Comment by psyclobe
2 days ago
I have nothing but good things to say about ubiquiti. I run their cameras door bell and network switches at my house and have had nearly 100% uptime for years. Their ui constantly improves and it’s very well integrated into home assistant.
Lotta haters out there but this is just advanced as I want to get in my home lab; and the racks are just so cool even with their gimmicky front touch panel, it’s just so sexy when all the displays in the rack sync up on their animations. Whoever designed these things really had an eye for design.
I still use their access points because it's hard to get anything else as good for the same kind of price, but they burned me killing the development on EdgeRouter.
So I've gone elsewhere for cameras, switching and routing.
This release is a nice point in their favour though but I can't see myself going back all in on Ubiquiti.
I've moved on from Ubiquiti access points as well. Their U6 simply does not handle VLANs properly, they never acknowledged the issue let alone fixed it. See https://community.ui.com/questions/U6-IW-how-to-trunk-all-5-...
Their security issues in the past. Their failure to make the EdgeRouter handle DHCP and DNS properly. Etc...
I've since moved to cheap switches that support all port vlan trunks and LACP bonding, then just plug Proxmox into them and run OpenWRT in a VM for routing all the vlans. The Proxmox+OpenWRT combo even supports hot-plug virtual interfaces as more VLANs are lit up, they just pop up nicely in the web UI.
For the APs, TP-Link is less expensive and better performance. WiFi 7 and 10gbit for less money. No need to run a management OS in a VM either.
TP-Link comes with a healthy dose of worry about the Chinese governments surveillance practices tho.
> TP-Link is less expensive and better performance. WiFi 7 and 10gbit for less money.
Thanks, they really seem like good alternative.
1 reply →
The thread you reference ends with the post saying "it is fixed in the 7.4.140 controller release", so im not sure how you can say it wasnt acknowledged or fixed.
3 replies →
> Their security issues in the past.
That's why I moved off as well. Maybe some day SDN (at least so far as the ubiquity experience goes) will become an OpenWRT priority.
I’m curious to know more about your setup! Which switches do you prefer? What hardware are you using for proxmox? And what does your network look like?
Cheers!
1 reply →
is there a writeup on the openwrt/proxmox vm for routing you talk about? Examples of the cheap switches?
1 reply →
Their software updates are also very flakey. The past few releases for the Console and occasionally the Network were pulled right after being published for having blocking bugs. Again and again they publish the update and then do QA on their users. If you have an IT department you probably have some sort of process in place to deal with this and deploy when you're satisfied. A home user will probably have auto-updates enabled and bite the bullet again and again.
A while ago one update automatically enabled PMF (set to required, I believe) on all Wi-Fi networks. That didn't go great for me when half of my IoT devices stopped connecting and I wasn't available to fix.
1 reply →
They just released v3.0.0 of the EdgeRouter software three days ago.
https://community.ui.com/releases/EdgeRouter-3-0-0/33ee3852-...
But yeah they haven't released any new hardware in quite a long time. But nice to see they are still doing development work on the software.
Thank you so much for this great news!
For cameras, everyone should be looking into https://openipc.org/
This looks cool but it's not on any camera brand I have ever heard of before. I have a bunch of hikvision stuff that is on its own vlan with no internet access because it's concerningly chatty with Chinese IPs. I would love to put openipc on them.
This. We used to do a lot of Ubiquiti, then the software quality went way down, their own security officer 'hacked' them and lots of other weird stuff. We were already using debian vm's instead of their horrible cloudkey devices (so slow..). We switched to Aruba Instant-On.
We still use some Ubiquiti. Sometimes i use this script on a Debian VM:
https://community.ui.com/questions/UniFi-Installation-Script...
The new generation Ubiquiti hardware with built-in management is really good, inexpensive, and interface is responsive. It's also just good looking. They've really gotten better across the board. I'm using the Cloud Gateway Max.
https://ui.com/us/en/cloud-gateways/compact
I moved the firmware if my EdgeRouter X SFP to OpenWRT, since it has been years from their last security update and recently the WebUI tripped and broke.
The router works still amazingly fine, only their software has some bugs.
My EdgeRouter X just mysteriously died once when I had to reboot it. No idea what happened to it but it just never was accessible through any means.
Hopefully the Unifi devices are better since I eventually replaced it with Cloud Gateway Ultra after dabbling with a second-hand MikroTik.
What do you use the for routing?
I tried a Mikrotik router recently but conoared to the Ubi devices, configuration feels so clunky and complicated.
RouterOS does feel a little clunky for sure, but you can configure _everything_. And once it's set up, it works beautifully and consistently.
Ubiquiti's routers to me just seem to be prosumer routers with an "enterprise" UI on top. Whereas Mikrotik genuinely offer an enterprise experience (also still great for home) with the boring, drab, absurdly functional UI to back it up.
Ubiquiti looks beautiful; but you can't do anything with it.
2 replies →
I have a bit of a soft spot for Mikrotik, but I can't help feel like their hardware only exists to sell training.
For our house I tried a Mikrotik, a TP Link and a Ubiquiti AP. The only one that really works in our case is the Ubiquiti. Also for a home that's mostly Apple hardware, you kinda need a manage wifi solution, because Apples WIFI stack have issues switching between APs and needs a controller to kick you off (I don't know if that's still the case). Ubiquiti have one of the only routers that will force Apple hardware to switch APs. Mikrotiks CAPsMAN isn't even really a WIFI/AP controller, it's just provisioning.
For all it's flaws, I still really want to just run 100% Mikrotik gear.
1 reply →
The GL.iNet Flint 2 came highly recommended (near cult following) from my own pretty extensive research for offboarding ubiquity. It comes with a OpenWRT fork pre-installed, but flashing mainline OpenWRT is officially supported. I've been happy so far.
The Flint 3 just launched, and the headline feature is WiFi 7: that should be less of an issue if you're going with separate APs.
Agreed, Mikrotik's configuration is sufficiently different from just about anything else that it takes some significant getting used to.
Admittedly it's still not as awkward/bad as Draytek.
Honestly my router for the last 10 years is an openbsd box + pf rules for routing, dhcpd and dnscrypt_proxy...
I have an ansible playbook that creates the image and I run it on a cheap fanless x86 box....
Any recommendations on cameras that can be fully local?
Personally, I've had good luck with Reolink cameras. I block them from the Internet at the router, just in case, but they do seem to respect your choice if you disable the cloud/mobile app feature.
The cameras will upload jpegs and mpegs to a local FTP server based on configurable triggers, which include 'AI' detection of animal/vehicle/human, all running on-camera.
I wrote a simple script to put all the daily uploaded jpegs on a HTML webpage (each linked to the video) for review. Home Assistant also has an integration that can do streaming and grabs the detection triggers as well.
Most people I know in a similar situation went with generic ip cameras paired with a synology nas for an inexpensive option.
> Lotta haters out there but this is just advanced as I want to get in my home lab
IN all fairness, that hate is reasonable. Ubiquity has _some_ things done super well. As long as your needs are addressed by the config/options/UX/API that they expose, you'll have a pretty good experience. As soon as you need to do something that isn't easy, you're going to be fighting your core network infra the entire time and that's a miserable place to be.
Stick to unifi for switches and *basic* routing. Use their LED lighting / Cameras / Access Control and other side-projects at your discretion.
The thing about the UniFi platform is it iteratively improves. Years ago you couldn’t manage NAT rules or DNS from the GUI, though there were workarounds to modify iptables at the command line and preserve customization across upgrades.
Now days, static routes, SNAT/DNAT, and DNS are all in the management interface. So.. things improve, and every time I’m back using EdgeRouters, Extreme, or Juniper elements I miss the low friction of managing UniFi stacks.
Agreed that if you need VRFs for example, DC power, and are working through similar complexity requirements, Ubiquiti is the wrong stack. I’d say Ubiquiti is not heavy weight, but it seems to address 90% of SMB setups.
> The thing about the UniFi platform is it iteratively improves.
That's a very charitable and positive spin on "was expensive the day you bought it and got all the functionality you expected years later".
I'm fine with things getting better over time. I am a lot less understanding when you ship a device in 2024 and it still has trash IPv6 support but don't worry because "we'll fix it via an update coming soon!"
That is something that should have been there from day 1.
I've always said that Unifi handles well enough the 10% of networking configuration that 90% of users need. If you're in that other 10% of admins who need something more complex then it's not the right pick, but in a great many cases it's strongly planted in "good enough" territory.
This is 100a% wrong from my perspective. I host multiple sites using UniFi, old Router/SwitchOS as well as AirOS/UISP. I have many VLANs under management spanning these different variations of "old" and "new" implementations and none of them are "a miserable place to be". Maybe if one doesn't actually understand networking nomenclature or interop, sure. I happen to have a pretty deep networking background - but Ubiquiti products have actually made it easier in many cases to do some of the more advanced things in other routing platforms.
While I don't like many of the shady things Ubiquiti did with respect to OSS and for a while I did try to move away from them. However what I found was the prosumer market riddled with less polished alternatives. Microtik does offer some interesting hardware for edge cases that UniFi doesn't cover, but when it comes to a unified system Ubiquiti have done an amazing job.
The pricing has gotten a bit outrageous. For example: trying to find a reasonably priced high wattage PoE switch in UniFi's line is no longer an easy task. It's tradeoffs all the way down. I have an original (SwitchOS) 48 port GbE & 4 SFP+, full L3 with a >250W budget and replacing it will be rather pricey or I'll have to make concessions.
But overall... There's no better prosumer option - good, bad or otherwise. They haven't enshittified the product with subscriptions / software upgrades and my guess is they're making this move back to self hosted options to actually save themselves money. A win on both sides.
Like the other commenter said, VLANs are table stakes.
Try making a multi-homed IPv6 network with Ubiquiti gear. Easy (I might even say trivial) to do with an OpenBSD router and PF, but impossible with Ubiquiti because of how they broke the DHCPv6 client so that it can't accept leases from multiple interfaces and assign them to `radvd` for SLAAC.
You want to do anything other than the most basic task of advertising a single prefix from your ISP? Like advertise the same ULA on multiple VLANs for local services? Well, fuck you for wanting to do that. (Even EdgeOS could do that.)
All of your modern (anything from the last 10 years) phones, computers and tablets already know how to handle multiple IPv6 SLAAC addresses from different subnets and route packets appropriately. All you need is a not-braindamaged router.
The firewall in Unifi is a huge regression compared to EdgeOS, and completely brain damaged compared to PF.
Oh, and the MDNS reflector... why is it so bad?
Ok, I think I need to stop now.
Vlans are table stakes.
Unifi still doesn't have great IPv6 support in 2025 and that's insane for anything that's trying to position itself even remotely near professional grade gear.
It appears to have changed recently but at least around the beginning of covid, you still had to SSH into their gateway/router thing and manually edit a JSON file to configure even basic S/DNAT rules. When the whole selling point of the gear is SPOG MGMT web ui, it's fair to consider "SSH in and edit files" as fighting your gear.
The number of times that I have had accurate, timely, correct, competent support experiences is zero.
The number of times I've been gaslit, lied to, misled or otherwise asked to repeat the same basic diagnostics and troubleshooting that I had already done in the opening ticket message... Is high. Something I would expect from D-Link or any other cheap gear. Not at all acceptable at ubiquity prices.
Speaking of garbage quality support, dead links!
case in point: https://help.ubnt.com/hc/en-us/articles/215458888-UniFi-How-...
That used to be my reference or how to access the config file I needed to edit for basic Nat. Now who knows where that information is. Maybe the way back machine?
I haven't looked inside any of the latest gen 7 access points but I remember not being impressed with there overpriced gen 6 access point using last generation chip from Qualcomm... Which is unacceptable at their prices.
I stand by my point: if you buy their older switching gear, you can get a really good deal. Don't use them for routing unless your needs are relatively straightforward
> There's no better prosumer option - good, bad or otherwise
Mikrotik maybe?
I run both ubiquiti and mikrotik stuff. The mikrotik definitely has... a learning curve, but you can do some stuff with it that's pretty difficult with ubiquiti.
4 replies →
After owning a few EdgeRouter X models I can safely say that the whole lineup a was half baked proof of concept at best. Ubiquiti used two different chipsets in the EdgeRouter lineup, both had data corruption issues with hardware acceleration that Ubiquiti couldn't fix… because they simply cobbled together some open source projects and called it a product. One ran so hot that they'd reliably cook themselves. Because EdgeOS was Vyatta based, it used an end-of-lifed version of Debian (maybe this was eventually remedied?). The PoE models provide non-standard passive PoE, if memory serves the initial batch had PoE enabled by default on some ports = fries unsuspecting devices.
They're cheap and nasty, but they mostly worked.
1 reply →
I just think £360 for an IP camera is too steep, half would be a no brainier over ring. Their new Lite switches replace stuff that was rack-mountable, not there's no ears are far as I can tell.
The gateways are awesome value.
I got into Ubiquiti due to their APs being effectively enterprise level features for consumer level prices. Their coverage and quality was a cut above the TP-Link gear I'd used previously (which was, in turn, better than the D-Link and Netgear stuff that I'd tried).
So I am confused by their Camera prices being so high.
I went with Reolink on cameras and NVRs and don't regret that decision. Probably spent a third of what it would have cost for Ubiquiti. There must be some benefit to the extra cost, but I don't think it's one I'll miss.
I have a couple sites with both types of cameras. And I really love all the customizability with my Frigate / Reolink site. But UniFi can command the premium on the camera hardware because of all the features they give you on the software side of their NVR. It's far better than what you get out of the box compared to something like Reolink in terms of detection and set-it-and-forget-it mentality.
I have a site that has 8 cameras and 2 of the 8 are original cameras that are >5 years old still getting firmware updates. Reolink does not do this and I have had much higher failure rate with them as well. Especially in outdoor cameras that have to handle snow/ice/extreme cold.
Especially when they die after 2 years. Bought 3 G4 Pros direct from Ubiquiti and two are dead. Apparently it's just the POE daughterboard but my RMA requests were rejected due to being out of warranty. My cheap Lorex cameras have been running for 8 years now.
They have a lot of camera models, including a lot of cheaper models, starting at €180 for the G6 turret/bullet if you want 4k or €80 for the G5 turret if you want 1080p.
Looking at the various options, £360 is on the upper end (until you get into the insane DSLR lens one)
[dead]
I have nothing but bad things to say about my shitty UDM from Ubiquiti.
It has issues with 2.4Ghz speeds, it randomly restarts because their software is buggy as hell. Their Apple style UI sucks ass and they have a mobile app that you can barely do anything in so you may as well just go to the web interface.
They have no features like proper QoS (smart queueing does NOT count) and even just little things, like not being able to search clients by IP, or ordering by current speed never working quite properly.
It's a fancy UI over crappy code that's been duct taped together. As soon as I move house I'm moving to Mikrotik again. For APs I may keep unifi, as they're very good at that one thing, but their routers/switches suck imo.
I've been researching options for a new ground-up home network setup in a new house, and so far UniFi stuff is on top of my list. FTTH company will install their stuff up to an NT in the basement, and from there it'd be my setup - a UCG Ultra gateway, couple of PoE switches across the main house and outbuilding, and 2-3 Wifi 7 APs sprinkled around.
From all I've been looking at, looks like it's the most straightforward setup. Fully centrally managed via the gateway, leaves me plenty of options for PoE-powered security cameras and other expansions in the future, can be upgraded on a component basis when desired, and integrates nicely in HomeAssistant. And with all that, not even really more expensive than what seems like much more fiddly alternatives like the TPLink Omada system and others.
Same for me, buying my dream machine pro (and AP's) was one of my few tech purchases that I have zero regrets buying. It is still running strong after a few years and see no reason to change it anytime soon.
Have they been perfect? No, but this has allowed me to control my network how I actually want to control it.
This has lead me to now having multiple Ubiquiti components (with more planned), my most recent was switching away from Synology to the UNAS Pro and it has been great.
Really the only thing I ever bought from them that I really regretted was the tooless mini rack. Was really cool but I have non ubiquiti things that I need to mount and I doubt they are going to actually make a server I can run k8s anytime soon.
I love my ubiquity kit, but they annoy me with half finished stuff.
I upgraded my venerable USG with the new UXG as I have gig service now. The gear is great, even supports IPv6, and uses much less power. But… no internal DNS is enabled. So now, I ended up buying a thin client on eBay to roll my own DHCP/DNS. Not fun. It is baffling to me because there’s lots of complex new features in the Unifi stack, and they already had an interface to configure static names in dnsmasq.
I went the Eufy route for cameras as the batteries were a big draw for me.
What DNS features are you missing? Is this a weird UXG limitation?
I have a UCG-Ultra and was able to set up DNS just the way I wanted. My needs aren't extreme, but I was able to set up a wildcard entry (*.apps.domain -> 192.168.x.y) and fixed addresses and DNS names for various hosts.
The configuration is in a non-obvious place now and has moved around a bit over time. Currently it hides in Settings > Policy Engine > DNS. It shows entries that come from the per-host fixed IP/Local DNS configuration (you can't edit these here) and you can create new entries here (like my wildcard or some other random entry).
This was basically why I moved away from them.
I ended up with a bunch of mildly compatible products that were a totally pain to manage. It was _amazing_ when it worked well. It mostly does, but on occasional when things went wrong it was a totally pain pain to fix.
My Tp-link Deco system works just as well for my use case. It occasionally decides to use a terrible channel, but that’s fixed with a quick restart or a few clicks in the app.
Yep, now that TP-Link have fixed the weird Deco bug where you couldn't forward more than one (non contiguous) port to the same internal machine I'm very happy with them, the wifi coverage is ridiculously good.
Wait the UXG doesn't do DHCP/DNS? The UCGs all do those which is a weird design choice.
UXG definitely does DHCP and DNS.
2 replies →
Like others have said, the edgerouter issues have left a somewhat bad taste in the mouth, it felt like the product line was being ignored and abandoned for a long time.
And Ubiquiti seemed to get impacted more than other similar companies by supply chain problems that came following covid, but they do seem to have picked up again noticeably over the last 18-24 months, with lots of new product releases.
Ubiquiti is honestly excellent when it works. When something goes wrong, though, their support really falls flat, as I experienced just this weekend when my Dream Wall died early on a Sunday morning. I'm still working with a makeshift network waiting for a replacement.
I set up my home network with their USG (the small square one they don't even make any more) and a couple wireless access points all the way back in 2018 and all of it has been rock solid ever since. In 7 years I've never actually needed to "reboot my router" to fix any kind of weird network problems like is common with whatever consumer junk they sell at Best Buy. It all just sits there, working quietly, and I don't even think about any of it for months at a time.
all the replies not getting this is satire :) well played.
Oh I highly doubt it's satire. Some Ubiquiti folks are just like that, even in real life.
[dead]