Talk to me about Unifi

Hi all

I want to eventually switch over all my network gear to Unifi, main reason being the tight integration and ease of use. I’m no networking expert and like the fact that you can pretty much make a Unifi setup as simple or as complicated as you like.

Main house plus flat plus big garage / workshop which I might convert in to another flat in future, so 3 buildings which I want to wire, plus wireless coverage in each of them eventually.

Distances between the 3 buildings is around 15 to 20m and I thought to run trunked fibre between the buildings.
For now Unifi PoE switches with SFP is just too expensive in my opinion, so I thought to start out with these Scoop switches, one for each building connected with fibre. Scoop 8 Port Gigabit Ethernet AI PoE Switch with 2 SFP Uplink | Scoop

Now getting to the Unifi part, I think I understand all the bits and pieces.
It looks like the UDM Pro will suit my needs. Even though I don’t see myself easily getting Unifi Protect cameras in future, the normal UDM seams to be a bit light weight, but I could be wrong of course.
Obviously the UDM Pro SE is nice, but at a price more than what a UDM Pro plus 8 port PoE switch will cost me.

In the main house I need some network ports in my study, so will probably put the UDM Pro there, then also wireless for which I’ll put a AP somewhere central to all the bedrooms.
On the other side of the house, a second and third AP should be able to cover the kitchen, living / TV room and outside braai area.
I think things will work out that the Scoop PoE switch will also end up being placed in the TV room, so then it is also sorted in terms of network ports for the TV, media server etc.

In the flat the 8 port PoE switch with one AP will be enough, same for the garage should I ever convert that in to a flat.

Laptops, tablets, phones, TV’s, media server, desktop PC or 2 and a few IOT devices which will probably grow in to quite a few more as time goes on.

Any comments, advice, am I on the right track?

You don’t seem to have listed any of the things that give Unifi an advantage over everything else…

Unifi becomes invaluable if you buy into (almost) everything, a bit like Apple. Think 4+ APs of different types over different parts of the house & flats, garden, etc. Multiple wireless networks, different VLANs separating different types of equipment, and so on. Unifi Protect is also a very good camera system (but the cameras themselves are a bit expensive).

The UDM Pro is also overkill if you don’t use Protect or plan to add a lot of kit. It’ll basically sit there, doing nothing but spin its fan, which the normal UDM doesn’t have AFAIK. The Pro model does have dual WAN ports if you have multiple internet links.

If you don’t go all-in you’re vastly overpaying, since you lose out on the main “single pane of glass” manageability of it all.

In that case I would recommend a Mikrotik router, since its more configurable than Unifi, coupled with whatever POE switches are actually in stock.

Lastly, its has been hell trying to get reasonably priced stock of things. As soon as you add another brand you lose the core feature, and in the case of Protect, other cameras don’t work at all.

Now, with that out of the way… Unifi is amazing

Your instinct about fibre is pretty good I think, pricing has come down quite a bit. Just bear in mind the difference between Single Mode and Multimode fiber and SFP modules, as well as APC (green) vs UPC connectors. 99% of the time your SFP module has UPC LC connectors and require matching cables. Scoop doesn’t actually have a wide selection once you start filtering some stuff out.

Here’s my current project about 2 days in:

WhatsApp Image 2022-07-05 at 4.03.18 PM899×1599 180 KB

UDM Pro in the middle with an older 16-port gigabit POE switch on top and 2x new 16-port gigabit (8 POE) switches lower down, connected with single mode BiDi fiber modules. These arrived yesterday and will go into other parts of the property.

This will power 2x AC Lite APs, 2x NanoHD APs, 14x Protect cameras, 4x IP phones, 5x intercoms, spread out over the property.

And a single pane of glass control.

So if I understand you correctly, if I have say a UDM Pro with Unifi Ap’s, but there’s a different brand switch in between, then the AP’s will simply act as dumb AP’s and not as Unifi AP’s?

No, they will still work as intended and show up, but the controller will not be unable to figure out how they’re connected, so if you do anything smart (like VLANs), it won’t work properly until you’ve also configured the switch in between.

Those Scoop switches don’t support configurable VLANs, they have a “VLAN lite” mode which does something similar, but doesn’t work like normal VLANs. Mikrotik does support VLANs properly in both their routers and switches, as well as D-Link (certain models) and most others. The Tenda & Reyee ones depend heavily on the model.

Ok thanks, so you’re saying it must be everything Unifi or nothing, I thought using different brand switches will be fine till being able to maybe upgrade to Unifi switches later.

Yeah… While not actually true, since other switches and APs do work, you’re losing out on the main selling point.

If I were to redo this today with my own money I’d go Mikrotik for the core stuff and add the cheapest POE that will work. Wifi I’m not 100% sure of, maybe some of those Deco mesh units with wired uplinks. Cameras I’m also not sure… Most camera network recorders are terrible.

You shouldn’t really spend much ongoing time in the controller anyways, so logging into each device one-by-one to configure isn’t so bad long-term. Initial setup is brutal.

If someone else is paying, Unifi all the way!

On 2nd thought, if you’re primarily thinking of Unifi because of the wifi APs, which are excellent, it might be fine to skimp on the connecting switch or switches and upgrade over time.

You also don’t need to use a POE switch in that case, since the APs ship with POE injectors (depending on the model) and you can just plug straight into a UDM or UDM Pro.

That’s what I would do if I really wanted the APs, since it gives you the controller flexibility at the cost of some physical cable faffing. Which is probably fine.

Some food for thought: If you come from some other vendor to UDM Pro, or even the small USG (slightly modded), then you’ll lose the dhcp-relay function. Not a train smash but if you are like me and have a backup ISP account with a second provider then you can’t fire that up from inside the network directly to the outside anymore.

Another thing I miss from my USG is the ‘sortoff’ manual DNS that you could maintain on my PC running the Management software, the UDM Pro only does DNS for IP’s it assigns from it’s internal DHCP server, no external DHCP server/DNS integration - bit of a bummer. But the Management software on the PC is Java based and after a long while it eats up 99% CPU which I didn’t like. Maybe a linux VM would have been better.

One more thing is that with Unifi you can’t use the UDM as a NTP server. It would have been nice to have that feature but other vendors usually offer NTP bundled inside a single box router solution.

One last thing I just thought of, the WAN Backup feature on the UDM only works with a RJ45 SFP, no using a cheap spare RJ45 port on the UDM, it’s Copper SFP or nothing. I used to have that on my USG with a LTE modem as my backup when my primary Internet goes down.

All small things that annoy me a bit but the single point of management works ok('ish) so I am mostly not too grumpy.

There’s this new thing too: Ubiquiti UniFi Dream Router Dual Band WiFi 6 4x4 MU-MIMO Router | UDR | Scoop

Wifi 6, 2x POE, enough CPU power for Network & Protect, up to 500Mbps WAN recommended.