Morning all, Does anyone have much experience with Unifi networking? I am going to be completely redoing the network at home, something that I have been meaning to do since we bought the place, but you all know how it is... We have just had symmetrical gigabit capable fibre run down the road (yay), and once that all gets set up, the bottlenecks will all be internal to our system with only the wired connection to my PC in theory being capable of gigabit speeds, everything else is wirelessly linked through a network of 3 Google Mesh routers, typically giving us around 50 to 60 Mbit (from what is currently a 110Mbps line). With my wife working from home 4 days out of 5 each week and being heavily reliant on the internet connection (Multi-lingual IT support), I am also wanting something that will be robust and something that she can have a play around with getting things set up and configured. My plan is to trade all that in and go with A Ubiquiti Dream Machine Pro and 24 port PoE switch with a couple of their access points (in theory 1 should do a house of this size, but the place is built from reinforced concrete...). Cabling between the switch and rooms will be Cat6 with PoE capability for a few lines as needed. I am also hoping that I will be able to help our surge protection R&D guys at work with some testing of new parts... Any thoughts?
Sounds like a solid plan. Ideally you want the Gen2 version of the switch (& the Pro at that) to give you 10GB SFP+ ports on it to uplink to the UDM-Pro
Yeah, that is what I was thinking. At the moment it is looking like I need to try and build up about £1500 to get things done, but the pro version of the switch certainly does add in another chunk... Mind you, I do think it would be worth it with the extra bandwidth and the extra power available on the PoE++, but it is almost an extra £400... I have a few ideas so we shall see.
Would you not want a faster internal network, or do you not have things like NAS/Servers etc, what are you connecting to you 24ports, I'd be looking for at least multigig to APs etc though I think that would discount Unfi APs as they don't support that even on Wifi6 which is weird?
I do have a small server, but as that only has a gigabit connection which is more than adequate for stream any amount of HD film or TV stuff that we would be doing (there is only my wife and I here) the gigabit connections will be fine. As for the WiFi 6 capability, their Access Point Lite which is probably what I would go for has WiFi 6 with a 5GHz bandwidth of 1.2Gbps. I am planning on having one of those on the landing and one in the lounge. As for the additional ports, I am planning on a couple for each room that I will be running cables to, the WiFi points will each need a PoE connection and than that leaves spares for when I get around to things like cameras.
First thing I'll say is, Ubiquiti kit runs hot. I don't have the big boy toys, but I have used them a fair bit with work and the like, and they are far far hotter than the competition IME. It's worth noting that I've had better luck with seamless wifi transitions setting the access points to medium power - Which can reduce their effective range. It's also worth stating that they're absolute dog **** from behind, so you really want a ceiling mount to get the best out of them IME. A lot of little things that other routers just let you do, have to be done with custom JSON files on the controller, which can get frustrating - Especially when the JSON validates but causes a bootloop of the device using it. Example: If you run PiHole and want to lock down all DNS requests to only go through Pihole you'll need a JSON based config. But adding two PiHoles is another exercise in frustration that I've simply never made work - I have two DNS servers but literally only one can work with everything forced towards a pihole because of limitations of the Ubiquiti software. It's also worth noting that their release roadmap is garbage. If you're expecting a feature they say is coming, expect another generation of the hardware before you expect that feature to be added. Maybe even expect something entirely unrelated to be released first too. They're not priced like enterprise kit, but try and emulate it - The support is garbage too, to compensate for that. Alllsoo, the UI changes sometimes, and not often for the better. IMO the latest UI is complete arse. But on the other hand, I'm not in it much, so. Personally, I'd only use Ubiquiti for their Wifi stuff (Maybe their cameras) these days. Single pane visibility is great on paper, but really when I have Putty and WinSCP connections saved for every device because the devices can't self update every now and then, it's rather.. Pointless. Switching gear runs too hot for home, and fails too often in ways the support will - IF you can reach them - Tell you to do one rather than help. Seen a couple of homebrew PSU replacements on various switches now. For my money I'd sod the switch off and pick up something else entirely.
Thanks for that input, much appreciated. Heat isn't much of a worry, I have a spot picked out that is nicely ventilated and can easily have more added without much noise if things get a little on the toasty side. I have to admit that one of the reasons why I was looking into the Ubiquiti stuff is that it is very much designed (at least from what I can tell) to be very well integrated at least in terms of the management side of things (yeah, I know, that's how they get you - found that out with all the Google kit we have kicking about here...) I may well have a look around at other switches, especially the second hand market.
Honestly, for switching, I'd not be that fussed about Ubiquiti anymore. It's nice seeing the map all the way from the top to the bottom, but there's bugger all of any interest that another brand couldn't do better, for longer. And quieter. It might also be worth considering scrapping the CloudKey for another controller option. I ran mine on a Pi for significantly less than a Cloudkey, and more over when there was a data leak that was rather poorly handled at the time, I wasn't affected because it was only CloudKey synchronising to the cloud stuff that was a problem. I'd suggest taking a peek at the /r/ubiquiti subreddit some time, there's quite a lot of moaning on there (Because of course there is) but it does highlight problems with certain pieces of ubiquiti kit. I've seen a lot of chatter on the UDM Pro - A lot of it seems like people trying to do things that it's not intended to do, but only you know what you might want to do!
I'm not sure if my usecase matches yours, but we recently had an extension done, and in the process i got the whole house wired with cat6 (minimum 2 ports in each room). I also had two "high level" ports put in specifically for Access Points. I'm currently running 2 Unifi APs (which ones exactly i cant remember, but i got them from @saspro), using a the cloud key software running on my "server" (repurposed Win10 box), and powered by a TP-Link 4 port PoE switch, daisy chained into a 24 port TP-Link Switch for the rest of things. The APs were temperamental as hell to start off with, had to factory reset one of them at least once a fortnight, but they have settled down, and now are working "flawlessly" (probably just jinxed it writing that).
we just upgraded at work. mikrotik RB1100 router into 2x 48 port usw-pro ubiquity switches and a gen 2 cloudkey with 3 unifi hd APs scattered about the office. our speeds doubled the old gear was holding it back that much! At home I have just installed a pfsense router into a 24port poe switch with 2 x ubuiqiti in wall HD access points and the unifi controller running on my server. the ubiquiti switches and ap points have been rock solid in both situations but I am impressed by the mikrotik routers. Well worth the money.
OK, that all makes sense, thank you. I have scribbled up a quick image of what I have now, (yup it's all sorts of basic, but I'm used to drawing notes on single line electrical diagrams...) My main goal in this is to eliminate the really weak points in terms of speed and general reliability, that is the wireless linking between the 3 parts of the network, as well as the Google routers in general, they are nice enough, and pretty reliable, as well as being OK for our current speeds (mostly), but their UI and options sucks. I can only control them from my phone, they do a lot of their stuff automatically without me being able to jump in and set up anything. For example, they are supposed to continually monitor the other signals that are around and automatically swap around to better/more open and free channels as needed, but there is nowhere I can go to say "hey, use this channel, it's completely empty". I can do more in terms of monkeying around and customisation with my Virgin router. What sorts of bits and pieces would you recommend that I look at? I need to have gigabit for all the ports in the rooms that I will be cabling into (at least 12 points), and I may well be expanding on that at some point for things like cameras and access points (looking at 2 to start with as I mentioned before - @ reinforced Faraday cage stuff). PoE would be a great benefit although I can add in a PoE injector if needed. I don't mind going second hand / refurbished if that is going to be getting me some better stuff, and as for setting up and interfaces, I'm sure I can learn at least enough to sort myself out.
Unless you have cash to burn, start as small and as simple as possible to cover off your initial needs and then build/expand from there. If you're adding wiring, then a switch to cover off all the ports you're expecting to use at first, and a small POE capable switch to power the APs would be my starter for 10, and run the cloud key from your own machine (it doesn't need to be running 24/7, you only actually need it to configure the APs initially), and see how this compares to your current setup. Then when you're comfortable look at expanding the provision, a bigger switch, a switch with integrated POE, add a firewall, cameras, PiHole, etc. I always (try to) take the KISS approach with IT, and start small and work incrementally.
So.. I kind of have a similar setup myself. That's what Ubiquiti sees as my 'network' map. Becci's work laptop doesn't show up because it basically sits on a VPN, but it's hard wired into the switch upstairs. Interestingly neither does it see either TV - I presume this is related to hardcoded DNS on both of them, and the aforementioned arseache in killing hardcoded DNS with Ubiquiti hardware. In reality it's a bit more.. Messy, but. So Ubiquiti isn't seeing the HP dumb switch in the bottom of that picture - Which is why it thinks there are 13 connections on an 8 port switch. Conversely, it does see the other UI switch in the lounge. The HP dumb switch is a result of not having bought a bigger switch (18 or 24) because of the noise, cost, and having the HP to hand. I suppose it really depends on what your cabling plans are. If it was up to me it'd be wall boxes in the rooms to a patch panel wherever the kit is going because that kind of stuff is suuuper cheap. My parts list would be, if set on Ubiquiti; Network; 24 port patch panel x 1 Wall boxes&sockets x however many Cat 6e solidcore - One box/roll/whatever. Probably about 300m. Kit; UDM Pro x1 24port PoE+ switch x1 - My preference would probably not be UI. I'd look for refurbed Aruba kit personally, I'm most familiar with their interface and management. I see a few aruba 2530 J9773A's for reasonable money on Fleabay. 8port PoE+ switch x1 - The US-8-60 is okay but mine have issues doing self updates. I'd probably still stray into Aruba territory if budget allowed. I see a smattering of 2530 J9780A's for reasonable money on Fleabay. AP-AC-Lite x2 If I understand the UDM Pro right, you don't need a cloudkey or anything else to run the Unifi controller software. I quite like having the switch in the lounge, both it and the one in my office are US-8-60w jobbies, and both run a PoE UAP-AC-Lite each, the office runs the PiHole over PoE too. According to the console 'core' is using 6.25w, and the lounge is using 2. The access points are pretty easy to throw in, and if bought new come with PoE injectors if that was a problem. But I'd start with two anyway, because as mentioned the suggestion tends to be whack the AP's on 'medium' power to better serve the transition between access points. Anecdotally I've tried it with auto or high and the transition seemed more flaky, presumably because the connection to the further away AP doesn't die off totally.
UDM Pro runs network, protect, access etc - so no Cloud Key needed. I'd personally suggest if you want any more than a dumb switch, and are getting a UDM-Pro and Unifi APs, to stick with the unifi ecosystem for everything networky. Whilst it's true there are plenty of other options out there that are as good/better/cheaper/etc, managing them all in one place is more than the sum of its parts, unless it's the management itself you get a kick out of. And do remember managing your network isn't always voluntary. The hotness varies I'd say - of my kit... Enterprise-24 is pretty hot/noisy as expected with 16 POE devices, 16-XG is surprisingly cool, 48-G1 and 16-150 in the middle but run passively, US-8 remarkably hot for what it is. I'd not bother with 10g unless you're fully committed to 10g (i.e. a 10g switch and clients) - 10g uplinks give you little over simply aggregating 1G uplinks on a 1G switch, the likelihood of you saturating even a couple of 1g uplinks at home is infinitesimally small, and if it's not then you should probably go the whole hog with a 10g switch and clients. I'd also question whether for two APs it's worth getting a POE switch at all - it's definitely more convenient and tidier, but a couple of injectors really isn't all that bad and can be integrated pretty easily. It would save you a big chunk, and maybe by the time you decide the injectors are no longer viable you will have expanded your network to consider 2.5g, 10g or more ports anyway making your initial 24p no longer viable. @liratheal - That's just the auto-generated one in the topology tab? Looks totally different to mine... like obviously the network does, but the background, link colours etc. This probably suggests I should take some time out soon to update software...
It is - I am running the most latestest version though, because I have multiple backups to roll back to if it goes arse over head.
I tend to do big-bang network, server and storage updates across one sitting - but the effort and time involved tends to mean I probably go longer than I should between updates.
I tend to do as many updates as I can be bothered to as often as I remember that updates are a thing. Usually when prompted by people talking about either the UI controller software on Reddit, or PiHole also on Reddit. Most everything else automatically updates. Except ESX, but.. If that ain't broke it ain't getting "fixed". Edit: It is worth noting that it's not wrong to say the 8-60 is warm, but the 8-150 with all PoE ports populated is hot. And it bears worth noting that the 24 and 48's that have tainted my opinion have been running ~10 PoE devices on average, so tend to get toasty and subsequently loud 'cause 40mm fans. Also seems common to complain about them on Reddit, especially when they pop.
To be entirely transparent - I'm currently looking at a Mikrotik hEX S or RB4011iGS+RM as a replacement for a few parts of the network - Likely the USG and the HP switch if I go with the RB, just the USG if I go for the hEX S.
Have a RB4011 sat on my desk right now, but I am going to stick with the pfsense for a bit.. Nice looking piece of kit though.
I have toyed with a PFsense, been down that route before and didn't hate it, but I don't really have the space right now for some custom box even in a 1U chassis. I could mash a VM into the ESX box with a dedicated network card, but I don't want all my eggs in one basket with regards to internet access. Especially with how often I tend to faff around with that box. At least not until I have two ESX hosts I can live migrate between.
