I have nothing but good things to say about ubiquiti. I run their cameras door bell and network switches at my house and have had nearly 100% uptime for years. Their ui constantly improves and it’s very well integrated into home assistant.
Lotta haters out there but this is just advanced as I want to get in my home lab; and the racks are just so cool even with their gimmicky front touch panel, it’s just so sexy when all the displays in the rack sync up on their animations. Whoever designed these things really had an eye for design.
I still use their access points because it's hard to get anything else as good for the same kind of price, but they burned me killing the development on EdgeRouter.
So I've gone elsewhere for cameras, switching and routing.
This release is a nice point in their favour though but I can't see myself going back all in on Ubiquiti.
Their security issues in the past. Their failure to make the EdgeRouter handle DHCP and DNS properly. Etc...
I've since moved to cheap switches that support all port vlan trunks and LACP bonding, then just plug Proxmox into them and run OpenWRT in a VM for routing all the vlans. The Proxmox+OpenWRT combo even supports hot-plug virtual interfaces as more VLANs are lit up, they just pop up nicely in the web UI.
For the APs, TP-Link is less expensive and better performance. WiFi 7 and 10gbit for less money. No need to run a management OS in a VM either.
This. We used to do a lot of Ubiquiti, then the software quality went way down, their own security officer 'hacked' them and lots of other weird stuff. We were already using debian vm's instead of their horrible cloudkey devices (so slow..). We switched to Aruba Instant-On.
We still use some Ubiquiti. Sometimes i use this script on a Debian VM:
I moved the firmware if my EdgeRouter X SFP to OpenWRT, since it has been years from their last security update and recently the WebUI tripped and broke.
The router works still amazingly fine, only their software has some bugs.
I have nothing but bad things to say about my shitty UDM from Ubiquiti.
It has issues with 2.4Ghz speeds, it randomly restarts because their software is buggy as hell. Their Apple style UI sucks ass and they have a mobile app that you can barely do anything in so you may as well just go to the web interface.
They have no features like proper QoS (smart queueing does NOT count) and even just little things, like not being able to search clients by IP, or ordering by current speed never working quite properly.
It's a fancy UI over crappy code that's been duct taped together. As soon as I move house I'm moving to Mikrotik again. For APs I may keep unifi, as they're very good at that one thing, but their routers/switches suck imo.
> Lotta haters out there but this is just advanced as I want to get in my home lab
IN all fairness, that hate is reasonable. Ubiquity has _some_ things done super well. As long as your needs are addressed by the config/options/UX/API that they expose, you'll have a pretty good experience. As soon as you need to do something that isn't easy, you're going to be fighting your core network infra the entire time and that's a miserable place to be.
Stick to unifi for switches and *basic* routing. Use their LED lighting / Cameras / Access Control and other side-projects at your discretion.
The thing about the UniFi platform is it iteratively improves. Years ago you couldn’t manage NAT rules or DNS from the GUI, though there were workarounds to modify iptables at the command line and preserve customization across upgrades.
Now days, static routes, SNAT/DNAT, and DNS are all in the management interface. So.. things improve, and every time I’m back using EdgeRouters, Extreme, or Juniper elements I miss the low friction of managing UniFi stacks.
Agreed that if you need VRFs for example, DC power, and are working through similar complexity requirements, Ubiquiti is the wrong stack. I’d say Ubiquiti is not heavy weight, but it seems to address 90% of SMB setups.
This is 100a% wrong from my perspective. I host multiple sites using UniFi, old Router/SwitchOS as well as AirOS/UISP. I have many VLANs under management spanning these different variations of "old" and "new" implementations and none of them are "a miserable place to be". Maybe if one doesn't actually understand networking nomenclature or interop, sure. I happen to have a pretty deep networking background - but Ubiquiti products have actually made it easier in many cases to do some of the more advanced things in other routing platforms.
While I don't like many of the shady things Ubiquiti did with respect to OSS and for a while I did try to move away from them. However what I found was the prosumer market riddled with less polished alternatives. Microtik does offer some interesting hardware for edge cases that UniFi doesn't cover, but when it comes to a unified system Ubiquiti have done an amazing job.
The pricing has gotten a bit outrageous. For example: trying to find a reasonably priced high wattage PoE switch in UniFi's line is no longer an easy task. It's tradeoffs all the way down. I have an original (SwitchOS) 48 port GbE & 4 SFP+, full L3 with a >250W budget and replacing it will be rather pricey or I'll have to make concessions.
But overall... There's no better prosumer option - good, bad or otherwise. They haven't enshittified the product with subscriptions / software upgrades and my guess is they're making this move back to self hosted options to actually save themselves money. A win on both sides.
I just think £360 for an IP camera is too steep, half would be a no brainier over ring. Their new Lite switches replace stuff that was rack-mountable, not there's no ears are far as I can tell.
I got into Ubiquiti due to their APs being effectively enterprise level features for consumer level prices. Their coverage and quality was a cut above the TP-Link gear I'd used previously (which was, in turn, better than the D-Link and Netgear stuff that I'd tried).
So I am confused by their Camera prices being so high.
I went with Reolink on cameras and NVRs and don't regret that decision. Probably spent a third of what it would have cost for Ubiquiti. There must be some benefit to the extra cost, but I don't think it's one I'll miss.
You have to get pretty high in their product range before you hit £360 for a camera. The G3 Instant is probably the closest to a Ring competitor (Wifi, 2K video) and it's £78.
The £360 camera is the G5 Pro, which is a 4K camera with 3X optical zoom. I'm not aware of any Ring camera with optical zoom. If you don't need the zoom, the G6 Bullet is a 4K camera without zoom for £190, and the G5 Bullet is 2K for £126. As far as I know, Ring's highest resolution camera is 2K.
But Unifi isn't really trying to be a Ring competitor -- Ring caters to home users with little knowledge of networking, Unifi is more for small businesses (who use an integrator to install their system) or prosumers with more advanced network knowledge.
Especially when they die after 2 years. Bought 3 G4 Pros direct from Ubiquiti and two are dead. Apparently it's just the POE daughterboard but my RMA requests were rejected due to being out of warranty. My cheap Lorex cameras have been running for 8 years now.
They have a lot of camera models, including a lot of cheaper models, starting at €180 for the G6 turret/bullet if you want 4k or €80 for the G5 turret if you want 1080p.
I've been researching options for a new ground-up home network setup in a new house, and so far UniFi stuff is on top of my list. FTTH company will install their stuff up to an NT in the basement, and from there it'd be my setup - a UCG Ultra gateway, couple of PoE switches across the main house and outbuilding, and 2-3 Wifi 7 APs sprinkled around.
From all I've been looking at, looks like it's the most straightforward setup. Fully centrally managed via the gateway, leaves me plenty of options for PoE-powered security cameras and other expansions in the future, can be upgraded on a component basis when desired, and integrates nicely in HomeAssistant. And with all that, not even really more expensive than what seems like much more fiddly alternatives like the TPLink Omada system and others.
>Lotta haters out there but this is just advanced as I want to get in my home lab
The problem with UBNT isnt that they aren't great for your homelab. They are.
The problem with UBNT is people think "Great for my homelab" is the same as "I can run important infrastructure on this"
The problem with UBNT/Mikrotik is that people bring homelab level skills to complex infrastructure projects and then make a shocked face when they get hacked.
I set up my home network with their USG (the small square one they don't even make any more) and a couple wireless access points all the way back in 2018 and all of it has been rock solid ever since. In 7 years I've never actually needed to "reboot my router" to fix any kind of weird network problems like is common with whatever consumer junk they sell at Best Buy. It all just sits there, working quietly, and I don't even think about any of it for months at a time.
Same for me, buying my dream machine pro (and AP's) was one of my few tech purchases that I have zero regrets buying. It is still running strong after a few years and see no reason to change it anytime soon.
Have they been perfect? No, but this has allowed me to control my network how I actually want to control it.
This has lead me to now having multiple Ubiquiti components (with more planned), my most recent was switching away from Synology to the UNAS Pro and it has been great.
Really the only thing I ever bought from them that I really regretted was the tooless mini rack. Was really cool but I have non ubiquiti things that I need to mount and I doubt they are going to actually make a server I can run k8s anytime soon.
How's the "management" software? I'm planning on replacing my aging home router (which now seems to randomly drop signal) with something like a Ubiquti Dream Router, but I've no experience with the brand. As of now, I run PfSense at home (just as a hobbyist and for personal desires), and I'm curious how their offering compares, especially wrt to firewall rules, VPN support, etc.
It's wonderful. I run a UCG Max at home to support both my internet needs and camera storage. Run their other gear in several other SMB environments, including a condo where we're using it for office, building automation, and public area networking along with around 80 cameras. Dead simple to understand.
Crosstalk Solutions, MacTelecom Networks, and Lawrence Systems all do youtube videos on UI's gear and setup - may help give you an idea of the experience before you commit to kicking off your addiction.
I love my ubiquity kit, but they annoy me with half finished stuff.
I upgraded my venerable USG with the new UXG as I have gig service now. The gear is great, even supports IPv6, and uses much less power. But… no internal DNS is enabled. So now, I ended up buying a thin client on eBay to roll my own DHCP/DNS. Not fun. It is baffling to me because there’s lots of complex new features in the Unifi stack, and they already had an interface to configure static names in dnsmasq.
I went the Eufy route for cameras as the batteries were a big draw for me.
What DNS features are you missing? Is this a weird UXG limitation?
I have a UCG-Ultra and was able to set up DNS just the way I wanted. My needs aren't extreme, but I was able to set up a wildcard entry (*.apps.domain -> 192.168.x.y) and fixed addresses and DNS names for various hosts.
The configuration is in a non-obvious place now and has moved around a bit over time. Currently it hides in Settings > Policy Engine > DNS. It shows entries that come from the per-host fixed IP/Local DNS configuration (you can't edit these here) and you can create new entries here (like my wildcard or some other random entry).
I ended up with a bunch of mildly compatible products that were a totally pain to manage. It was _amazing_ when it worked well. It mostly does, but on occasional when things went wrong it was a totally pain pain to fix.
My Tp-link Deco system works just as well for my use case. It occasionally decides to use a terrible channel, but that’s fixed with a quick restart or a few clicks in the app.
Like others have said, the edgerouter issues have left a somewhat bad taste in the mouth, it felt like the product line was being ignored and abandoned for a long time.
And Ubiquiti seemed to get impacted more than other similar companies by supply chain problems that came following covid, but they do seem to have picked up again noticeably over the last 18-24 months, with lots of new product releases.
Ubiquiti is honestly excellent when it works. When something goes wrong, though, their support really falls flat, as I experienced just this weekend when my Dream Wall died early on a Sunday morning. I'm still working with a makeshift network waiting for a replacement.
># src: Mirano Verhoef
># Go into root
>su -
>
># Install all required dependencies
apt update ; apt upgrade ; apt install podman -y ; cd ~ ; mkdir 4.2.23 ; cd 4.2.23 ; wget https://fw-download.ubnt.com/data/unifi-os-server/8b93-linux... ; chmod +x 8b93-linux-x64-4.2.23-158fa00b-6b2c-4cd8-94ea-e92bc4a81369.23-x64 ; ./8b93-linux-x64-4.2.23-158fa00b-6b2c-4cd8-94ea-e92bc4a81369.23-x64 install
This is some of the jankiest install installations I've seen in a long time. Not even using && to stop on an error, just plowing ahead for more errors to stack up.
My issue with this comment is my issue with the original article -- what's the actual source for this information?
As far as I can tell, this article has no actual link back to any Unifi press release, git repo, or other project page about this, the closest the author does is link the downloads from Ubiquiti's site (as in, literally, links to the files, and nothing else).
This is janky, yes, and I'm not gonna shill for Ubiquiti, but for lack of a legitimate source, I don't think this is a fair representation of the actual install steps.
The actual source is this: https://community.ui.com/releases/UniFi-OS-Server-4-2-23/21d... but only accessible if you opt-in to the Unifi Early Access program. We are talking beta software / first release here, so any criticism needs to be looked at through that lens.
After many (many!) years I finally got around to my childhood dreams of building a home network rack, centered around the Unifi stack. I've got the new 10 gig switch, the dream machine SE, a bunch of cameras, and I've been very impressed with their stuff. The experience "just works" and feels like they take inspiration from Apple. The whole camera setup can be "closed" by shutting off outside access, this self-hosting option takes it all a step further for those who care deeply about privacy!
There's one big gotcha with Unifi cameras, where you have to cloud-connect your Unifi system if you want "AI" detections[1] (anything other than simple motion detection). I'm hoping they fix it some day[2], but for now I just have motion detection on my Unifi hardware. If this is a problem for you, make sure you understand the tradeoffs here before you commit to a Unifi system.
Still dont understand why this is such a big issue, and I have been reading threads about it for a year now.
Just turn on cloud access, accept the t&cs and then turn it off again. If you are really scared then you can isolate that device in a vlan or DMZ temporarily.
I run many commercial and residential networks, and this is definitely a non issue for me.
Even this only reviews "Smart Detections" and I have smart detections turned off on my Unifi cameras, because it enables cloud AI. Having the ability to have an AI key to process detections locally would be great.
Also, having to buy extra hardware kinda stinks. Would love to be able to have a self hosted Unifi OS server that can do AI key abilities if the hardware supports it.
If only the system would cope with power outages I would agree. My viewports refuse to reconnect to the cameras and need multiple forgets/adoptions to come back to life. The (wired) cameras themselves take hours before they show up again, except for the (WiFi) doorbell. During this period I can see the all online via the managed ubiquiti switches.
I've been using unfi protect/capture (I self hosted capture for a long time) for years and have never had a forgotten adoption any they almost never go down. I do have everything on UPS now but I never saw the issue before that either.
That said I've only used the wired bullet cams so maybe other models are not so nice.
Really the only downside I've seen is about 5ish years ago, all the bullet cams I bought would die after about .75 -> 3 years. All died with the same issue and I had 100% failure rate with any bought during that time frame. Ubiquiti replaced the ones that died during the warranty period but most died just after that expired.
The ones bought before or after that have been great so the issue was solved but I have a nice stack of dead ones that would work great as fake cameras, especially as their IR leds still light up.
My general impression is that it “Just Works” if you don’t do anything remotely interesting with it.
Want to create a VLAN with no Internet connectivity? Better test that it actually has no Internet connectivity because the setting doesn’t actually work.
Want to use the firewall? Better test all the rules — it’s amazingly buggy.
Want to change a WiFi setting without WiFi going down for a minute or two? Good luck — UniFi doesn’t seem to care about making it work.
Want to find information (MAC, switch port, DHCP reservation, etc) about a device that uses the same MAC address on multiple VLANs? Good luck — it looks like UniFi utterly flubbed either their database schema or whatever interface their front end uses to talk to their backend about it, and it’s very, very broken.
Want to find basically any setting based on online docs? Too bad — they keep moving the settings and not updating the docs.
The thing that made me move off of it was issues connecting to devices on mesh'd APs if the ARP entry for that device timed out on the main AP.
Literally couldn't connect to my mobile phone, and after a lot of troubleshooting (which Unifi does pretty much nothing to help you with) I found that when the phone had roamed to the mesh'd AP, ARPs for it wouldn't get answered. If I forced it back to a wired AP or manually added it to the table... all worked fine. Went unfixed for years, heck, I still don't know if it is...
And all the "alerts" about malicious traffic that a bunch of prosumers seem to love? It's not very actionable for figuring out if it's really a problem nor digging deeper...
Oh, and when they had a firmware update that changed the SSID maximum length from 32 (the spec) to 31. My SSID is 32 characters and after that I could no longer edit the network without a UI error. That sucked.
I'm now on OPNsense and Ruckus APs and while it's not as integrated, I couldn't be happier.
This. They make excellent access points and their lite beam/air fibre products are great.
But UniFi has serious limitations when it comes to anything beyond the basics. An off the self Asus all in one home router actually has more features and capabilities.
Idk about you but I’m rocking a site to site link to my parents house, I have vlans for each segment in my home network (iot, priv etc) with full ipv6 routing and custom filtered dns over https with full network name resolution for all dhcp clients by their hostname on my local subnet domain…
I have complete control over my kids network access, can block specific types of traffic by app type or time based rules. I have high visibility into my WiFi setup and everything is on prem and self hosted and integrated with home assistant…
I took a hybrid approach -- Unifi for everything except the firewall, and a Firewalla for that. I'm overall quite happy with it, although you won't get a single pane of glass for management.
Most people don't want to do anything 'interesting'. If you stray too far from the beaten path, I'd argue that you no longer need or something that "Just Works". You need something very configurable, which, by definition, will let you shoot yourself in the foot.
My current setup is Mikrotik for wired and Ubiquity APs for wifi. Their wifi devices have great specs and are difficult to beat. Mikrotik has decent wifi devices but not only they have a footgun minefield - not exactly their fault since Wifi is difficult to get right, so the more settings you expose, the worse it gets. Mikrotik also logs behind in features (they are still at wifi 6). It's an odd combination of philosophies but seems to work, all the vlan logic is offloaded to Mikrotik. And so are firewalls, etc. Then the voodoo Wifi stuff gets handled by Ubiquiti.
> Want to change a WiFi setting without WiFi going down for a minute or two? Good luck — UniFi doesn’t seem to care about making it work.
I am with you on that. It's things like that that prevent adoption by larger businesses and contribute to the perception that they aren't a serious contender. I previously had an Aruba InstantOn setup(which is focused on SMB), and got really accustomed to being able to tweak (most) settings without any interruptions at all. I could even do things like change channel widths (in one direction) without losing connectivity. What was really surprising on Unifi is that I lost connection when I changed settings for a _different_ SSID, for like a minute. That isn't really acceptable.
They still do a lot of things right though, and it shouldn't be too difficult to get their act together. The devices are pretty decent and at a surprisingly low price point.
I did this in 2023 and my experience has been the same. Had 0 problems other than Sonos being, well, Sonos.
Recently set up CCTV at my parents’ with a Cloud Gateway Max, set up a site to site VPN in 3 clicks and now I can support remotely and their Sony smart TV can see my Jellyfin server.
I did a lot of jobs when I was very young. I wouldn't want someone to draw conclusions about me today based on my failed stint at Burger King, for example.
I really love my Dream Machine. Super reliable. What I don't like that much is their UI. It is super weirdly done. It is not natural to use, at least if like me, you use it once every 6 months or more.
I really wish PC with some good m.2 wifi cards in it were more of an option for wireless. PC based routers are awesome, there's great software. It's just the wifi situation keeping us tethered to very special boxes.
Even openwrt has severe limits. It's up to you to flap on all manners of optimizations and tweaks to what is basically a hostapd.cond file. Hostapd.conf is the gatekeeper of one of the most important connective channels on the planet, and we collectively know so so so little of it.
At least the m.2 & m-pcie cards have finally started getting somewhat better availability. It's still 90% Compex reference designs, but they're somewhat purchaseable, after years of this stuff being super hard to get ahold of. Seems usually to be ~$200, for a card that'll do wifi-7 2x2 5+5GHz (ex: Compex WLTE7002E55, using Qualcomm's QCN6274).
That market is pretty small I think, and it's split with the people that jump right to used enterprise aps for their radios (I'm using 3 rukus 850s for instance)
There was a lot of drama around Ubiquity a few years back. Happy to see the company is still alive and the indicator that they're coming back around to self hosting. All the hardware I bought a decade ago is still running fine (without any of the cloud software) and it looks like their newer stuff would be worth the upgrade (10gb everywhere, easily, at last).
As far as I can see, they still flirt with vendor lock in. None of their cameras supported ONVIF when I researched this previously.
Nice hardware, lame software choices, IMO.
I may be misunderstanding this, but as I recall originally the only way to run unifi was to have self hosted it through an app on a Windows machine on your network, then it went to the cloud, then cloud only, and now it seems to be coming back to self hosted? Good if so.
(UniFi is their app/system to configure your ubiquiti network devices and to gather stats from them, it really did change the networking industry for such a low cost product at the time)
The self-hosted app never went away; I've been running it for the last 8 years or so, first on a MacBook Pro, then a Raspberry Pi, and now a repurposed HP T620 thin client.
They promote their cloud controller pretty strongly, followed by the Cloud Key, which is their own preinstalled self hosting setup, but the self-hosted UniFi Network server has stuck around. (It changed names a couple of times; it was the "UniFi Controller", then "UniFi Network Application", and now "UniFi Network Server".)
Lately they luckly built the console into their router products - UniFi Express, UniFi Cloud Gateways and Dream Machines all have the console builtin and act as controllers.
This is what is confusing about this announcement, is anything actually newly available or is this a rename of the existing thing I've been doing in a container for years?
You've always been able to fully self host their core network controller, and not just on Windows. Linux has always been the preferred platform to host it on. However, the other more specialized apps in their ecosystem like their NVR software, etc was not self hostable independent of their controller hardware.
Right now it looks like UniFi OS server doesn't do anything the prior self hosted stack does already. Presumably though they are planning to roll out some of the other parts that currently aren't in the fully self hosted stack.
The UDM pro has the controller built in. Others have mentioned the Cloud Key, of which there are two versions. The controller software runs on Linux, macOS and Windows. I used to run it in docker on Linux. For years. Quite easy to manage.
UniFi OS Server is similar to the old self hosted solution (the controller) except it can run more of the applications. I used to self host some years ago and only the Network was available. Now the OS supports InnerSpace and Identity too.
Last time I used it (some 8 months ago) there was Windows app and mobile app.
In order to configure, check what was going on I needed to run app on my Windows computer. I was looking into using docker or something like that, but I switched to another vendor.
Recently switched from a UDM Pro Max to a Firewalla Gold Pro and couldn't be happier about the move. Software that works > software that has everything but requires magic to get checkboxes to adhere to a save state-this is a common issue with UniFi Network options. They need far better QA before I recommend anyone use them as an OS.
Might be better, but it’s 4x the cost. Firewalla Gold SE at $509, vs UniFi Cloud Gateway Ultra at $129. In my experience, the software does work fine. Works way better out of the box than most routers I’ve used.
From what I’ve seen, Unifi seems like the closest to an "Apple-like" experience - especially given how much more robust their capabilities are compared to most other providers.
I couldn't get my Elgato Key Light Air (or whatever its called) to work on my Unifi network - something was amiss with the WLAN settings that others reported was specific to unifi.
I didn't like how they stopped supporting on-prem Unifi Video server, and only allow you to use it with a hardware appliance now.
They moved beyond "just build good product" and into unwanted cloud services and closed ecosystem.
If this is a re-opening of some of their self-hosting, then great. They're back to par, I guess?
If I were a hospital, financial brokerage, etc, I would use Cisco.
But since we're a small business < 50 employees, with 4 sites (office, call center, colocation, cloud) Ubiquiti makes it unbelievably easy to administer, even though I know I'm leaving plenty of performance on the table in terms of switching performance, latency, QoS, and throughput.
Surprised at S2S VPN performance at these price points as well! More than adequate!
Readit News
Lotta haters out there but this is just advanced as I want to get in my home lab; and the racks are just so cool even with their gimmicky front touch panel, it’s just so sexy when all the displays in the rack sync up on their animations. Whoever designed these things really had an eye for design.
So I've gone elsewhere for cameras, switching and routing.
This release is a nice point in their favour though but I can't see myself going back all in on Ubiquiti.
Their security issues in the past. Their failure to make the EdgeRouter handle DHCP and DNS properly. Etc...
I've since moved to cheap switches that support all port vlan trunks and LACP bonding, then just plug Proxmox into them and run OpenWRT in a VM for routing all the vlans. The Proxmox+OpenWRT combo even supports hot-plug virtual interfaces as more VLANs are lit up, they just pop up nicely in the web UI.
For the APs, TP-Link is less expensive and better performance. WiFi 7 and 10gbit for less money. No need to run a management OS in a VM either.
https://community.ui.com/releases/EdgeRouter-3-0-0/33ee3852-...
But yeah they haven't released any new hardware in quite a long time. But nice to see they are still doing development work on the software.
We still use some Ubiquiti. Sometimes i use this script on a Debian VM:
https://community.ui.com/questions/UniFi-Installation-Script...
The router works still amazingly fine, only their software has some bugs.
I tried a Mikrotik router recently but conoared to the Ubi devices, configuration feels so clunky and complicated.
It has issues with 2.4Ghz speeds, it randomly restarts because their software is buggy as hell. Their Apple style UI sucks ass and they have a mobile app that you can barely do anything in so you may as well just go to the web interface.
They have no features like proper QoS (smart queueing does NOT count) and even just little things, like not being able to search clients by IP, or ordering by current speed never working quite properly.
It's a fancy UI over crappy code that's been duct taped together. As soon as I move house I'm moving to Mikrotik again. For APs I may keep unifi, as they're very good at that one thing, but their routers/switches suck imo.
IN all fairness, that hate is reasonable. Ubiquity has _some_ things done super well. As long as your needs are addressed by the config/options/UX/API that they expose, you'll have a pretty good experience. As soon as you need to do something that isn't easy, you're going to be fighting your core network infra the entire time and that's a miserable place to be.
Stick to unifi for switches and *basic* routing. Use their LED lighting / Cameras / Access Control and other side-projects at your discretion.
Now days, static routes, SNAT/DNAT, and DNS are all in the management interface. So.. things improve, and every time I’m back using EdgeRouters, Extreme, or Juniper elements I miss the low friction of managing UniFi stacks.
Agreed that if you need VRFs for example, DC power, and are working through similar complexity requirements, Ubiquiti is the wrong stack. I’d say Ubiquiti is not heavy weight, but it seems to address 90% of SMB setups.
While I don't like many of the shady things Ubiquiti did with respect to OSS and for a while I did try to move away from them. However what I found was the prosumer market riddled with less polished alternatives. Microtik does offer some interesting hardware for edge cases that UniFi doesn't cover, but when it comes to a unified system Ubiquiti have done an amazing job.
The pricing has gotten a bit outrageous. For example: trying to find a reasonably priced high wattage PoE switch in UniFi's line is no longer an easy task. It's tradeoffs all the way down. I have an original (SwitchOS) 48 port GbE & 4 SFP+, full L3 with a >250W budget and replacing it will be rather pricey or I'll have to make concessions.
But overall... There's no better prosumer option - good, bad or otherwise. They haven't enshittified the product with subscriptions / software upgrades and my guess is they're making this move back to self hosted options to actually save themselves money. A win on both sides.
The gateways are awesome value.
So I am confused by their Camera prices being so high.
I went with Reolink on cameras and NVRs and don't regret that decision. Probably spent a third of what it would have cost for Ubiquiti. There must be some benefit to the extra cost, but I don't think it's one I'll miss.
The £360 camera is the G5 Pro, which is a 4K camera with 3X optical zoom. I'm not aware of any Ring camera with optical zoom. If you don't need the zoom, the G6 Bullet is a 4K camera without zoom for £190, and the G5 Bullet is 2K for £126. As far as I know, Ring's highest resolution camera is 2K.
But Unifi isn't really trying to be a Ring competitor -- Ring caters to home users with little knowledge of networking, Unifi is more for small businesses (who use an integrator to install their system) or prosumers with more advanced network knowledge.
Dead Comment
From all I've been looking at, looks like it's the most straightforward setup. Fully centrally managed via the gateway, leaves me plenty of options for PoE-powered security cameras and other expansions in the future, can be upgraded on a component basis when desired, and integrates nicely in HomeAssistant. And with all that, not even really more expensive than what seems like much more fiddly alternatives like the TPLink Omada system and others.
The problem with UBNT isnt that they aren't great for your homelab. They are.
The problem with UBNT is people think "Great for my homelab" is the same as "I can run important infrastructure on this"
The problem with UBNT/Mikrotik is that people bring homelab level skills to complex infrastructure projects and then make a shocked face when they get hacked.
Have they been perfect? No, but this has allowed me to control my network how I actually want to control it.
This has lead me to now having multiple Ubiquiti components (with more planned), my most recent was switching away from Synology to the UNAS Pro and it has been great.
Really the only thing I ever bought from them that I really regretted was the tooless mini rack. Was really cool but I have non ubiquiti things that I need to mount and I doubt they are going to actually make a server I can run k8s anytime soon.
From what I've seen it looks far more modern.
Crosstalk Solutions, MacTelecom Networks, and Lawrence Systems all do youtube videos on UI's gear and setup - may help give you an idea of the experience before you commit to kicking off your addiction.
I upgraded my venerable USG with the new UXG as I have gig service now. The gear is great, even supports IPv6, and uses much less power. But… no internal DNS is enabled. So now, I ended up buying a thin client on eBay to roll my own DHCP/DNS. Not fun. It is baffling to me because there’s lots of complex new features in the Unifi stack, and they already had an interface to configure static names in dnsmasq.
I went the Eufy route for cameras as the batteries were a big draw for me.
I have a UCG-Ultra and was able to set up DNS just the way I wanted. My needs aren't extreme, but I was able to set up a wildcard entry (*.apps.domain -> 192.168.x.y) and fixed addresses and DNS names for various hosts.
The configuration is in a non-obvious place now and has moved around a bit over time. Currently it hides in Settings > Policy Engine > DNS. It shows entries that come from the per-host fixed IP/Local DNS configuration (you can't edit these here) and you can create new entries here (like my wildcard or some other random entry).
I ended up with a bunch of mildly compatible products that were a totally pain to manage. It was _amazing_ when it worked well. It mostly does, but on occasional when things went wrong it was a totally pain pain to fix.
My Tp-link Deco system works just as well for my use case. It occasionally decides to use a terrible channel, but that’s fixed with a quick restart or a few clicks in the app.
And Ubiquiti seemed to get impacted more than other similar companies by supply chain problems that came following covid, but they do seem to have picked up again noticeably over the last 18-24 months, with lots of new product releases.
Dead Comment
This is some of the jankiest install installations I've seen in a long time. Not even using && to stop on an error, just plowing ahead for more errors to stack up.
As far as I can tell, this article has no actual link back to any Unifi press release, git repo, or other project page about this, the closest the author does is link the downloads from Ubiquiti's site (as in, literally, links to the files, and nothing else).
This is janky, yes, and I'm not gonna shill for Ubiquiti, but for lack of a legitimate source, I don't think this is a fair representation of the actual install steps.
Also there is the official announcement now: https://blog.ui.com/article/introducing-unifi-os-server
Things like this get the information out there in human-readable form to be understandable, and error checking would be for the reader.
Or said another way, more like gist.github.com vs github.com/some÷project.git
[1] https://old.reddit.com/r/Ubiquiti/comments/1cifnut/unifi_pro...
[2] https://old.reddit.com/r/Ubiquiti/comments/1dbyvan/home_assi...
Just turn on cloud access, accept the t&cs and then turn it off again. If you are really scared then you can isolate that device in a vlan or DMZ temporarily.
I run many commercial and residential networks, and this is definitely a non issue for me.
Even this only reviews "Smart Detections" and I have smart detections turned off on my Unifi cameras, because it enables cloud AI. Having the ability to have an AI key to process detections locally would be great.
Also, having to buy extra hardware kinda stinks. Would love to be able to have a self hosted Unifi OS server that can do AI key abilities if the hardware supports it.
That said I've only used the wired bullet cams so maybe other models are not so nice.
Really the only downside I've seen is about 5ish years ago, all the bullet cams I bought would die after about .75 -> 3 years. All died with the same issue and I had 100% failure rate with any bought during that time frame. Ubiquiti replaced the ones that died during the warranty period but most died just after that expired.
The ones bought before or after that have been great so the issue was solved but I have a nice stack of dead ones that would work great as fake cameras, especially as their IR leds still light up.
Want to create a VLAN with no Internet connectivity? Better test that it actually has no Internet connectivity because the setting doesn’t actually work.
Want to use the firewall? Better test all the rules — it’s amazingly buggy.
Want to change a WiFi setting without WiFi going down for a minute or two? Good luck — UniFi doesn’t seem to care about making it work.
Want to find information (MAC, switch port, DHCP reservation, etc) about a device that uses the same MAC address on multiple VLANs? Good luck — it looks like UniFi utterly flubbed either their database schema or whatever interface their front end uses to talk to their backend about it, and it’s very, very broken.
Want to find basically any setting based on online docs? Too bad — they keep moving the settings and not updating the docs.
If you change the schedule of a WiFi network your entire network (wired and everything) goes down for two minutes.
Just a simple admin policy change… full network outage.
Clown. College.
Literally couldn't connect to my mobile phone, and after a lot of troubleshooting (which Unifi does pretty much nothing to help you with) I found that when the phone had roamed to the mesh'd AP, ARPs for it wouldn't get answered. If I forced it back to a wired AP or manually added it to the table... all worked fine. Went unfixed for years, heck, I still don't know if it is...
And all the "alerts" about malicious traffic that a bunch of prosumers seem to love? It's not very actionable for figuring out if it's really a problem nor digging deeper...
Oh, and when they had a firmware update that changed the SSID maximum length from 32 (the spec) to 31. My SSID is 32 characters and after that I could no longer edit the network without a UI error. That sucked.
I'm now on OPNsense and Ruckus APs and while it's not as integrated, I couldn't be happier.
But UniFi has serious limitations when it comes to anything beyond the basics. An off the self Asus all in one home router actually has more features and capabilities.
I have complete control over my kids network access, can block specific types of traffic by app type or time based rules. I have high visibility into my WiFi setup and everything is on prem and self hosted and integrated with home assistant…
I run OPNsense now with a Ruckus standalone AP, and it has been bulletproof.
My current setup is Mikrotik for wired and Ubiquity APs for wifi. Their wifi devices have great specs and are difficult to beat. Mikrotik has decent wifi devices but not only they have a footgun minefield - not exactly their fault since Wifi is difficult to get right, so the more settings you expose, the worse it gets. Mikrotik also logs behind in features (they are still at wifi 6). It's an odd combination of philosophies but seems to work, all the vlan logic is offloaded to Mikrotik. And so are firewalls, etc. Then the voodoo Wifi stuff gets handled by Ubiquiti.
> Want to change a WiFi setting without WiFi going down for a minute or two? Good luck — UniFi doesn’t seem to care about making it work.
I am with you on that. It's things like that that prevent adoption by larger businesses and contribute to the perception that they aren't a serious contender. I previously had an Aruba InstantOn setup(which is focused on SMB), and got really accustomed to being able to tweak (most) settings without any interruptions at all. I could even do things like change channel widths (in one direction) without losing connectivity. What was really surprising on Unifi is that I lost connection when I changed settings for a _different_ SSID, for like a minute. That isn't really acceptable.
They still do a lot of things right though, and it shouldn't be too difficult to get their act together. The devices are pretty decent and at a surprisingly low price point.
Recently set up CCTV at my parents’ with a Cloud Gateway Max, set up a site to site VPN in 3 clicks and now I can support remotely and their Sony smart TV can see my Jellyfin server.
I did a lot of jobs when I was very young. I wouldn't want someone to draw conclusions about me today based on my failed stint at Burger King, for example.
My childhood dream was to build crazy buildings, before that it was a space explorer. Not sure a home network rack ever made the list!
the founders are ex-Apple
Even openwrt has severe limits. It's up to you to flap on all manners of optimizations and tweaks to what is basically a hostapd.cond file. Hostapd.conf is the gatekeeper of one of the most important connective channels on the planet, and we collectively know so so so little of it.
At least the m.2 & m-pcie cards have finally started getting somewhat better availability. It's still 90% Compex reference designs, but they're somewhat purchaseable, after years of this stuff being super hard to get ahold of. Seems usually to be ~$200, for a card that'll do wifi-7 2x2 5+5GHz (ex: Compex WLTE7002E55, using Qualcomm's QCN6274).
[1]: https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=11...
I've noticed a lot less Ubiquiti hate comments on HN since that one employee got arrested.
They promote their cloud controller pretty strongly, followed by the Cloud Key, which is their own preinstalled self hosting setup, but the self-hosted UniFi Network server has stuck around. (It changed names a couple of times; it was the "UniFi Controller", then "UniFi Network Application", and now "UniFi Network Server".)
Terrible little underpowered device that frequently wouldn't come back up after losing power.
I switched to Aruba because of the cloud key and haven't looked back.
Right now it looks like UniFi OS server doesn't do anything the prior self hosted stack does already. Presumably though they are planning to roll out some of the other parts that currently aren't in the fully self hosted stack.
It never went cloud-only. You could always self-host.
They've had different versions of cloud hosted offerings over the years. A few companies have also offered their own cloud hosted instances.
There's also been a container version for quite a while too.
Gen 1 cloud key: https://dl.ubnt.com/qsg/UC-CK/UC-CK_EN.html
Gen 2 cloud key https://store.ui.com/us/en/products/uck-g2
Container from linuxserver.io https://github.com/linuxserver/docker-unifi-network-applicat...
In order to configure, check what was going on I needed to run app on my Windows computer. I was looking into using docker or something like that, but I switched to another vendor.
1 of numerous examples: https://community.ui.com/questions/Device-Static-IP-Not-Savi...
https://help.firewalla.com/hc/en-us/community/posts/44144642...
From what I’ve seen, Unifi seems like the closest to an "Apple-like" experience - especially given how much more robust their capabilities are compared to most other providers.
I didn't like how they stopped supporting on-prem Unifi Video server, and only allow you to use it with a hardware appliance now.
They moved beyond "just build good product" and into unwanted cloud services and closed ecosystem.
If this is a re-opening of some of their self-hosting, then great. They're back to par, I guess?
But since we're a small business < 50 employees, with 4 sites (office, call center, colocation, cloud) Ubiquiti makes it unbelievably easy to administer, even though I know I'm leaving plenty of performance on the table in terms of switching performance, latency, QoS, and throughput.
Surprised at S2S VPN performance at these price points as well! More than adequate!