McCann Tech

View Original

Ubiquiti FAQ 2.0

Version 1.0: June 21st, 2020
Version 2.0: June 24th, 2021


Ubiquiti FAQ 2.0

Table of Contents

Ubiquiti UniFi Dream Machine, Switch Lite 8 PoE, U6 Lite, and U6 Long Range

Ubiquiti Product Line Overview ↩︎

  • What is UniFi?
  • What is AmpliFi?
  • What is EdgeMAX and AirMAX?
  • Can I mix them? What about other vendors?

Should I Get A… ↩︎

  • UniFi Router or EdgeRouter?
  • UniFi Switch or EdgeSwitch?
  • AmpliFi Alien or UniFi Dream Machine?

UniFi Software ↩︎

  • Network, Protect, Access, Talk, and LED
  • Hardware and Hosting Options

Typical Ubiquiti Networks ↩︎

  • Apartment or Smaller Home
  • How to Expand for a Larger Network
  • Example High-End Networks

How Do I Get Wi-Fi or My Network from A to B? ↩︎

How Many APs Do I Need? ↩︎

Why Is My Wi-Fi Slow? ↩︎

UniFi Alternatives ↩︎

Ubiquiti Product Line Overview

Ubiquiti has 3 networking product lines: UniFi, AmpliFi, and EdgeMAX/AirMAX.

  • UniFi is an ecosystem of wireless access points, routers, switches, security cameras, VoIP phones, and access control products
  • AmpliFi is mesh Wi-Fi on easy mode
  • EdgeMAX and AirMAX are Ubiquiti’s more professional line of routers, switches, and point to point radios

What is UniFi?

UniFi is an ecosystem of wireless access points, routers, switches, security cameras, VoIP phones, and access control products. UniFi exists between enterprise and cheap home networking gear. UniFi networks are modular, meaning you can pick the parts you want. They offer more flexibility and features than most consumer networking equipment. They lack the expense and licensing of enterprise-grade network devices, but also lack enterprise level support and reliability.

When you build a UniFi network, you choose which hardware you want, and how many of them. You can start with one access point, or get everything. A lot of people add UniFi wireless access points to their existing switches and routers, and that's a good way to get started. You don't need the full UniFi stack, but there are benefits to it.

The UniFi Network Controller software ties the individual parts together, giving you a web interface and mobile app to configure everything. The UniFi Network Controller is only required for configuration, UniFi networks will continue to operate without it running. You can also choose to setup UniFi access points in their limited standalone mode using the UniFi mobile app. However, some features and a lot of the benefits (monitoring, logging, statistics, etc.) of UniFi depend on the Network Controller software always running. For anything more than a standalone access point, you should plan to run the network controller software somewhere. More on UniFi software later.

What is AmpliFi?

AmpliFi is mesh Wi-Fi on easy mode. AmpliFi devices are meant to be quick and easy to setup, while giving you broad Wi-Fi coverage. AmpliFi doesn’t compete with UniFi, it competes with other easy-to-use home mesh networking systems like Eero, Netgear Orbi, TP-Link Deco, or Linksys Velop. If you want to plug it in and have it work, AmpliFi is for you.

The main AmpliFi models to know are: AmpliFi Instant, AmpliFi HD, and AmpliFi Alien. The AmpliFi Instant is as simple and cheap as it gets. They come in one or two packs. Buy as many of them as you need, then set them up with the AmpliFi app.

The AmpliFi HD and AmpliFi HD Gamers Edition offer a bit more performance and coverage. They typically come in a 3-pack, featuring one base station and 2 mesh nodes. The most recent AmpliFi Alien and AmpliFi Alien Kit offer the highest performance thanks to their high spatial stream Wi-Fi 6 radios.

The AmpliFi line also has the AmpliFi Teleport, which is an easy way to setup a VPN back to your home AmpliFi network when you are out of the house. AmpliFi devices do not use the UniFi controller, web interface, or the UniFi mobile app. AmpliFi networks have their own mobile app, and that’s the only method you have to configure or monitor them. Initial setup can be done in a web browser, but most controls are in the app.

What is EdgeMAX and AirMAX?

EdgeMAX and AirMAX are Ubiquiti’s more professional line of networking products, aimed at wireless Internet service providers (WISPs), and managed service providers (MSPs). EdgeMAX has EdgeRouters, EdgeSwitches, fiber terminals, and a wide variety of point-to-point and point-to-multi-point wireless radios. The UISP controller software is able to monitor all of these, but UISP is not a single place to configure them like the UniFi controller is.

EdgeSwitches and EdgeRouters come in a lot of different hardware configurations. Some of the EdgeSwitches are the same hardware as the first generation UniFi switches, with different firmware.

EdgeMAX offers a lot of networking features which UniFi lacks. Multiple IPs on a WAN port, DNAT/SNAT, VPN failover, RIP, OSPF, BGP, proper QoS, port security, ACLs… If those acronyms are important for your network, EdgeMAX is a probably a better fit for your routing and switching. They don't have licenses to worry about, but EdgeSwitches have more of the features offered in a typical Cisco (or other big brand) L3 campus switch.

If you need point-to-point or point-to-multi-point wireless radios, the AirMAX, AirFiber, and LTU lines offer a lot of choices. They are cost-effective equipment if you need to expand a network over a larger area, or feed an outdoor area from a central location. They also make good equipment for WISPs or people that have long-distance wireless needs. These products can bridge your existing network to another location within line of sight, even if it's kilometers away. These radios offer point to point or point to multi point connections for transport, they aren’t replacements for UniFi access points.

Beyond the hardware, EdgeMAX also has the UISP software. UISP is an optional web interface overlay, which provides some of the functionality that the UniFi controller software does. It will allow you to control the most common settings, but most configuration has to be done on the devices individual web interface, or via SSH. There’s also the new Early Access UISP routers and switches, which aims for automatic configuration, and don’t offer a typical SSH command line interface for configuration.

The split between UniFi and EdgeMAX can be a bit blurry. Willie Howe has a good video which goes into depth on the main differences between a UniFi Security Gateway and an EdgeRouter. It's a similar story on the switching side.

Can I mix the different lines? What about other vendors?

Yes, for the most part. There's nothing preventing you from using equipment from all 3 lines together, or from other vendors. Ethernet is Ethernet, TCP/IP is TCP/IP. The main downside to mixing the lines or mixing with other brands is that you will have to control them separately. There’s nothing stopping you from using UniFi APs, an EdgeRouter, and whatever managed PoE Switch you have laying around. Ubiquiti equipment will work with other vendor's equipment, but you'll have at least two different systems to control.

AmpliFi devices are mostly standalone, but there is nothing preventing you from adding an Ethernet switch, or something like that. UniFi APs can be added to any network. AirMAX point-to-point radios can be used to support any remote network, whether it’s UniFi or something else. There are a lot of possibilities, just make sure to do some research and buy the right tool for the job.


Return to Table of Contents

Should I get a…

UniFi Router or EdgeRouter?

UniFi Routers are simpler to use, and they can be a good for smaller networks with basic routing needs. For most home users, a UniFi Security Gateway or Dream Machine offers a good amount of features, as well as close integration with other UniFi devices. There are limits — no dynamic routing, up to 64 networks, and a single WAN IP, for example — but most basic features are there. If there’s a feature you need that is missing, you should look into EdgeRouters or another vendor.

EdgeRouters are better for networking enthusiasts and professional users, who need more features from their router than a USG or UDM offers. EdgeRouters allow for more manual configuration of interfaces, firewall rules, BGP/OSPF and static routing, and QoS. EdgeRouters offer a web interface and a full command line for configuration and administration. There are a variety of options for hardware, from small and cheap (EdgeRouter X) to big and fast (EdgeRouter 8 XG).

If you’re just getting into networking or want a full UniFi network, a UniFi router is usually the better choice. Depending on what you prefer, the ease of integration and setup could make up for some of the missing features. If you know your networking and bristle at the limits of the USG or UDM, look at EdgeRouters or another vendor for routing.

  • [UniFi Router Comparison: USG vs UDM vs UXG][8]

UniFi Switch or EdgeSwitch?

The story is similar on the switching side. If you’re just getting into networking or want a complete UniFi network, a managed UniFi switch is usually a good choice. Depending on what you prefer, the ease of integration and setup could make up for some of the limitations. If you know your networking or just want more flexibility, look at EdgeSwitches or another vendor.

UniFi Switches are basic layer 2 switches. There’s a lot of variety in the hardware, and some newer options with unique form factors or high speed ports. No matter which UniFi Switch you buy, you’ll use the simple web interface in the UniFi controller to monitor and configure them. There’s not much there - pick a VLAN, turn PoE on or off, etc. UniFi switches won’t blow you away with all their features, but they make the basics easy. There’s also the newer “Pro” and “Enterprise” UniFi switches with some L3 features like static routing, but that’s a topic for another day.

EdgeSwitches are better for networks that require more switching features and more control. If you’re interested in the layer 3 features of the higher end UniFi Switches, an EdgeSwitch is probably the better option. You’ll lose the single place to configure everything, but you’ll gain a lot of flexibility and more advanced networking features.

AmpliFi Alien or UniFi Dream Machine (UDM)?

The AmpliFi Alien is a good option for fast and broad Wi-Fi coverage in a house with simple networking needs. If you’re OK with being limited to a single LAN and a single guest network, or don’t know what that means and just want your Wi-Fi to work, AmpliFi is for you. The Alien is a high-end, fast, expensive Wi-Fi 6 mesh system. There are other options for mesh Wi-Fi, but if you want more networking features you might want to look at the UDM instead.

The UniFi Dream Machine is better for homes and small businesses which need multiple VLANs or subnets, more control over their networks, and more expansion options. The UDM is an all-in-one UniFi network controller, router, switch, and Wi-Fi access point. You can add onto the UDM with any UniFi hardware, and it can act as the base of a larger UniFi network. There’s also the UDM-Pro if you want a faster rackmount version of the UDM, or you want UniFi Protect support.

UniFi is the better fit for tinkerers or enthusiasts who want to setup a homelab, or play around with VLANs, guest networks, and firewall rules. The AmpliFi and UniFi smartphone apps both give you the basic controls you’ll need, but the UniFi web interface allows you to go deeper. If you’re interested in an in-depth comparison between AmpliFi and UniFi, see AmpliFi Alien vs. UniFi Dream Machine.


Return to Table of Contents

UniFi Software: Network, Protect, Access, Talk, and LED

The UniFi network controller software is built into the UniFi Dream Machine and Dream Machine Pro. It can also be self-hosted, cloud-hosted, or run on dedicated hardware called a Cloud Key. The CloudKey Gen 2 and Gen 2+ are the current models.

The Cloud Key Gen 2+ adds a 2.5” hard drive bay, and can act as a NVR for their camera system, UniFi Protect. You can also get the larger rackmount NVR or NVR-Pro for running UniFi Protect and storing your camera footage. UniFi Protect is a closed ecosystem — you need Ubiquiti cameras and Ubiquiti NVR hardware to use it.

The Cloud Key and UDM-Pro support UniFi OS, which can run the software for UniFi Protect, Talk, Access, and LED. These UniFi applications cannot run on 3rd party hardware. The UniFi Network Controller software can be downloaded for free and run anywhere, but the other UniFi applications are tied to Ubiquiti hardware.

If you're only interested in the Network Controller, you can run the software on any PC, server, VM, or container. A lot of people suggest Docker as a good option if you want to self-host. It's also a good use for a Raspberry Pi.

UniFi Software Hosting Options

  • Network
    • UDM or UDM-Pro
    • Cloud Key
    • Self-host (local server, VM, container, old PC, Raspberry Pi, etc)
    • Cloud-host (AWS, Azure, Digital Ocean, HostiFi, etc)
  • Protect
    • UDM-Pro
    • Cloud Key Gen 2+
    • NVR
    • NVR-Pro
  • Talk, Access, and LED
    • UDM-Pro
    • Cloud Key Gen 2/2+
  • Standalone APs with local-only management
  • UniFi mobile app

If you want more detail, see UniFi Ecosystem Explained.


Return to Table of Contents

Typical Ubiquiti Networks

Apartment or Smaller House

UDM: UniFi All-In-One

  • Benefits:
  • All-in-one. You get a router, switch, UniFi controller, and Wi-Fi in one package for $300 (US pricing)
  • Easy option to get started with. Good Wi-Fi speeds and easy to add on to with a BeaconHD or other UniFi APs
  • The AP in the UDM is equivalent to a nanoHD
    • Downsides:
  • No PoE out, no Protect/Access/Talk support, and no Wi-Fi 6.
  • Missing some advanced features of the USG, and doesn't support manual json config editing like the USG.
  • If you have existing UniFi gear it can be an awkward upgrade due to the all-in-one nature and the built-in UniFi Controller limitations. Dream Machines are not as modular as older UniFi networks were.

USG + Switch + AP + Controller

  • Benefits:
  • You get to pick the right sized equipment for your needs. Flexible custom configuration if you're willing to tinker.
  • The USG is based on Vyatta and EdgeOS. You can host your own controller. You can have multiple sites within one controller.
  • The USG can be replaced or swapped out for any other brand of router or firewall if you need more complex routing or firewall features.
    • Downsides:
  • The USG is old (2014!) and slow. The USG-Pro is old and slightly faster, but still can't match the performance of the UDM line, particularly with IDS/IPS or other firewall features enabled
  • The USG is the "old" way of doing things with UniFi. Ubiquiti is clearly pushing people towards Dream Machines for the “best experience”.
  • The UXG-Pro (when it’s released) should let you build this kind of modular UniFi network again, with higher routing and firewall performance.

How to Expand for a Larger Network

  • If you have a UDM, you can easily add UniFi switches or mesh APs like the BeaconHD or AC-Mesh. Additional wired access points require a PoE switch or power injector. Most single-pack APs come with an injector, but the Wi-Fi 6 models do not. If you're buying a PoE injector separately, make sure it's gigabit, and it’s the right kind for your model. All these devices will be managed by the UniFi controller built into the UDM.
  • If you have a Cloud Key or self-hosted UniFi controller, you can add on anything, just like the UDM. Keeping the controller separate allows for some more flexibility with scaling up to a larger network, or with running multiple network sites. It also allows for more options for a router or firewall. If you want to keep your Cisco switches or pfSense firewall, you’ll want to get a Cloud Key or cloud/self host your UniFi Controller.
  • Adding UniFi Protect, Access, Talk or LED requires all the necessary Ubiquiti hardware. See UniFi Software Hosting Options above.

High-End Ubiquiti Networks

There are many ways to assemble Ubiquiti and other vendors hardware to make a higher end network. Here are two examples.

Homelab Hero

  • Router/UniFi OS Console: UDM-Pro
  • Main Switch: USW-Pro-24-PoE using SFP+ uplink from UDM-Pro
  • 2nd Switch: USW-Flex using PoE Passthrough to power security cameras
  • Access Points: 2x U6-LR, 1x FlexHD for outdoor coverage
  • Cameras: Doorbell G4, G4 Bullet, and G3 Instant

WISP Tower Network

  • Router: EdgeRouter 8 XG
  • Distribution Switch: EdgeSwitch 16 XG
  • Pole-mounted outdoor switches: EdgePoint S16
  • Point to point (PtP) radio: AirFiber 5XHD
  • Point to multipoint (PtMP) radio: LTU Rocket
  • PtMP CPE: LTU Lite or LTU Long Range
  • EdgePower 150W for battery backup and DC power out
  • UISP Controller self or cloud hosted

Return to Table of Contents

How Do I Get Wi-Fi or My Network From A to B?

If running an Ethernet or fiber cable isn’t an option, point to point radios could be an answer. Typically, point to point radios require line of sight between the two locations, and they are normally mounted high up on a pole, roof, or some other high location. Most point to point radios use 5 GHz frequency band, but higher and lower bands can be used as well.

  • 900 MHz and 2.4 GHz are better when line of sight isn’t possible, but also typically have lower performance than 5 GHz equipment
  • 5 GHz is the most common, offering a good mix of range and speed. 5 GHz signals are pretty sensitive to disruptions in their path - don’t try to go through a bunch of trees or buildings.
  • 11 GHz is a licensed frequency band. The equipment is more expensive an requires permission from the FCC (or your local regulator) to use, but can be very valuable for getting a clean connection in a crowded RF environment.
  • 24 GHz and 60 GHz are unlicensed frequency bands in most areas, offering high-performance, short distance links.

For a basic point to point wireless bridge, there are many hardware options. Some of the common suspects include:

  • NanoBeam 5AC
  • LiteBeam 5AC
  • NanoStation 5AC Loco

If you need higher bandwidth, or want to maximize throughput on a shorter wireless link, some options include:

  • GigaBeam LR (60 GHz/5 GHz)
  • AirFiber 5XHD
  • AirFiber 11 (requires licensed spectrum)
  • AirFiber 24
  • AirFiber 60 LR

For point to multi point style networks:

  • LTU Rocket with LTU CPE
  • AirMAX Rocket AC with AirMAX CPE
  • IsoStation 5AC with AirMAX CPE
  • PrismStation 5AC with AirMAX CPE
  • AirMax LiteAP AC with AirMAX CPE

On the sending and receiving side, you'll need to run outdoor Ethernet to the equipment, and figure out a way to power them and ground the equipment. Typically this is using an Ethernet power injector or PoE Switch. Most of the AirMAX radios require passive 24V PoE, so read up on that as well. After the equipment is installed and configured, the radios will act as essentially a wireless cable, bridging the network at one side to the other.


Return to Table of Contents

How Many APs Do I Need?

It depends. Very generally, a normal omnidirectional AP can be expected to cover 2 rooms and/or 30 feet (9 meters) away. Beyond that distance or with more obstructions, 5 GHz signals might not work well, but 2.4 GHz may reach. This is a very general rule. Different wall materials, different equipment, surrounding interference, and a lot of other factors come into play. If you don’t have walls in the way or have the right kind of antenna, APs can reach much further than that.

For a normal apartment, one AP is usually enough. Usually the biggest issue in an apartment is interference and the number of Wi-Fi networks around you. Using smaller channel widths or lower transmit power is usually the better option than adding a 2nd AP nearby.

For medium to large homes, one AP per floor is usually a safe starting place. Keep the 30 feet/9 meter/2 walls guideline in mind. Homes with a spread out layout or more square footage may benefit from a 2nd AP per floor, but the answer depends to the RF environment, wall material, AP model, antenna type, and many other factors.

Ethernet runs to as many APs as possible make a big difference as well. If you’re planning a larger multi-AP network, having Ethernet run to your access point locations is a very important thing to consider. Multi-AP networks can work without Internet, but you’ll see a big performance and coverage hit using only wireless backhaul.


Return to Table of Contents

Why Is My Wi-Fi Slow?

If your UniFi Wi-Fi performance is lower than expected, the first thing to look at is the settings on your access points. Updated firmware, transmit power, channel width and selection, and band steering are some common things to check.

Wider channels deliver higher speeds, but also require more free spectrum and less interference to work well. For 2.4 GHz, 20 MHz channels should be used in the vast majority of networks. 40 MHz channels take up too much room in the crowded 2.4 GHz band. For 5 GHz, 40 or 80 MHz channels are usually the best balance of speed, range, and available spectrum. 160 MHz channels are available on some UniFi APs, but there isn’t enough room in the 5 GHz band to use them reliably

Transmit power is another “it depends” thing, but it’s usually a good idea to keep your 2.4 GHz radio at a lower power than your 5 GHz radio. This encourages good roaming behavior in a multi-AP network. Band steering is another option for this, but it can cause issues with some older Wi-Fi devices.

Manually selecting channels can sometimes improve things as well. The UniFi controller has a built-in RF scanning feature which can be used to find the least used channel. Allowing on auto channel selection and the Wi-Fi AI or other automatic settings usually is fine, but some people have had issues with those automatic settings and recommend turning them off when troubleshooting.

It also helps to have a realistic expectation of how fast your Wi-Fi should be. For more details on that, see Understanding Wi-Fi Speed and How 6 GHz Compares


Return to Table of Contents

Ubiquiti and UniFi Alternatives

Unfortunately there’s nothing else out there exactly like Ubiquiti or UniFi but better. There are several other options that are close though, with their own advantages and disadvantages. The right alternative depends on what you want an alternative for, and what you’re trying to accomplish.

  • Ecosystem of routers, switches, access points and hardware or cloud controllers
    • TP-Link Omada
    • Engenius
    • Peplink
  • Cloud managed access points and switches
    • Aruba Instant On
    • Cisco Meraki
  • AmpliFi Alternatives for easy mesh networking
    • Eero
    • TP-Link Deco
    • Asus Zen WiFi
    • Netgear Orbi or Nighthawk
    • Linksys Velop
  • Firewall Alternatives
    • OPNsense/pfSense
    • Fortinet
    • Sophos
    • Sonicwall
    • IPFire
    • Untangle
  • UniFi Protect Alternatives
    • Synology Surveillance Station
    • BlueIris
    • MotionEye
    • Axis
  • EdgeRouter/EdgeSwitch Alternatives
    • MikroTik
    • Cisco
    • HP
    • Dell
  • Outdoor Wi-Fi Alternatives
    • Ruckus
    • Mikrotik
    • TP-Link Omada
    • Engenius
    • Aruba Instant On
    • Cisco Meraki
  • Outdoor PtP or PtMP Radio Alternatives
    • Mimosa
    • Cambium
    • Mikrotik
    • Siklu
    • Engenius
    • Ignitenet
  • Outdoor Switches or Routers Alternatives
    • Mikrotik
    • Ignitenet
    • Tycon Power

Return to Table of Contents