISP. The company had a long history working as a WISP, and in later times they moved into FTTH, trying several vendors among the lead players of the industry.

    As some of you might also know, Argentina has a history of economic meltdowns, currency devaluations and import restrictions. Considering this, the best solution to implement a network here is usually the one you can afford, which can provide the performance you need, and over all things, the one you will be able to keep buying in the future.

    So, considering all these factors, when planning for a GPON network for a medium size operator…while trying to keep costs low for both the company and customers:

    • It really doesn’t matter if Calix supports XGS-PON technologies…
    • Or if Huawei gear is compatible with almost everything…
    • Or if Furukawa Electric has some great management software…

    The real questions to ask were:

    • Can the company afford the OLTs, and the ONUs for the planned customer base?
    • Will they be in the market in the years to come?

    Enter Ubiquiti UFiber

    UFiber offers internet and telecom service providers a cost‑effective fiber optic delivery system for Triple Play Services (data, voice, IPTV/VoD) with speeds of up to 2.488 Gbps downstream and 1.244 Gbps upstream.

    OLTs come with dual hot-swap power supplies, 4 and 8 PON ports versions. Every PON port supports 128 CPEs, 20 Km maximum range. The uplinks are two SFP+, which can with in LACP.

    The ONUs options, at the time when I’m writing, are:

    • UFiber Nano – one PON (of course), one Gigabit Ethernet, a fancy LCD display. Passive PoE powered.
    • UFiber Loco – a PON, a Giga Eth, passive PoE powered or external micro USB power.
    • UFiber Wifi, like above, but with 4 Giga Ethernet ports, and a 802.11n interface.
    • UFiber Instant, a nice SFP ONU.

    Ok, sounds nice. How do we manage them? There is a web GUI…

    Hey, the GUI looks like EdgeOS !

    Once logged in, the GUI has a nice dashboard which looks like this. And it crashes from time to time.

    They tried

    But this not EdgeOS, the OLT is a different product! Let’s ssh into it to get the real feel.

    ssh admin@olt
    The authenticity of host 'olt (olt)' can't be established.
    ECDSA key fingerprint is SHA256:thnWRB2bImsdNuu1ar74GryFwv5r7PoHJsHhJOkHnCQ.
    Are you sure you want to continue connecting (yes/no)? yes
    Warning: Permanently added 'olt' (ECDSA) to the list of known hosts.
    Welcome to EdgeOS
    By logging in, accessing, or using the Ubiquiti product, you
    acknowledge that you have read and understood the Ubiquiti
    License Agreement (available in the Web UI at, by default,
    http://192.168.1.1) and agree to be bound by its terms.
    admin@olt's password:
    Linux olt 4.4.159+ #1 SMP Fri Feb 22 15:28:22 UTC 2019 mips
    Welcome to EdgeOS
    Last login: Tue May 26 15:50:16 2020 from 190.211.80.70
    admin@olt:~$

    Ok, this is definitely EdgeOS. So we got a fully featured command line interface, with commands similar to Juniper JunOS.

    admin@olt:~$ show configuration | display set
    -vbash: display: command not found

    Ok, maybe the command line is not so-fully-featured. No worries, I’ll write Ansible playbooks to manage the OLTs anyway. Most of the configuration is Juniper-like, so all I need at this moment is find out how to configure GPON profiles, and provision ONUs.

    admin@olt:~$ show configuration | match onu
    admin@olt:~$ show configuration | match profile
    admin@olt:~$ show configuration | match gpon
    gpon {

    There you are! Let’s go into configuration mode.

    admin@olt:~$ configure
    [edit]
    admin@olt# show system gpon
    isolation enable
    mtu 1518
    [edit]
    admin@olt#

    Well, this is awkward. There is nothing about GPON in the command line. Neither in the working configuration, and of course being Ubiquiti, there are no command line manuals.

    Love the smell of undocumented commands in the morning

    So, I saw two interesting lines before: Linux olt 4.4.15, and -vbash: display: command not found, which tells me this is Linux, not BSD as in Junos, and we have bash.

    admin@olt:~$
    Possible completions:
      add           Add an object to a service
      clear         Clear system information
      configure     Enter configure mode
      connect       Establish a connection
      copy          Copy data
      delete        Delete a file
      disconnect    Take down a connection
      generate      Generate an object
      initial-setup Enter initial configuration dialog
      no            Disable or reset operational variable
      ping          Send Internet Control Message Protocol (ICMP) echo request
      ping6         Send IPv6 Internet Control Message Protocol (ICMP) echo request
      reboot        Reboot the system
      release       Release specified variable
      rename        Re-name something.
      renew         Renew specified variable
      reset         Reset a service
      restart       Restart a service
      set           Set system or shell options
      show          Show system information
      shutdown      Shutdown the system
      telnet        Telnet to <hostname|IPv4 address>
      terminal      Control terminal behaviors
      traceroute    Track network path to <hostname|IPv4 address>
      traceroute6   Track network path to <hostname|IPv6 address>

    No signs of bourne again shells in the horizon. Does my magic have any power here?

    admin@olt:~$ sh
    sh-4.4$ whoami
    admin
    sh-4.4$ sudo su
    root@olt:/home/admin#

    Finally a decent shell. Which world is this?

    root@olt:~# uname -a
    Linux olt 4.4.159+ #1 SMP Fri Feb 22 15:28:22 UTC 2019 mips GNU/Linux
    root@olt:~# ls -l /etc/ | grep apt
    drwxr-xr-x 6 root root 117 Feb 22 2019 apt

    We have apt, so this is a Debian world. I checked on /etc/apt/ and there are no repositories, but I am sure I could run cowsay on this. But the fun can wait.

    Where is my GPON configuration? It should say “onu” somewhere.

    root@olt:/# grep -r "onu" / | more
    grep: /proc/sys/net/ipv4/route/flush: Permission denied
    /config/onu_config.json: "onu-policies": {
    /config/onu_config.json: "onu-list": {
    /config/onu_config.json: "onu-profiles": {
    /home/admin/.history:show configuration | match onu
    /home/admin/.history:show configuration | match onu
    Binary file /lib/mipsel-linux-gnu/libbsd.so.0.8.3 matches
    Binary file /lib/mipsel-linux-gnu/libnss_hesiod-2.24.so matches
    Binary file /lib/udev/hwdb.bin matches
    /lib/udev/hwdb.d/20-OUI.hwdb: ID_OUI_FROM_DATABASE=Monument Labs, Inc.
    /lib/udev/hwdb.d/20-OUI.hwdb: ID_OUI_FROM_DATABASE=Optical Zonu Corporation
    /lib/udev/hwdb.d/20-OUI.hwdb: ID_OUI_FROM_DATABASE=Presonus Corporation
    /lib/udev/hwdb.d/20-usb-vendor-model.hwdb: ID_VENDOR_FROM_DATABASE=PreSonus Audio Electronics, Inc.
    Binary file /opt/bcm68620/bcm68620_appl.bin matches
    Binary file /opt/bcm68620/bcm_dev_ctrl_linux.ko matches
    Binary file /opt/bcm68620/bcm_user_appl matches
    /opt/vyatta/share/vyatta-cfg/templates/system/gpon/logging/module/node.def:syntax:expression: $VAR(@) in "main", "oltsys", "onu", "session", "events", "mon_th", "sdk"
    /opt/vyatta/share/vyatta-cfg/templates/system/gpon/logging/module/node.def:allowed: echo main oltsys onu session events mon_th sdk

    I bolded the interesting information.

    • There is a /config directory, which has a JSON file called onu_config.json
    • The operating system, is in fact, Vyatta.

    If you are curious, this is the content of /config. We will dig deeper on the next article.

    root@olt:/# ls -l /config
    total 200
    -rw-rw-r-- 1 root vyattacfg 3336 Jan 1 2015 2020
    drwxrwsr-x 1 root vyattacfg 160 Feb 22 2019 auth
    -rw-rw-r-- 1 root vyattacfg 3882 May 26 11:59 config.boot
    -rw-r----- 1 root vyattacfg 2402 Dec 31 2014 config.boot.2015-01-01-0001.pre-migration
    -rw-r----- 1 root vyattacfg 3151 Apr 13 2015 config.boot.2015-04-14-0130.pre-migration
    -rw------- 1 root vyattacfg 187285 May 26 16:14 onu_config.json
    drwxrwsr-x 1 root vyattacfg 232 Feb 22 2019 scripts
    drwxr-sr-x 2 root vyattacfg 232 Dec 31 2014 snmp
    drwxrwsr-x 1 root vyattacfg 160 Feb 22 2019 support
    drwxr-xr-x 1 root root 160 Oct 29 2018 udapi-bridge
    drwxrwsr-x 1 root vyattacfg 160 Feb 22 2019 user-data
    drwxr-sr-x 3 www-data vyattacfg 224 Dec 31 2014 wizard