I really wouldn't like to migrate away but I can't say all the info that's been coming back has been making me want to have them as a part of my network infrastructure.
I want to fire Ubiquiti, but where can I go to get my router, wireless access points and switches in one management interface? There are plenty of poorly performing consumer grade options out there which hide all complexity, but they break in fun ways (eg: Google WiFi creating loops in the network when users try to do wired backhaul) and only tackle part of the stack.
I really just want to manage an OpenWRT based network with one central web interface and not have to deal with corporate/state entities deciding to push fun changes out in the management interfaces that power these systems.
I keep seeing the requests for central management interface, which leave me somewhat puzzled. Why do you need in a home environment? I run a small network with one big router and several access points, and at least with Mikrotik's gear, it's pretty much fire and forget. It has CAPsMAN[1] to centrally manage wireless networks, but I've found it to introduce unneeded complexity. Auto-updates[2] don't need any central management either. Monitoring can be done through SNMP[3], and there's a REST API too[4].
I have a good deal of experience with Mikrotik's offerings, and I am not looking to power networks I support with a patchwork of different systems that each have their own interface.
Most of the value proposition of the Unifi lineup is I can look at a single website that I host and see the WiFi clients connected to an access point, what switch feeds that access point internet (and whether its linked at gigabit or 100Mbps), uptime on all devices involved in the stack, whether the client has poor WiFi quality, trouble DHCPing, etc.
The single pane of glass to view everything when I am many miles from the networks I support is essential. Compared to when these sites were on PFSense before migrating, these networks have improved uptime, rapid remediation of issues, and changing VLANs, SSIDs and labeling each client on the network is a snap.
Edit: Borrowed /u/bpye's single pane of glass term
I don't use a UI.com account to connect to the Unifi controller I host (as I don't need their inconsistently working NAT traversal to get to my controller), hopefully the networks I support are safe due to not being entangled with Ubiquiti's cloud infrastructure.
Anyone who is forced to get a UI.com account (eg: UniFi Dream Machine and UDM-Pro owners) should change their credentials and do a factory reset on their routers and Access Points ASAP.
> do a factory reset on their routers and Access Points ASAP
This is a miserable user experience. If you do a reset and don’t know the SSH password on APs or cameras you get to spend a hellish few hours crawling though ceiling insulation, climbing ladders and physically resetting devices. It’s so shit. I’ve just done it, but not due to security concerns, but instead because of a UDM-P crapping out randomly.
Similar to the other responses, it's the fact that I can manage my network remotely from a simple app or UI. This helps me answer phone calls from my family asking why Netflix doesn't work on TV #2, when I'm not at home. Won't solve all problems, but at least I can narrow it down and troubleshoot.
And I like the fact that I can an overview of the state of my network; one of my wired links to an AP would degrade to 100 Mbps at times, and being able to see the link speeds easily was very helpful (it was a bad ethernet cable in the end).
Before I moved to Ubiquiti I had a spate of problems with my fiber broadband, which would stop working for a few minutes at random, resetting my RDP connections. I had a vendor-supplied Linksys (I think?) router, and trying to troubleshoot it was painful. If I ever have such problems again I'll have much better diagnostics.
That said, I won't buy any Ubiquiti gear that requires the cloud, and my faith in the company is eroding. But, like others, I would be at a loss what to replace my gear with at the moment. I just hope it'll function well enough until either Ubiquiti gets it act together (again?) or a viable competitor arises.
Network cables (copper and fibre) have a limited bend radius. Most people don't think about this and will bend a cable beyond tolerance, which will eventually result in the cable not working correctly, and/or manifest as intermittent issues.
I suspect that's the most common cause of network cables 'going bad' in the home.
I learned this back in school, when the previous years students had laid new Ethernet cables from the classroom to the server room, but the machines would only get 10M and not 100M link as they should.
Didn't take us long to notice they had laid the cable like electricians, neatly following the contours of a few door frames with tight 90 degree bends.
> I keep seeing the requests for central management interface, which leave me somewhat puzzled. Why do you need in a home environment?
Crap wifi was a huge thing I dealt with. Unifi fixed that completely. The ability to run a relatively complex network (by home network standards) with multi access points is nice, but the ability to administer them without CLI interface is great. I loved my edge router but touched it with trepidation. It was rock solid except when I was sucking with it. Unifi suits/suited the enthusiastic amateur.
> I run a small network with one big router and several access points, and at least with Mikrotik's gear, it's pretty much fire and forget.
Unifi used to be too, with an interface that was a bit difficult to navigate (settings spread among about 20 tabs, but it was possible to get the job done without sshing to components).
Now it’s flakey. I just rebuilt my last week which was working fine but I couldn’t log in and the UDM-P screen said it required resetting. Dark times.
To answer this for me personally (and I suspect this is a pretty common answer): To use the best, and to explore technologies that I might suggest to business clients.
Business clients love central management interfaces.
As well, I’m honestly kind of done with managing fiddly “snowflake” devices, and central management interfaces usually come with the ability to standardize the config across devices.
I definitely don't "need" it. But it's veeeeeeeery convenient. Especially when it comes to security, being able to see which devices have updates and perform them all from one screen, is extremely convenient. I'm highly interested in paying for convenience at home.
Thankfully I don't use their cloud based management interface -- as far as I know this breach does not affect my local UniFi Controller. Hopefully this is a rude awakening and Ubiquiti goes back to their old consumer focused approach.
Frankly I wonder at how big some of these peoples' houses are. My single seven year old Nighthawk router covers an entire 2300 square foot home and penetrates the brick walls to reach halfway up the street.
That’s not my experience, all the way from Meraki enterprise access points to the standard consumer WRT54GL.
First problem is 5GHz is terrible at going through walls, I don’t believe it will even go through a single brick wall and maintain decent bandwidth. Even 2.4GHz is considerably slowed by 2 or 3 drywall/plywood obstructions.
Second problem is can the mobile device you’re using return that signal through all those walls to the access point. I have noticed an huge increase in quality and snappiness of FaceTime and other high up and down bandwidth activities once I added more access points so that connections are going through only 2 or 3 walls.
For another reference, I have a hotel that needed to upgrade its network to meet the brand standards for signal strength in all the rooms, and we had to end up installing 6 access points in the drop ceiling of each hallway 15 guest rooms in length (each guest room is ~15ft wide, so the corridor was ~225ft long). It resulted in the elimination of almost all guest complaints about the wireless network.
Mine's only slightly larger than that (mostly by virtue of having 3.5 levels, not by X-Y size), but the original plaster walls attenuate the hell out of 5GHz signals. I have two APs, one in the basement and one on the second floor and even with that, I'm considering adding two more inside and a dedicated one outside to serve the patio/BBQ area as I can readily tell the speed difference to internal file and backup servers if I'm in the same room as an AP vs on another floor or outside.
Make no mistake, it still "works" with just one, only slower.
Somehow I have managed to spend most my time in a house that has concrete and brick stopping 5G, a house with wooden walls that block RF and foil insulation under the floor which is even worse, and a workplace environment that has literal faraday cages all around.
I like UniFi in wall access points in the room I’m inside.
My house is about that size. My detached garage is 400sqft. My barn is 1600 sqft. And my travel trailer is 37" long. My network comes into the house and the wireless needs to cover all of the structures because we need into in all the places. It's all spread over about an acre and a half. I run ethernet to a PoE AP in the garage, through an overhead crawl space that covers thale span between the house and the garage, I have b2b radios between the house and barn and the trailer has an LTE router/wifi repeater that picks up wireless from the barn.
Not super complex but no single nighthawk is gonna do it and the unifi management interface does the job. I'm not cloudy though.
Probably not big by US standards, but WiFi attenuation across multiple floors is such that an AP in the living room won't provide any decent signal one floor straight up. Depends on the materials and layout of your house...
This also means you can re-use a frequency with just one floor in between and no issues, and with a horizontally directional antenna, possibly even on adjacent floors.
I run two AP's hard wired to the PoE switch in my closet. These AP's being in the hallways on opposite sides of my home. I run them at lower power so I don't have an excessive amount of RF blasting into neighbor's homes, but I still get good signal quality to/from each AP. Because I now have two AP's running on different channels I've effectively doubled my network throughput overall.
One important thing to think about when planning your WiFi deployment is if you have things that have poor connectivity, everything on that channel suffers. I can have several devices running at several hundred megabits of quality, but a single device being really slow bogs down the channel and suddenly everything else starts getting lots of jitter and overall poor network performance despite most devices having good signal quality. Also, your device may show it has good signal strength but it might be poor quality (bad SNR) so in reality its a poor link speed. Having things physically closer usually results in better average SNR, meaning higher speeds for everything on the channel.
Also, as others have mentioned 5GHz might make it through a wall without a lot of stuff in it, but its not going to penetrate very well through several walls. Having my AP's in the hallways means there's usually only one wall with minimal stuff in it between a device and the AP, so each device usually reports at least several hundred megabits of throughput possible.
I feel the same way - my Nighthawk is going strong with custom firmware, but my friends with Ubiquiti gear try to get me to replace it with a bunch of Unifi stuff every time I talk to them.
Depends a lot on the house. My house is <2000 sqft, but signal, especially 5Ghz propagates poorly though old school plaster walls.
It wasn’t a problem until covid when multiple meeting or other streams just performed poorly on a marginal network. The Ubiquiti gear made it easier to run antennas for optimal signal.
The hot thing to do is to shit on them, but I’ll be sticking with it. They’ll emerge better from this crisis and if you think that any competitor in this price point is better, you’re delusional.
COVID had me setting up more UniFi APs. It held up incredibly well for moving large files across VPNs and running multiple Zooms for work places and school.
COVID must have been a massive boost to their bottom line.
I’m no market analyst, but the last year, even including the last week, has been very good to Ubiquiti.
My house had a problem since the cable came in on one corner of my house, and my office was on the other side. Browsing was ok but things like video calls suffered, at least until I went with a Unifi BeaconHD.
Getting signal to devices isn’t a problem, but it’s not easy having an AP receive signal from a low power device. Multiple APs is the way to go in my experience.
People want a power-user Meraki for the home that isn't tied to a cloud service. It's really as simple as that. Ubiquiti gave them that until they didn't. And now the inevitable breach has occurred and users are looking for a replacement.
Its pretty simple, having each device individually managed is archaic, a pain in the ass and there is no technical reason why it has to be that way.
Skipping wifi 6 seems like a smart move, with 6E on the horizon. It includes all the things that should have been part of the standard in the first place, so why get your hardware certified for 6, if you have to get it recertified for 6E anyway shortly after?
6 doesn't add very much over 5 in real world setups, very few devices even support 802.11ax yet, and the bleeding edge has never been Mikrotik's target segment.
6E gear is not really available anywhere yet, so it's really only an issue for people who just have to have the latest gear at all times. For the majority of people, 802.11ac/wifi 5 is what their hardware supports, so that's what they need.
As far as I know, that concerns 802.11k/v/r, MU-MIMO and beam forming, which many other 802.11ac devices also don't support, so it doesn't bother me. Then again, I'm not running an enterprise setup and I've never been one to meticulously make sure I get every single feature in the world on a spec sheet.
The hAP AC² serves my home networking needs quite well, with an additional AP to better cover the whole apartment.
It's an interesting idea to have a single pane of glass management experience for OpenWRT - given that all config is under UCI [0] it seems very possible. One of the things on my todo list is to try and get Nix to push config to my Unifi APs when I flash them with OpenWRT.
I know TP-Link is no Ubiquiti, but I run two identical small networks (VR-2100 routers with RE-200v4 extenders running in mesh mode), and it's pretty solid so far.
You can access your network from Tether app via cloud if you wish, too. When you enable Mesh, everything is controlled via the router. You don't need to manage anything on the extenders.
RE200 can work as an AP if you can get them a CAT5, or can provide wireless to Ethernet capability. I don't need home-wide VLANs and other exotic stuff (for a home network), but you can adjust QoS on the router in three levels and it has an embedded OpenVPN server if you fancy.
While not network related, you can temporarily or permanently turn off all LEDs on the devices so they don't create any light pollution, something I love to have.
All in all it's a great package, for my home network, at least.
Keep an eye on the Cisco Small Business line - no subscription, firmware updates without an account (yes, I am still talking about Cisco) and while the management console is a bit weak, I'd wager Cisco will mature faster than UBNT can get their crap together at this point :p
> Google WiFi creating loops in the network when users try to do wired backhaul
That's very surprising to hear. The decades-old spanning tree protocol can prevent that. I in fact have a friend who has done the exact same thing (Google Wifi with wired backhaul) with no problems. It switches from 802.11s to STP with no problems.
During this week I've been playing around with replacing my USG with my existing home server - it already has two NICs - my first thought was to run OPNSense in a VM but nftables on NixOS seems to work well enough - there are a few examples floating online [0,1]. OpenBSD even supports the USG [2] but I couldn't think of much reason to keep the extra hardware.
The next thing I want to do is reflash my Unifi APs with OpenWRT [3] - the hardware is fine, but at that point I'll get all the support without the controller software.
My home environment is fairly basic so moving away isn't too hard - this would obviously be much harder for a small business...
That’s odd, the link works for me but the wiki was very slow earlier. From what I’ve read Ubiquiti have made it harder to flash new hardware, but even the new ax APs are supported by OpenWRT. There is a commit with some info - it seems there is a way to disable signature verification [0].
I _do_ run opnsense in a VM and am very happy with the setup. My requirements for APs are simple but hard to satisfy. Ceiling mount, PoE, present-day-best 802.11 standard, and openwrt-capable.
I had assumed a setup which had several VMs, with one being a PFSense or similar to be less secure than a standalone firewall. Reading about the pros and cons leads me to conclude that security in a virtual setup is just fine.
I really just want to manage an OpenWRT based network with one central web interface and not have to deal with corporate/state entities deciding to push fun changes out in the management interfaces that power these systems.