Comment by baby_souffle
2 days ago
> Lotta haters out there but this is just advanced as I want to get in my home lab
IN all fairness, that hate is reasonable. Ubiquity has _some_ things done super well. As long as your needs are addressed by the config/options/UX/API that they expose, you'll have a pretty good experience. As soon as you need to do something that isn't easy, you're going to be fighting your core network infra the entire time and that's a miserable place to be.
Stick to unifi for switches and *basic* routing. Use their LED lighting / Cameras / Access Control and other side-projects at your discretion.
The thing about the UniFi platform is it iteratively improves. Years ago you couldn’t manage NAT rules or DNS from the GUI, though there were workarounds to modify iptables at the command line and preserve customization across upgrades.
Now days, static routes, SNAT/DNAT, and DNS are all in the management interface. So.. things improve, and every time I’m back using EdgeRouters, Extreme, or Juniper elements I miss the low friction of managing UniFi stacks.
Agreed that if you need VRFs for example, DC power, and are working through similar complexity requirements, Ubiquiti is the wrong stack. I’d say Ubiquiti is not heavy weight, but it seems to address 90% of SMB setups.
> The thing about the UniFi platform is it iteratively improves.
That's a very charitable and positive spin on "was expensive the day you bought it and got all the functionality you expected years later".
I'm fine with things getting better over time. I am a lot less understanding when you ship a device in 2024 and it still has trash IPv6 support but don't worry because "we'll fix it via an update coming soon!"
That is something that should have been there from day 1.
I've always said that Unifi handles well enough the 10% of networking configuration that 90% of users need. If you're in that other 10% of admins who need something more complex then it's not the right pick, but in a great many cases it's strongly planted in "good enough" territory.
This is 100a% wrong from my perspective. I host multiple sites using UniFi, old Router/SwitchOS as well as AirOS/UISP. I have many VLANs under management spanning these different variations of "old" and "new" implementations and none of them are "a miserable place to be". Maybe if one doesn't actually understand networking nomenclature or interop, sure. I happen to have a pretty deep networking background - but Ubiquiti products have actually made it easier in many cases to do some of the more advanced things in other routing platforms.
While I don't like many of the shady things Ubiquiti did with respect to OSS and for a while I did try to move away from them. However what I found was the prosumer market riddled with less polished alternatives. Microtik does offer some interesting hardware for edge cases that UniFi doesn't cover, but when it comes to a unified system Ubiquiti have done an amazing job.
The pricing has gotten a bit outrageous. For example: trying to find a reasonably priced high wattage PoE switch in UniFi's line is no longer an easy task. It's tradeoffs all the way down. I have an original (SwitchOS) 48 port GbE & 4 SFP+, full L3 with a >250W budget and replacing it will be rather pricey or I'll have to make concessions.
But overall... There's no better prosumer option - good, bad or otherwise. They haven't enshittified the product with subscriptions / software upgrades and my guess is they're making this move back to self hosted options to actually save themselves money. A win on both sides.
Like the other commenter said, VLANs are table stakes.
Try making a multi-homed IPv6 network with Ubiquiti gear. Easy (I might even say trivial) to do with an OpenBSD router and PF, but impossible with Ubiquiti because of how they broke the DHCPv6 client so that it can't accept leases from multiple interfaces and assign them to `radvd` for SLAAC.
You want to do anything other than the most basic task of advertising a single prefix from your ISP? Like advertise the same ULA on multiple VLANs for local services? Well, fuck you for wanting to do that. (Even EdgeOS could do that.)
All of your modern (anything from the last 10 years) phones, computers and tablets already know how to handle multiple IPv6 SLAAC addresses from different subnets and route packets appropriately. All you need is a not-braindamaged router.
The firewall in Unifi is a huge regression compared to EdgeOS, and completely brain damaged compared to PF.
Oh, and the MDNS reflector... why is it so bad?
Ok, I think I need to stop now.
Vlans are table stakes.
Unifi still doesn't have great IPv6 support in 2025 and that's insane for anything that's trying to position itself even remotely near professional grade gear.
It appears to have changed recently but at least around the beginning of covid, you still had to SSH into their gateway/router thing and manually edit a JSON file to configure even basic S/DNAT rules. When the whole selling point of the gear is SPOG MGMT web ui, it's fair to consider "SSH in and edit files" as fighting your gear.
The number of times that I have had accurate, timely, correct, competent support experiences is zero.
The number of times I've been gaslit, lied to, misled or otherwise asked to repeat the same basic diagnostics and troubleshooting that I had already done in the opening ticket message... Is high. Something I would expect from D-Link or any other cheap gear. Not at all acceptable at ubiquity prices.
Speaking of garbage quality support, dead links!
case in point: https://help.ubnt.com/hc/en-us/articles/215458888-UniFi-How-...
That used to be my reference or how to access the config file I needed to edit for basic Nat. Now who knows where that information is. Maybe the way back machine?
I haven't looked inside any of the latest gen 7 access points but I remember not being impressed with there overpriced gen 6 access point using last generation chip from Qualcomm... Which is unacceptable at their prices.
I stand by my point: if you buy their older switching gear, you can get a really good deal. Don't use them for routing unless your needs are relatively straightforward
> There's no better prosumer option - good, bad or otherwise
Mikrotik maybe?
I run both ubiquiti and mikrotik stuff. The mikrotik definitely has... a learning curve, but you can do some stuff with it that's pretty difficult with ubiquiti.
I think the Mikrotik learning curve is very fair for the level of complexity of what you're trying to do with it. It's like 1:1 time to configure:how weird the thing you're trying to do is.
> There's no better prosumer option - good, bad or otherwise
That’s why I just had to buy new Ubiquity gear two weeks ago after an update bricked an older ubiquity switch and router (purchased in 2019). Spent a ton of time on the console but both were stuck in some sort of boot loops and were not salvageable.
Ended up buying replacements from ubiquity, but I feel pretty dumb buying new stuff from the company that just screwed my weekend and wallet. I could also swear that I had auto updates off for firmware but maybe that part was on me.
There are a bunch of new offerings in the wireless access point but as soon as you need more than 8 or 12 switch ports, it's basically down to microtik and UniFi unless you have enterprise budgets.
1 reply →
After owning a few EdgeRouter X models I can safely say that the whole lineup a was half baked proof of concept at best. Ubiquiti used two different chipsets in the EdgeRouter lineup, both had data corruption issues with hardware acceleration that Ubiquiti couldn't fix… because they simply cobbled together some open source projects and called it a product. One ran so hot that they'd reliably cook themselves. Because EdgeOS was Vyatta based, it used an end-of-lifed version of Debian (maybe this was eventually remedied?). The PoE models provide non-standard passive PoE, if memory serves the initial batch had PoE enabled by default on some ports = fries unsuspecting devices.
They're cheap and nasty, but they mostly worked.
Have to agree. I've tried multiple times to replace my. edison FiOS router with different Edgerouters and none of them have been able to compare to the Gigabit speeds I get with the Verizon router. I'm not even using wifi, just want a simple router with a firewall and port forwarding that can compare to my $12/mo one from Verizon. I troubleshooted each for a eeek tweaking hardware acceleration and other knobs, but they couldn't keep up. I think people don't compare and test and just assume it's just as good, but it isn't.