McCann Tech

View Original

UniFi Next-Gen Gateway (UXG-Pro) Preview

Originally Posted: May 2nd, 2020
Last Edited
: March 24th, 2022


Edit: March 24th, 2022

The UXG-Pro has now been added to Ubiquiti’s general access store. My original preview from it’s announcement in 2020 is below.


UniFi Next-Gen Gateway (UXG-Pro) Preview

Ubiquiti has announced their next generation of UniFi routers, starting with the UXG-Pro. The UXG-Pro is currently in the US Early Access store for $499. Here’s what we know from their original announcement:

UXG-Pro is a new gateway device that is aimed towards delivering performant and feature-rich gateway experience. It will support all currently available UniFi gateway features and even more!

Note: The UXG-Pro will be adoptable to an external controller and will not host any controllers on it.

With UXG-Pro, we want to make sure that we deliver what you, our community, needs.
As a step towards this, we're opening a software feature request poll HERE to see what you all want the most.
Top-voted feature requests will be considered for implementation.

The front of the UXG-Pro.

A Proper USG-Pro Replacement?

From all available information, this is a proper USG-Pro replacement. The biggest difference between the UXG-Pro and the UDM-Pro is the lack of built-in UniFi controller. The UDM-Pro is a UniFi OS Console, meaning it runs other UniFi software. This comes with the downside of not being able to adopted to an external UniFi Network controller, such as a Cloud Key or cloud-hosted controller.

The UXG line will function more like the USG, and act only as a router. The UXG-Pro can be adopted to an external UniFi controller. This change removes the biggest limitation of the Dream Machine line, and should better fit into existing UniFi networks that are looking to upgrade from a USG or USG-Pro.

The back of the UXG-Pro. The port on the left is for power redundancy with UniFi SmartPower RPS.

Some existing UniFi customers were turned off by aspects of the Dream Machines, namely the built-in controller, lack of existing USG features, and no way to replicate the features made available by manual JSON configuration file editing. The UDM and UDM-Pro are good devices, but they don’t fit every network. The Dream Machine line wasn’t what a lot of people wanted, especially those with an existing self-hosted UniFi controller.

Ubiquiti mentioned the UXG-Pro is part of new product line, so it’s a fairly safe assumption there will be a smaller, non-Pro model. The base UXG should be a replacement for the USG. There is no official announcement of any other UXG models besides the UXG-Pro yet, though.

There are a lot of details we don’t have yet. From what we do know, the UXG-Pro should be a cost-effective 10 Gbps router that will cover most basic functionality. It will fit in well with existing UniFi networks. Don’t expect it to replace a Cisco ISR, or Juniper MX.

UXG-Pro Specs

Processor: Quad ARM Cortex-A57 Core at 1.7 GHz
System Memory: 2 GB DDR4
Networking Interfaces:
(2) 1/10G SFP+ WAN/LAN
(2) Gigabit RJ45 WAN/LAN
Power:
(1) RPS DC Input
(1) Smart Power 125VAC
Max 10A
Features:
(1) 1.3" Touch Display

UDM-Pro Vs. UXG-Pro

Both the UDM-Pro and UXG-Pro are routers that are meant to be used with other equipment in a rack, such as switches, with multiple access points or cameras. They are meant for more complex installations, like a medium-sized business or an enthusiast-level home network.

The UXG-Pro is a rackmount device with two 10 Gbps SFP+ ports, two gigabit Ethernet ports, support for the UniFi RPS for redundant power, and a 1.3” touch display on the front. This is the same display the UDM-Pro and 2nd Gen Switches have, which displays information on the device and the network. The UXG-Pro also supports UniFi AR.

The main difference between the UDM-Pro and the UXG-Pro are a few hardware features. The UXG-Pro lacks the built-in UniFi controller and the 3.5” hard drive bay for UniFi Protect. It also lacks support for UniFi Talk and UniFi Access, since those are part of the UniFi Controller. The UXG-Pro has most of the networking features of the UDM-Pro, including 10 Gbps SFP+ ports and multi-gigabit IDS/IPS performance.

The UXG-Pro has the same CPU as the UDM line, which should make it capable of very high throughput with IDS/IPS and other security features enabled. It also has half the RAM of the UDM-Pro, 2 GB vs 4 GB. This is disappointing, but it makes sense. The UXG-Pro doesn’t have to run any extra software like the UDM-Pro does. Some people have complained about the 2 GB of RAM in the UXG-Pro, but it should be more than enough for routing and firewall use. The base UDM gets by fine with 2 GB of RAM, and that has to run a controller. RAM utilization on the UXG-Pro is definitely something I would be interested in testing once the software is finalized.

UniFi OS and UniFi Controller Changes

The UDM and UXG run a different underlying operating system than the USG. The CPU is an easy way to tell. Older MIPS-based devices EdgeRouters and the USG run EdgeOS. ARM based devices like the UDM and UXG run UniFi OS. An ARM port of EdgeOS is unlikely. UniFi OS is a custom Linux distribution made with Buildroot Linux that mostly follows Debian standards. In their announcement, Ubiquiti said this about UniFi OS:

We are very excited to announce UniFi OS - a shared platform for all UniFi Controllers. Key features:

-Centralized user/access management
-Single sign-on to all controllers
-Single Remote connection and new Cloud portal
-Easy installation and management of different Apps (Controllers)

The first target device is UDM-Pro and it will be launched for general availability with UniFi OS pre-installed. The migration will not work for early access testers so you should export a backup from Network and/or Protect before upgrading.

So far the devices that run UniFi OS are:

The UniFi controller changes are slightly confusing, but going forward, all UniFi controllers will run UniFi OS. With it’s current beta firmware version 0.5.0, the UXG-Pro lacks the UniFi OS environment for running the UniFi Talk, Access and LED applications. Since it doesn’t run a UniFi controller, it’s not likely to add those features in the future. Those features will require a UDM-Pro or a Cloud Key.

UXG vs USG Networking Features

Many of the USG's more advanced networking features come from the fact that it's an EdgeOS device under the hood. EdgeOS was built on the open-source Vyatta router codebase. Ubiquiti originally created the UniFi line by wrapping a pretty user interface around Vyatta, and adding the UniFi controller software for configuration. With the UDM, they’re making a completely new OS, with their own code and some standard Linux packages. There are no Vyatta networking features to fall back on. Because of this, UniFi OS have more limited routing functionality, but long-requested features like multiple WAN IPs are slowly being added.

This underlying OS difference causes some other differences. The UDM and UXG lines do not support editing the config.gateway.json file. By editing the configuration file manually, you were able to access features that Ubiquiti doesn’t put in the controller GUI. It also let you access hidden settings, and tweak features to work how you want. Normally, behind the scenes, the UniFi controller edits your configuration files for you. That only works with the features that Ubiquiti officially supports. If you’ve ever had to deploy a UniFi network, you know there are a many features not in the GUI. Unfortunately there is nothing like this going forward, and you are limited to what Ubiquiti shows in the controller.

I think long term, it will be better to move away from that system. Manual configuration file changes were unsupported, poorly documented, and your changes could be removed with firmware updates. Ubiquiti has promised full feature parity (and more!), but we will see. It will take a lot of development work to get parity with the officially supported USG features.

Throughput Details

Since the UXG-Pro has the same processor and 10 Gbps ports as the UDM-Pro, we should expect similar performance. This graph shows it all.

Graph showing throughput of (bottom to top) USG, USG-Pro, UDM, and UDM-Pro.

A bunch of things about this graph are interesting. Starting from the bottom, the USG is only capable of 40 Mbps IPSec VPN and 85 Mbps IDS/IPS. This shows how weak the processor in the USG is, and that it has no specialized hardware to accelerate those tasks. The USG is capable of deep packet inspection at roughly line rate speeds, however. The USG-Pro hits 150 Mbps IPSec VPN and 250 Mbps IDS/IPS, with 930 Mbps DPI. The UDM can hit 600 Mbps IPSec and 850 Mbps IDS/IPS.

What’s really interesting to me is that the UDM-Pro, with the same CPU as the UDM, has such higher throughput. It appears the main thing holding back the UDM is the 1 Gbps port, not the CPU. I’m not sure what else could be explaining that. Either way, the performance of the UDM-Pro is impressive for it’s price point. The UXG-Pro should be as well.

UXG-Pro Deficiencies vs Marketing Hype

One potential problem with the UXG-Pro is the current state of the UDM-Pro and UniFi OS. Some features on the UDM-Pro are not working, incomplete, buggy, or just missing. Development for the Dream Machines has been steady, but after 9 months, the UXG is still on on beta firmware version 0.5.0.

Some common networking features currently missing on the UDM and UXG: dynamic routing protocols (BGP, OSPF) , policy-based routing, VLANs on the WAN port and bridge mode. Some features that are there, like OpenVPN or IPv6, lack the options and flexibility to be truly useful. The list of missing features is long. Worst of all is Ubiquiti’s record on software development and abandoning promising hardware, leaving it with rough edges. If you need a reliable and flexible routing platform, UniFi might not be it.

Ubiquiti Strategy Tax

Ubiquiti have always released hardware before the software was complete, but that's also why they can get hardware out quickly and cheaply. Many of their devices have been released with many things not finished or not working. The core functions are there, which makes them work for the majority of users. The other features (sometimes) come later.

Only time will tell how the development goes for the UXG-Pro. If you have an existing UniFi network with your own controller, this is probably going to be a better fit that the UDM or UDM-Pro. The unannounced base UXG should be a good little router, if Ubiquiti can get the software right.

Until then, I have a lot of other posts where I discuss UniFi hardware and software:

Other Ubiquiti Guides and Reviews

If you have more questions about Ubiquiti or anything in this post, leave a comment or contact me. I will do my best to point you in the right direction, or help in any way I can.

See this gallery in the original post