The bane of my existence has always been wireless - family stopped complaining when I switched all the AP's to Ubiquity.
Never rebooted - uptimes in months and they are on battery backup.
It is amazing how much the stock firmware shipped by the likes of Broadcom/Realtek sucks so much - it is not like Mikrotik/Ubiquiti makes their own SOC's to make it more realizable.
I have 2 Ubiquiti U6LR APs serving most of the house (and 2 more older AC-Pros serving the yard/outdoor patio and lower priority/IoT networks in the house). I frequently get complaints from my kids that "my phone doesn't work very well on the WiFi at my friend's house".
The older one finally asked me "do you think the WiFi is just super-good at our house?!"
Speed doesn't matter, but packet loss and latency does.
People are surprised that I have the smallest fiber package (150Mb/150Mb and it's more than enough) and I have "better" internet than their gigabit cable.
QoS and other queue management strategies can help significantly to prioritize latency-sensitive apps (by deprioritizing less sensitive traffic). fq_codel for Ubiquiti [and some others] or other "smart queue management" configuration.
I'd like to see something with 6e but these are still incredible:
- Fast
- Wide compatibility across devices
- PoE
- Put it wherever you want, doesn't have to be in some closet near your modem/router/etc
- Just works. Really. I've run Ubiquity APs for years. Throw devices at it, literally never worry about Wi-Fi again. Say goodbye to it flaking out, slowing down for whatever reason, the occasional reboot, etc.
- Need more coverage? Plug in another AP, couple of clicks, done.
I run a local controller in an LXC container (VM, docker, local, etc available too) with all local login and none of that cloud and phone home stuff enabled.
One thing I like about ubiquity aps is that you can configure them with whichever controller you like and then remove/disconnect the controller but the AP still runs on its own. For years.
However, I wonder if this is true in either repeated or multi-ap setups ? That is, if I configure an AP and then one of those wall-mounted directional ubiquity repeaters with another AP on the other end … shared SSID … can that configuration run with no controller?
Yes. I have two unifi AC pros and two inwall APa. For the longest time , I had the controller as just an app that I launched on my desktop whenever I needed to change something or apply an update the APs. Then I would shut it down. Now I run the controller in a docker container , so the APs autoupdate. But to your original question, always running the controller isn’t required.
I just found out the other day that the original AC-LR is no longer supported in the most recent controller software and hasn't been for a year or so. It still works though. Probably time to upgrade :D
U6-Mesh were $179 MSRP but are going for $250-350 because of supply chain issues. The heat of the APs means they're working... or you're getting a radio RF burn. ;)
After several big-name routers that all sucked ass, and finally one that got hacked, I switched to Ubiquiti products. I have an EdgeRouter X and an AP AC Lite.
After several years of use, I can say that Ubiquiti software and support are trash. Their configuration app (I used the iOS version) almost never works, meaning that it almost always fails to find the AP that is one foot away from the phone. It also suffers from unprofessional UI-layout defects. Their Mac app won't run until you manually strip quarantine flags from it because it isn't even signed... then it won't run because it relies on Java 8, and Mac OS hasn't shipped with Java in a decade. And if you jump through enough hoops to get it to launch, it fails to detect any Ubiquiti devices.
Once I somehow tricked their iOS app into communicating with the AP and got it working, it did work for years and has pretty good range.
But now (and this appears to be a somewhat common problem), the AP randomly stops sending data on 2.4 gHz. Here's one of several posts about it: https://community.ui.com/questions/AP-AC-Pro-problems-with-2... And it appears to afflict multiple products.
This can last from minutes to days. Although you're connected to it, you can't even hit the router. Ubiquiti support is utterly useless; it's as if they do everything possible to drag out interactions until you go away, providing vague, terse, one-sentence answers every couple of days that contain no specifics.
My impression is that Ubiquiti is just hanging on, coasting on existing technology and doesn't even have support staff that knows how it works.
My understanding is that when there is a power failure in the neighborhood, the broadband provider's equipment is usually offline as well.
Of course, the answer is probably: "it depends on your broadband provider's local hardware setup." But I would be interested to hear peoples' thoughts.
We have AT&T fiber and it continues working when the power is out, at least for longer than my UPSes last. We have a fair number of short power outages, and I've never had an AT&T outage at the same time.
> My understanding is that when there is a power failure in the neighborhood, the broadband provider's equipment is usually offline as well.
I had a friend with a generator who got the opportunity to test this due to an extended power outage. Although I agree, it probably depends largely on how well your local ISP has their act together. He found that Comcast (consumer-grade Internet) in his neighborhood was actually able to keep Internet service running for a little over 24 hours. His generator evidently outlasted Comcast's generator and he lost Internet on the second day.
I'd love to see neighborhood-to-neighborhood, ISP-to-ISP comparisons of Internet connectivity longevity in the event of power outages.
Power outages are frequent enough that I invested in a 100AH battery and inverter to keep things going - the local fiber loop remains online as the local POP has batteries so I only need to power the ONT.
My house is brick/mortar so I need 2 AP's to cover the entire house - the AP is one kids bedroom - she insisted a wired LAN connection for her PS5 (online gaming and ping/lag) so I needed to power both a small switch and the AP - got a 12V battery system for that.
I've, historically, kept my cable/dsl/whatever modems and wireless routers on a UPS and almost always still have connectivity when the power goes out. The only exception was during a hurricane, which seemed like a fair exception in the scheme of things since power was out for most of the city for 1-2 weeks.
Not really true at all times, but may be for your situation. Comcast put gennys on our node recently and it works. So even when power goes out, internet stays up.
It's not exactly normal, but it's probably a common enough experience in the US with 120v circuits and 15A breakers. Especially if in an old building with imperfect wiring causing excess resistance.
Many devices also operate less efficiently in high heat. If the AC unit is on a circuit with other devices, it is possible that the influx current when starting the AC unit trips the breaker. One might even be able to get away with 2 AC units on a 15A breaker as long as both compressors never start at the exact same time, but cause a trip when then kick in together.
I started with ubiquity, but the company seems to be playing games (and it annoys me how the latest controllers don't properly handle EOL APs a few years old) - So I switched to TPLINK Omada - no problems so far.
Is this a situation where one company decides to break from the pack and care a little about security and then social media dogpiles them for not doing more?
> Is this a situation where one company decides to break from the pack and care a little about security and then social media dogpiles them for not doing more?
I believe they did something like force cloud-login with some software update a few years back.
I have some Ubiquiti stuff, and it works fine, but I've been meaning to look deeper into all this, but I just haven't had the time. I just stopped updating the controller software (none of their gear is external-facing, and IIRC it's only needed for configuration/management) because cloud login is an absolute dealbreaker for me.
> I believe they did something like force cloud-login with some software update a few years back.
No, what they did was update the software to prefer cloud-login and push you to set it up during onboarding for new products because they use cloud-login for remote management and anti-theft/device tracking.
It's always been entirely optional. I just set up a new network because I moved and gifted my previous network to the buyer's of my prior home. I'm still using local accounts only with no remote management, and it works perfectly fine on the latest generation of Ubiquiti gear with the latest firmwares. The only thing I login to my UI account for is to use the store and buy hardware.
The other thing with Brian Krebs was a faked security incident by an insider who was trying to extort money from Ubiquiti and Brian Krebs played the fool by assisting them.
Granted, there are /many/ issues I have with Ubiquiti, but generally speaking if you use local accounts and keep the firmware updated it is no worse than any other edge networking device exposed to the Internet.
> No, what they did was update the software to prefer cloud-login and push you to set it up during onboarding for new products because they use cloud-login for remote management and anti-theft/device tracking.
Was that all? Did they add telemetry or something else? I had read that I'd need to edit some text config file or something to opt-out of something I didn't want, because they provided no option in the UI.
> I just stopped updating the controller software (none of their gear is external-facing, and IIRC it's only needed for configuration/management) because cloud login is an absolute dealbreaker for me.
Yeah. Updates used to be a nightmare. I had to worry about Windows updates, Java updates, and of course Unifi updates.
I have 21 APs all controlled by the container on a Raspberry Pi 4. It's not even breaking a sweat. When I want to upgrade the Unifi application, I stop the container, and re-run the command to use the newer Unifi version. Three minutes later, it's back on the air.
You can turn off the remote login. It's encouraged as the default, but not necessary.
Even the local login, from a device on the network, can be set up to require two-factor auth. That alone makes it more secure than a lot of consumer-grade stuff which only requires a password, which is often never changed from the default.
I'm happy with my Unifi Dream Machine as a one-device home network. I thought about getting rid of it a while back when some bad press about Unifi security was published, but it turns out it was fake news and Brian Krebs has lost all credibility in my eyes for continuing to promote it even after it was debunked.
No, I think GP is referring to their big data breach last year[0]. From TFA linked in that discussion:
> the attacker(s) had access to privileged credentials that were previously stored in the LastPass account of a Ubiquiti IT employee, and gained root administrator access to all Ubiquiti AWS accounts, including all S3 data buckets, all application logs, all databases, all user database credentials, and secrets required to forge single sign-on (SSO) cookies.
It has shaken a lot of people's confidence in Ubiquiti's internal security practices.
I wonder if you saw the update to the article in the discussion you linked? The attacker was a software engineer who worked at Ubiquiti. I think it's fair to criticize any internal controls that allowed a single engineer to have this amount of access, but from other discussions[1] it sounds like he was unique in this organization.
I had started down the path of going all Ubiquity ~5 years ago. I started with cameras and their camera controller. It was super flaky, when everything was working, it was great, first class app experience. But any time the cameras rebooted (power outage, firmware upgrade), I would literally spend days with some cameras offline, until multiple reboots of impacted or all cameras would eventually fix it.
Then, a few years in a firmware upgrade to the switch (their 250W PoE switch) caused it to start isolating my Google WiFi APs because it would do some loop detection. An hour on the phone with their support (which in that instance was really good) resulted in a a prognosis of "This particular loop detection can't be turned off." So I had to drop a dumb switch in front of the Ubiquiti for the Google APs. I was considering replacing them with Ubiquiti, but needed to run some more wire throughout the house to get what I needed.
Then I ran into a firmware upgrade that bricked 3 of my 4 cameras. After going back and forth with their support and getting nowhere, I just gave up. I had replaced the controller with the CloudKey G2 at one point because the old one was no longer supported, and it seemed to help with but not totally resolve the days of rebooting cameras situation.
Honestly, having the cameras bricked was a relief, because of all the consternation that the firmware updates had been causing. I just couldn't bring myself to buy new Ubiquiti cameras.
I ended up pulling out all the Ubiquiti hardware, replacing it with $200 4K very low light cameras that are just amazing (rebranded HIK Vision, "Montavue"). I'm using BlueIris for the camera controller, which is fine. Still using the Google WiFi, which continues to work great. I have 4 APs (one in router role, 3 spread around the house).
I am not 100% happy with it but it is the best prosumer option I can find without making managing home network a full time job for myself.
Security wise it is not great, but I don't think it is worse than other consumer products (tplink, netgear...etc). At least ubiquiti patches vulnerabilities reasonably fast.
Their cloud infra sucks and the whole data breach / lawsuit drama people constantly bring up was all because (I think?) a former employee had a static AWS access key with admin level access. Small companies are usually not good at dealing with internal threats. I don't use the cloud service anyways and self-host the network controller.
Now my biggest complain is that I have to manage a mongodb 3.x cluster for the controller...
I know there are community maintained container images. "They" don't have an official one though. In fact I run it in a container as well, but I configures it to talk to an external mongodb cluster.
I need it to be an external cluster with some redundancy, so that I can easily backup the database, fix file corruption, and deal with other database errors.
Every since they moved their firmware development to Latvia, the pace and quality has decreased significantly.
I picked up a couple of Grandstream Wifi 6 APs to try and other than the gawdawful update process (that has thankfully improved - but you still have to get past the ridiculous initial firmware) they are wicked fast and so far a lot more stable/consistent than the Unifi counterparts. The unifi controller is indeed very slick/pretty to look at, but over the years I've come to realize that the "stats" it reports aren't very accurate so I'm back to librenms to gather/report on my network statistics.
Pretty funny that you identify Latvia as the turning point. Mikrotik is also from Latvia.
I still think Ubiquity rots from the head and whether they mismanage teams in one country or another should not reflect on the country the people are working from.
Intentions matter. If they outsource the development only for cost cutting reasons you'll get what you payed for. It has nothing to do with the capabilities of an average engineer in Latvia.
Me and some other colleagues worked for a US based company from Hungary. The company payed us well according to Hungarian standards, but wee where cheap according to US standards. (The payed US junior salaries for senior people). The people in the team were very knowledgeable, efficient and we delivered a lot of great stuff. It worked well for a couple of years, but then the company got greedy. They hired people from another outsourcing company from Ukraine (I think) and this time they went for the cheapest. The people we got only had little work experience and they paid by the delivered story point. The code quality suffered as they wanted to merge everything ASAP. I left shortly after for a different reason, but as I heard from previous colleagues the company went downhill after that.
So outsourcing can be a turning point, but for a different reason than you think.
I don't think you said anything different. I just wanted to bring an example that outsourcing can be a turning point for a company, but it doesn't mean that outsourcing is inherently bad.
I have an odd issue that clients on the AP cannot communicate with clients connected to the switch. As far as I can tell, this is nothing something in the switch or ap configuration.
I've deployed Unifi equipment in a number of small home and office environments without any problems at all. Some have been running for a decade or more. Management is a piece of cake and in homes it has high SAF (Spouse Appreciation Factor) because it just works.
If you have questions where you think I can help, drop me an email.
Just don't upgrade your firmware unless you have a damn good reason to and you will be fine with UBNT stuff. It's borderline criminal that automatic updates are turned on by default :p
I just swapped out my Ubiquiti Dream Machine for an eero Pro 6e because the UDM kept needing a hard reboot in the middle of the night and was very, very noisy. It's the only consumer router I can think of that both needs a fan and idles at 80℃.
This was partly why I recommended Amplifi to my parents. I like that Ubiquiti finally has a consumer brand this is mostly "off the shelf" configured.
I don't think Amplifi is getting enough love in the consumer market today. I know anecdotally when walking my parents through the Amplifi purchases I had to ask a Best Buy employee to leave and stop confusing my parents because he didn't understand why anyone would want the "weird new" Amplifi brand and not "the better brands" Google Home or Netgear Orbi. I didn't feel like explaining Ubiquiti's decades in Enterprise to the kid.
It doesn't help that Ubiquiti has had some recent troubles, and I'm still not sure even Ubiquiti knows what the long term horizon looks like for Amplifi products. But I appreciate that they are trying to make headway in the consumer space, and that from what I can tell the consumer products do show the experience from Enterprise products.
Amplifi has a poor value prop ever since UDM/Dream Router became a thing, although I previously recommended it for the same reasons you do.
It would be nice to have a less complex app/frontend management interface for less tech-savvy end users -- if you could use the Amplifi app to see status and do basic troubleshooting on an Unifi network for instance--
Never rebooted - uptimes in months and they are on battery backup.
It is amazing how much the stock firmware shipped by the likes of Broadcom/Realtek sucks so much - it is not like Mikrotik/Ubiquiti makes their own SOC's to make it more realizable.