Straying into Ubiquiti territory for a home network experiment, part 1

As many of you know, I run my home, lab, and store networks primarily on Meraki gear. Employee discounts and internal system engineer promos make it a reasonably priced platform for me, but I can understand why non-Cisco employees might not build out a substantial home network on their own dime with Meraki.

Having cut directly over from the Linksys WRT1900AC as a router to a mix of MX security appliances, MS switches, and MR access points, I didn’t really take the time to evaluate other options. However, with many friends getting into Ubiquiti, I figured it was worth trying that platform out, especially when some of the devices went on sale at a local computer store.

In this post I’ll talk about the initial deployment and the gear I’ve purchased. I do have a few items from Ubiquiti that I won’t be using for this environment (like the EdgeRouters and a couple of relatively ancient 24v POE access points).

Spoiler: I’m still a big Meraki fan, and if I were deploying in a business environment where I didn’t want to tweak much or where I wanted enterprise-grade features, I’d still lean toward that platform. However, for a home network, home office, or early stage  startup, the Ubiquiti option is definitely worth a look.

Initial Bill of Materials

ubnt-cloudkey-aa-1.jpg

UC-CK Cloud Key, with two AA batteries for scale

Note that Amazon offers some combos with multiple elements, like this $349 combo with Cloud Key, Switch, and Security Gateway. You may be able to get quicker shipping and/or save a buck or two that way, but look around at the combos to see what makes the most sense. If you decide to buy multiples, there may be discounted packs of devices (like this 5-pack of AP-AC-PRO which saves you about $15 per device).

You’ll also find the items on Newegg, including Newegg on eBay, Central Computers (if you’re in the SF Bay Area), and direct from Ubiquiti. If you use the Amazon or eBay links above, we get a few bucks that will go back into gear to review here and on rsts11travel.

Why did I choose this particular gear?

ubnt cloudkey

UniFi Cloud Key

Like Meraki, Ubiquiti uses the concept of a “cloud controller.” Unlike Meraki, you can place the controller on your own private cloud, or purchase a “Cloud Key” to run on your own network for management. There is still a “public” website to view and manage the network, but you can access the local controller via ssh, https, or a mobile app.

Since I don’t currently have a full-time system running that would host the controller, I chose to buy the older Cloud Key. They have newer versions, with more powerful controller hardware, battery  backup, and more features, but since this is meant to be a basic deployment on a budget (and I wanted to pick up the cloud key locally), I went with the first gen device. This device is about the size of four AA  batteries; can be powered by PoE or a USB cable; and of course still requires a LAN connection even if powered by USB.

ubnt accesspoint

UniFi AC Pro

For wireless access, there are over a dozen different AP models, compared and contrasted on the Ubiquiti knowledgebase. The three devices in the “wave 1” family (UniFi AC) include the Lite, the LR (long range), and the Pro. My decision on the Pro was based primarily on “ooh, it’s on sale” but I’m pretty comfortable with the features including extended 5GHz radio rate of 1300 Mbps, and the dual Ethernet ports for redundancy.

ubnt switch

UniFi Switch 8 60W

The switch is meant to let me offload both the AP and the Cloud Key from their current home on my Meraki MS42P switch, so that I can put them behind the security gateway for more thorough testing. The AP uses 9 watts and the Cloud Key uses 5 watts, so the 60 watt PoE switch should be enough for the near term.  There is a 150 watt version (US-8-150W, for about $190) with two additional SFP modules, if you do need more power. And interestingly, the switch is the only piece in the bill of materials that has a metal shell as opposed to plastic.

ubnt security gateway

Unifi Security Gateway 3-port

Finally, with the USG security gateway, I get additional visibility into the Internet connection itself and my use thereof. Without the USG in the data path, I can see per-device information within my network, and status of the APs and switches, but I don’t have the visibility at a network level.

Starting the deployment

I bought the access point first, and went back a day or two later for the cloud key once I decided not to run the controller on my own hardware. So the CK went up first, plugged in via the tiny Ethernet cable to a port on my Meraki PoE switch.

When I logged in, of course, it was behind a few versions on the firmware. I had issues with firmware updates and “adopting” the device into my Ubiquiti cloud portal. The adoption failed claiming the device was unreachable, and the firmware upgrade didn’t seem to start, much less complete.

So I ended up doing some minor workarounds using some steps from a community post here for the firmware update. I wish I could remember the fix for the adoption, although I suspect I’ll figure it out again on a future device and can report back then.

Once the Cloud Key was recognized, updated, and working properly, I adopted the Access Point and updated it. I configured a wireless network and went downstairs from the home office to connect my iPad to the new network and test it out.

Not surprisingly, the network was as fast and efficient as it was through the MR34 at the same distance. I did learn from the Ubiquiti interface that there were at least 50 networks detected by the AP-AC-PRO, which was slightly surprising. Despite that, I’m seeing about 20% utilization on 2.4GHz and 3% utilization on 5GHz and noticeable but not overwhelming “interference” registering primarily on 2.4GHz.

I also realized that the extra MR34 downstairs, connected through an MS220-8P switch that was uplinked through Powerline networking, was definitely throttling my connectivity when I associated with it. Unplugging the AP forced my iPad to connect to the upstairs MR34, and I didn’t have any issues even at the distance. So for now, the Powerline network is driving two tiny Verium miners and my two printers, as well as an Intel NUC in the living room.

What comes next?

After reorganizing a bit of the home office, I’ll be turning up the USG security gateway and the 8-port switch very soon. At that point I’m likely to put all four pieces behind my secondary Internet connection (to enable the home network SLA to be maintained), and run some traffic through it.

I’m also giving serious thought to powering the USG through a PoE splitter like the Wifi Texas one ($18 on Amazon) so that all four devices can be powered from a single wall outlet (for the switch).

Check in soon for the second part of this journey, and feel free to share any suggestions, comments, references, designs, etc in the comments below.

 

 

Advertisements

Test-driving third party optics from StarTech in the RSTS11 labs

Disclosures at the end, as usual.

This fall John Obeto asked if I’d be willing to try out some third party optical modules in some of the varied and random switches I have around the rsts11 home lab. Always willing to help a friend and try some new gadgets, I accepted the challenge. Today I’ll give you an idea of why you might consider third party optics for your switching, why you might not, and how the compatible modules from StarTech.com impressed me.

2018-12-01 14.02.27WHAT ARE OPTICAL MODULES?

First, a word on optical modules. For decades, switch manufacturers have made two kinds of ports on their switches, a fixed port and a modular port. Fixed ports were long popular on line cards, where you wanted to get 24-48 (or more) optical ports for fiber cabling into a small amount of space, and you knew your customer was not going to change their optical requirements on the fly.

Modular (or “pluggable”) ports, however, made it possible to sell switches at a lower initial cost and allow the uplinks to be populated later. It also enabled customers to use different connection lengths and media with the commensurate power considerations.

In Gigabit Ethernet (and 1/2/4 gigabit Fibre Channel), the standard has been the Small Formfactor Pluggable, or SFP, module. About the size of a AA battery or a small USB flash drive, it connects to a small blade port inside the switch, and “translates” the connection to short (SR), long, (LR), or extended/extreme (XR) range optics, or even to 1000Base-T copper.

For 10 Gigabit Ethernet (and 8/16 gigabit Fibre Channel), the standard is an extension of the same module called SFP+. Many installations within a rack or in adjacent racks will use copper SFP+ cabling (with no fiber involved), sometimes called Direct Attach Copper or DAC cabling. Continue reading

Internet on the Road, part 2 – how to optimize your travel connectivity

rsts11 note: This is the second of a two-part series featuring mobile internet routers. The first part is posted over on rsts11travel.com, as it is a bit milder technology. The second part appears on #rsts11 since it’s a bit more POHO than random travel, and will be cross-promoted on the travel side. 

When you travel, you probably have a number of devices that demand connectivity.

Many venues limit your allowed devices, and maybe you don’t want your devices out on the open network. Additionally, you may want to use streaming devices or shared storage in your room, and that may not work with typical public network setups. Last time we looked at some battery powered routers with charging functions and other network features.

Today on rsts11 we’ll look at some choices for sharing a wired connection as well as a cellular modem. We’ll briefly revisit the Hootoo and Ravpower routers from part 1, and then dive into Meraki, Peplink, and Cradlepoint devices for the higher-power user.  Continue reading