Ubiquiti Gear

8-minute read
networking

Update At The End Of This Post

The Disappointment Of Consumer Networking Gear

I have been through a lot of home networking gear. The last two were duds. There was the TP-Link Archer C3200 which turned out to be a very expensive boat anchor. Sure, it looked cool (like an upside down Minecraft spider) and the wireless range was really good. But, it could not route worth a damn – especially if there were multiple devices on the network. It also suffered from strange timeouts when routing, this caused time sensitive applications like Playstation Vue to not work.

To replace the TP-Link, I got a D-Link AC1900 EXO Router which also looks really cool (like an angry orange alien) and functioned OK. But, it was very limiting in what it did and what I could configure it to do. When I say “limited” I really mean limited, D-Link stripped out just about everything from the WebUI leaving the router “easy to use” for home users. Annoyingly, the WebUI has a timeout of about a minute. So, if I wanted to look at the traffic graphs for more than a minute, I would get logged out. Ugh, do these engineers actually eat their own dog food?

I started hunting for some networking gear that would be highly configurable (to keep the geek in me busy) and powerful (to keep the family happy when everyone is online) and would not require reboots every few days (to keep the admin in me happy). A few months ago, while I was whining about the TP-Link, an old colleague (Thanks Francisco!) recommended Ubiquiti gear.

The Setup

A month and a half ago, I bought a UniFi AC-LR access point and an EdgeRouter X from Amazon and have been using the Ubiquiti gear at home ever since. The setup I have looks like:

  • EdgeRouter X
  • AP-AC-LR using POE passthrough from the ER-X
  • Raspberry Pi 2 as the UniFi controller
  • TP-Link 16-port unmanaged Gig-E switch
  • Arris SB6190 cable modem

UniFi AP

The first thing that I found was that the AP is a managed AP. This means there’s no pretty WebUI for it to log into and manage it. I could use the iOS or Android app to set it up and then let it run. Or, being a geek, I could install the software and manage the AP from the software. The software also lets me run a captive portal (not going to), set schedules for different SSIDs (doing) and capture metrics (very neat). The app is a Java application, the setup was not bad on the Raspberry Pi. This is the guide that I used to get it setup.

The AP has some nice functionality that I am using:

  • Per SSID schedules. This is great because I setup a SSID for the kids’s devices and that SSID has a schedule that restricts them from using the network when they are not supposed to.
  • Band Steering. This allows the AP to “steer” devices to either the 2.4 or 5Ghz bands automatically. This is nice so that I can spread out devices based on how strong their signal is. If a device wakes up in the back of the house where the signal is weak, they get shoved onto the 2.4Ghz band. If a device is in the livingroom where the AP lives and they have a 5Ghz radio, they get put on the 5Ghz band. It just works.
  • POE. I can’t say how awesome it is to have something that is powered over Ethernet. Instead of having to find a place for the device near power, I can put the AP anywhere I want and just plug in an Ethernet cable to power it up.
  • UniFi controller. The controller is unnecessary if you don’t want to use the advanced features. But, it is nice to have around even if you don’t. It gathers metrics about clients and their usage. It then graphs the metrics for viewing. It also tracks other APs that are around and has RF scanning so that you can find the best channels to use.

EdgeRouter X

The EdgeRouter X is $50 and that is a low price for the amount of functionality it has. With the recent 1.8.5 firmware upgrade, Ubiquiti enabled users to use hardware offload for NAT functionality. This allows the ER-X to be as performant as the higher priced EdgeRouter Lite. The ER-X has a new faster processor, but less RAM and storage than its bigger brother the ER-L, but most of us might not need those extras. The faster processor does allow the ER-X to perform VPN functionality much quicker (3-4x as fast) as the ER-L. With the upgrade, the ER-X can now route near 1Gbps.

There are a lot of stories about how the ER-X is hard to configure and that CLI knowledge is needed. For basic home setups, the CLI is not needed. Ubiquiti has refined the WebUI enough that setting up a basic connection to the internet with a firewall is a few clicks using the built-in wizards. Yes, having networking knowledge and CLI experience will unlock all sorts of other goodies, but for basic routing, the WebUI is just fine.

  • The WAN-2LAN2 wizard the wizard to use for most setups.
  • Be careful and don’t bridge the ports (“Use as One LAN”) because it will degrade the performance of the device. This is checked by default in the WAN-2LAN2 wizard, so uncheck it.
  • ISP DNS servers are used by the DNS forwarder even if you set third party DNS servers for the system. To change this, you will need to use the CLI and follow the instructions here.
  • IPv6 configuration is not built into the WebUI (yet), so some CLI-fu is needed. This is a good guide to getting it to work.
  • Firmware upgrades work much better when done via the CLI. I upgraded my ER-X from 1.7.0 (what it shipped with) to 1.8.0 via the WebUI and it worked. When I tried to upgrade my ER-X from 1.8.0 to 1.8.5 via the WebUI, it kept failing. When I did the upgrade via the CLI, it went perfectly fine. Upgrading via the CLI is easy, here are the instructions. The added benefit of doing it from the CLI is that I get to see exactly what it is doing and get feedback about the process. There isn’t much feedback from the WebUI.

The 1.8.5 firmware also includes Deep Packet Inspection and Traffic Analysis. But, there are limitations to that functionality: It doesn’t work completely if hardware offload for the NAT is turned on. The ER-L can have both DPI/Traffic Analysis and NAT offload turned on at the same time and fully functional. DPI and Traffic Analysis is nice for debugging, but it is not something that I will use all the time.

For now, I am only using the basics on the ER-X and for that it is great. It routes for my 180Mbps/12Mbps cable connection without breaking a sweat. And, the ER-X has not rebooted itself randomly and I haven’t had to reboot it to get it to perform normally. This is a good thing.

So far, this Ubiquiti setup is so much better than consumer networking gear. The combination of EdgeRouter X ($50) + UniFi AP-AC-LR ($100) costs less than most high-end consumer gear. Not only that, but it has been performing much better. Time will tell and I will see how things go as the gear runs for a longer period of time and gets exercised more. As it stands though, things are looking good.

Update (6/22/2016)

Of course this would happen… Hours after I write about the EdgeRouter X, I start to see things go weird. I was watching a show on Playstation Vue and the stream stopped, complaining about the lack of network connection. I didn’t make much of it.

After the show was over, I went to download the CentOS 7 ISO using Bittorrent. Shortly after the download starts, I get pinged by a watchdog service that lives off my network that one of my devices is offline. I check and while the network is working, the network was not happy and wasn’t sending traffic out properly under this load. The download is running on a Windows box with only a 100Mbps connection, it had a lot of connections open and couldn’t saturate the 100Mbps connection. I have a 180Mbps downlink on Comcast. So, on another machine I try to download the Ubuntu ISO using HTTP. I could not get the total aggregate speed of all traffic from the internet above 80-90Mbps. Sad panda.

I had a EdgeRouter Lite that was configured and ready to go. I swapped that in and tried the same thing and I was reaching the full linespeed of my Comcast connection. I guess the NAT hardware offload functinality on the ER-X was not enough. I guess I will put the ER-X in cold storage as a stand-by if the ER-L dies. It would have been nice to see the ER-X perform better (though for the $50 price tag it was doing OK, I guess).