 Tom here from Orange Systems and Unify has released controller version 5.13.29 Which includes a big feature update, which is layer 3 routing features for their well certain switches including right now the gen 2 now It is June of 2020 so statements I make now are as of June 2020 I like to bring that up because right now there's a lot of documentation on it So if you're watching this for your future date and you found documentation awesome They've caught up as of right now they have not so I'm gonna show you where to find this feature and how to turn it On and talk about it a little bit and what it might be used for but first if you'd like to learn more about me or my company Head over to Lawrence systems comm if you'd like to hire short project There's a hires button right at the top if you want to support this channel in other ways There's affiliate links down below to get you deals and discounts on products and services We talk about on this channel including a link to our patreon if you'd like to become a patreon supporter We also have a swag store where you can get shirts and other items that are for sale and that changes from time to time What's available and what's not so go ahead and check that out frequently and Finally our forums if you'd like to have a more in-depth discussion about this video suggestions for new videos or just reach out Say hi and talk tech our forums are a great place for that. All right now back to the content So for this controller a big feature of course like I said the ad layer three switching features for USW pro series So there's the gen 2 pro series that offer this and I believe one more 10 gig switch it offers that they have it Under website and it's of course gonna be an ever increasing list as they come up more models that have that support First other improvement of note is ad support for MongoDB 3.6 I thought this was a little odd that they didn't go all the way to 4.0 Because 3.6 has an end of life of April 2021 and 4.0 is January 22 22 before there's end of life and the current one is current is 4.2 So hopefully there's gonna be another release that catches us up over to that There's about a little fine tuning they did and it looks like they had like Auto optimize enables Wi-Fi AI, which is nice They also have added hot spot support for the Wi-Fi Alliance requirements for 2.0 So I don't know all the details of it But I know a few people had asked me and we haven't done a lot of like paid Outdoor Wi-Fi's and someone said there's some shortcomings in using the unified for this Our solution a lot of times was to pass it off to a different portal for the payment not use anything built into the Unify so I imagine enhancements have to do a little bit around there Failover this is something people had asked me for a lot is how the UDM handles fell over And this is the unified dream machine and dream machine pros probably as this has UDM devices also It's encompassing all of them There was some problems with the fail over it appears that they have fixed some of those Including down here again fix when fell over when using a PPOE connection on the UDM People asked me about that now. We don't see here in the US as many PPOE connections I'm not saying they don't exist here. We just have not serviced many of them None of our active clients that are like on our managed services have them So we don't really see them secondary We don't really deploy deploy USGs or UDMs as our firewall of choice for many of our clients And I've mentioned this before, you know One of things still missing all the way in 5.13 is still not the ability to assign multiple blocks of IPs Through the UI to the WAN I didn't see that feature added to here. I don't believe that it's in there There's a ton of other minor bug fixes, which is all great There's a lot of a little enhancements a lot of UI tweaking a lot of fine-tuning which has been good And as far as they're switching in AP we updated it we push the firmware updates and everything seems to have gone well Now on to the features specifically this one here. So what we have is this is my Studio Gen 2 Pro switch and the Gen 2 Pro is one of them that does support the Settings so you can do the layer 3 routing And what I have here is the way you create the networks and I wanted to show this because this is an interesting thing So if we go here to create network You can see now there's an option for creating a switch network and we have I don't have it attached at the moment the XG6 PoE and the Studio Gen 2 so any of the switches you have that support that feature You can add that on and put it in there So that's great and I went ahead and created a couple of them So we have this where it says layer 3 route test 44 and what I did was I made the IP address one nine two one six eight forty four Zero slash twenty four for the network and then one and make sure you again when you create these it's interesting So when you create the switch one, we'll choose this you actually two dot one six eight dot thirty three dot one slash Twenty four it fills up all of this and then lets you create a DHT pool range so this is Segmented out the switch itself has its own DCP server and you'll define the VLAN up here You know if we wanted to make one more we just make this one thirty three So what this allows you to do is have this Sets the IP and of course you could have made this like a slash twenty three if you needed a bigger and have a larger range But you get the idea now it's maybe I'll dive into it more on an advanced video to dive into a few other features You'd need to make this work It's not just about routing if you have a non And I do not have a USG if you don't have a USG and you have something else handing your firewall You may have to add other static routes in your firewall to have other devices understand the static routes are in here So refer to my layer 3 video which I'll leave a link to where I talk about layer 3 routing and things like that and switch routing I have a whole video where I dive in that topic and it's a discussion of when you may want to use this and An example is going to be you know You have a switch and you don't want it to go all the way back up stream to your main firewall That's providing routing for the network. You want it to route within the switch now the way unified design is interesting Well, you know often we did test to make sure this works if you define in the gen 2 switch That you want it to be the main layer 3 router. So we defined dot 44 and dot 55 now, let me show you how it looks from a port assignment So we're gonna go over here to the devices. We've got these two different networks it up We go over to devices and we're gonna take and look at the studio switch here Pop it out Now the studio switch this one is just a unify switch 24 poe It is not one of the gen twos But when we defined and we go over here and we'll go to a port because you define them as different Network types We can actually assign a port here and what that does if we assign this so we look if we assign this one to the 55 address I'll my laptop will get an address in that range hand it out from the gen 2 switch and V-land over automatically to the studio switch So the routing won't occur up at where my Currently our main firewalls PF sent so so the routing going all the way the PF sense and defining the V-lands there in routing normally You can set the ports and the other unified switches will talk to the designated switch You designated to be the routing device on there So it's actually pretty clever and this is a an example might also be and makes a future video dive more into this Where you set some switches you have one point to point between them But you have a series of switches you could create some routes So they wouldn't have to go all the way back to the point-to-point when two devices across two V-lands are on the other side And you want them to talk to each other without looping back through each time So there's definitely some added benefit to this feature. I really like it But I will talk about one of the things we did find that was kind of interesting The default when you do this and you create a inter V-land route is to just route the traffic I didn't see any way to stop routing the traffic and let me go into that So if you go over here We go routing in firewall and you see it says I don't have a usg on this we go to firewall and we go You know land local and we have an option right here and we actually put a deny in so we put this deny in so Deny all these things and actually I try I was guessing what different things tcp and all But let me at the same time pull this up and let me show you what happens here And it does not appear that these rules have any effect even though they say they're inter V-land rules And we'll just put this here. So it's went in view And we'll go back over to the firewall settings So if I edit this particular rule and I'm gotta deny so drop traffic Source traffic layer 3 route test 55 layer 3 route test 44 save Please note. It's not provisioning behind me where I'm in the corner It said the changes were safe successfully, but it doesn't seem to re provision a studio gen 2 The reason I'm bringing this up is because we actually did a lot of testing with this I put different computers on different networks and each time no matter what I did with the firewall rules Even when I had none in there at all and which is the default of it should have started routing traffic And then putting a deny rule should have stopped it from routing No change we made in that firewall at all in terms of the rules inside of here Seems to make any difference on the inter V-land traffic once you create it and you create on a single Device multiple V-lands with multiple defined The essentially gateways for routing on there. They just route traffic blindly. So Good and bad if there's certain things you need maybe you want to do that Maybe you have special route reasons for it But it doesn't seem to be a way to filter that route information as in they just will start letting those two V-lands talk to each other Back and forth and I maybe there's some way to put rules and maybe I don't know how to do it But I didn't find any documentation so one if the documentation becomes more available or two Someone can point me to the documentation that I overlooked. Please, you know tag me in a tweet Posted my forums comment on this video and I try to read and reply to all the comments So I can figure out where that information might be But overall we you know installing this was no problem in terms of upgrading it There is a ton of minor little bug fixes in here that I thought were really clever Which does also include like updating this inner V-land routing options that are in there Which great that they added that also if you look over here in my defined networks, if you go back over here And we look at my defined networks Once I started adding these this appeared at the top Which is the intra V-land routing option. So there's also so apparently some type of It added at V-land 4040, which I didn't add. I added 44 and 55 and it added this right here as some type of inner V-land routing Like I said, I'm not exactly sure what all they're doing here It looks interesting and there's obviously some room for improvement But if we're finally here after years of you know, unified talking about adding these features to these particular switches, we finally are getting it So it's off to a great start in terms of the fact that it's there It's off to a rough start and the fact that doesn't seem to have too many options in there Or maybe they're going to restrict it to you only get advanced options if you have the usg So if you know of some documentation, let me know if not so far the update went well We've been keeping all the firmware up to date This update didn't promise us for any further firmware updates because all the firmwares were already up to date in all of our systems But I did notice some notes in the firmware updates for the switches that they were to You know, essentially prepare themselves for this 5.13 update to get that firmware up to date for that So I don't see any reason why not to update go ahead and get started and thank you And thank you for making it to the end of the video If you like this video, please give it a thumbs up If you'd like to see more content from the channel hit the subscribe button and hit the bell icon If you like youtube to notify you when new videos come out If you'd like to hire us head over to laurancesystems.com fill out our contact page And let us know what we can help you with and what projects you'd like us to work together on If you want to carry on the discussion head over to forums.laurancesystems.com Where we can carry on the discussion about this video other videos or other tech topics in general Even suggestions for new videos. They're accepted right there on our forums, which are free Also, if you like to help the channel in other ways head over to our affiliate page We have a lot of great tech offers for you. And once again, thanks for watching and see you next time