Modems and Ubiquiti

[Deuteronomy93]

Hi All

 

I'm a relative beginner with networking but am in the process of learning so that when we move into our new house, I can begin getting it set up for smarthome integration, a server, and ethernet (with PoE) via a small server cabinet.

 

I've planned out most of the things we'll need but one thing I'm not actually wholly sure about is the modem.

 

My plan is to change where the fiber from the cabinet ends, from likely just inside the ground floor door, to the basement which will be pretty much straight down from the original position, maybe also through 1 wall. Here I would have my office and ideally a server cabinet with some sound insulation+ducting to keep it cool.

 

The fiber will need to go into a modem of some description and from watching other Youtube channels, it seems like they all use their ISP's modem and then plug that into the switch.

 

Is there a Ubiquiti switch which can remove the need for an ISP's modem or an alternative which would work?

 

I would like to go with a relatively clean setup with as few links in the chain just to make things easier. I know a lot of people (ourselves included) have ditched their ISP's router but do people not do the same with their modem?

 

In case people are interested, I made the attached (unfinished) flowchart of how I roughly plan to arrange the whole house's networking. This is all subject to change and availability etc but should be a good demonstration.

 

Thanks in advance for any feedback!

[Oshino Shinobu]

You wouldn't plug directly from the modem into a switch, you'd go from the modem to a router (which could be a modem/router combo), then to a switch. 

 

Ubiquiti do not make modems. Depending on your ISP, you may be required to use their equipment or you can switch to a different one if they allow. I personally use an Openreach Huawei HG612 modem which then goes to my USG. The modem really doesn't do much, it just converts the signal so it's not really a concern as there's basically nothing to consider. 

 

If your ISP requires you use their equipment and it's a modem/router combo, it's a good idea to look into whether they have an option to put it in modem only mode, which disables all routing functions and allows you to connect your own router, which Ubiquiti do make. For example, Virgin Media here in the UK require you to use their coax modem/router unit but have a specific mode to switch it to modem only mode so you can use your own routing equipment. 

 

The reason people tend not to switch out dedicated modem devices is because there's really nothing to configure on them, they're pretty dumb devices that basically only do one thing.

 

EDIT: Also, looking at your diagram, I wouldn't advise using anything labelled as Cat7. It's not a TIA recognised standard and the specifications of it that are recognised by some bodies require to use of TERA or GG45 connectors rather than RJ45, so pretty much everything labelled as Cat7 in the consumer market doesn't meet the requirements of the specification. Stick with Cat 6a which is a recognised TIA standard that uses the normal RJ45/8P8C connectors. 

 

EDIT2: Something you may want to consider is a UDM Pro. It hosts all UniFi applications (ie. controller and protect), acts as a router/gateway and NVR, as well as providing 8 Gigabit ports and a 10G SFP+ uplink if you wanted to hook the server into it. Keeps things simple. Only thing to note is that it doesn't have any PoE ports, so you'd need a separate switch or use injectors for that. The main drawback to it IMO is that it only has a single HDD bay, so there's no redundancy for the NVR if the drive dies. That rules it out for business use for me (though protect isn't suitable for business use anyway), but for a home setup I'd consider it a good package. 

[Deuteronomy93]

19 minutes ago, Oshino Shinobu said:

You wouldn't plug directly from the modem into a switch, you'd go from the modem to a router (which could be a modem/router combo), then to a switch. 

Ah cool, thanks for confirming.

 

I wondered if this might be the case due to nobody really doing it, routers really have a bad rep but if the modem is just converting the signal then I suppose that makes sense.

 

I do have a some questions based on what you mentioned.

1. If modems are typically fine, what made you go with your one, or was that the one provided by your ISP?
2. Why do you go from modem>router>switch?
   1. This is my ignorance speaking. I know that routers and access points are different but can I not go with modem into a PoE switch into access point?
   2. Is it that the router is the thing that hands out the IP addresses and therefore needs to be earlier in the chain? Also looks like Ubiquiti doesn't offer combined (for example) 48 port switches with a router in the same unit.

PS I have to say that one of the things I miss least about the UK is the internet. I haven't lived back home for almost 5 years now but having gigabit in Barcelona and now Beijing is amazing by comparison. Are BT/Virgin starting to catch up much?

 

[Oshino Shinobu]

16 minutes ago, Deuteronomy93 said:

Ah cool, thanks for confirming.

 

I wondered if this might be the case due to nobody really doing it, routers really have a bad rep but if the modem is just converting the signal then I suppose that makes sense.

 

I do have a some questions based on what you mentioned.

1. If modems are typically fine, what made you go with your one, or was that the one provided by your ISP?
2. Why do you go from modem>router>switch?
   1. This is my ignorance speaking. I know that routers and access points are different but can I not go with modem into a PoE switch into access point?

PS I have to say that one of the things I miss least about the UK is the internet. I haven't lived back home for almost 5 years now but having gigabit in Barcelona and now Beijing is amazing by comparison. Are BT/Virgin starting to catch up much?

 

1. In the UK we don't really have many modem options available. My ISP provided a modem/router combo unit but you can't switch it to modem only. I went through a few modems, including an expensive Draytek Vigor model and one from Netgear but the Draytek was having issues (though maybe related to other network issues at the time) and the Netgear one never worked. The one I have now is cheap as they're provided by some ISPs that have separate modem and router units and it's been working without issue for a few years now so no reason to change it now. 

 

2. A modem simply sends the signal from the cable coming in to the property in a different format. You can technically plug a switch into the modem directly, however on essentially every consumer internet connection, this would result in only a single device having internet connectivity as it would grab the available IP from the ISP (which you'll only have one of on a consumer connection) and then nothing else will be able to access the internet, or devices will be fighting over use of the IP. 

 

A function built into most routers (not exclusively a router function, but consumer routers are really a mish mash of devices rather than pure routers) is NAT (network address translation). The short of NAT is that it allows multiple devices on a local network to share a single public IP address by using ports and headers to keep track of which local device sent a packet, wrap it up and send it off with its public IP address, then unpack it when it gets back and send it off to the local device. There are reserved address spaces for local networks which are 10.x.x.x, 172.16.x.x and 192.168.x.x. The most common for home use is 192.168.x.x. None of the addresses in these spaces can be assigned as a publicly routable IP address. 

 

Switches (generally) do not provide this function. As well as being unable to route packets, which is a required function for packets getting to and from the right places, though sometimes it can still work if the gateway from your ISP allows for it to be used as a router as well. 

 

In regards to access points and routers, they're different devices entirely. As I said before, what we call routers now days are really a bunch of devices packed into one, which often includes an access point for providing WiFi on consumer models. The majority of Ubiquiti's routers/gateways do not have an access point built in, so do not provide WiFi. 

 

Gigabit is slowly rolling out, but coverage is not great. BT and Openreach split, so BT's not really building the network itself anymore, they're mostly just an IP, while Openreach is rolling out fibre. Virgin Media is rolling out their own coax networks but from what I've seen it doesn't go much above around 300Mbps in most cases. I'm moving to a big city soon and even there I won't have fibre yet, though the rollout is happening, albeit slowly. 

 

EDIT: My modem is VDSL. For fibre modems (which are technically media converters, not modems), I think most of them will support gigabit so wouldn't worry too much about brand/model. Though can't say for sure or give much insight on the different types as I have no personal experience with fibre links from an ISP. 

[Falcon1986]

@Deuteronomy93

 

Let's clarify something: most 'modems' sold today are not just modems. They're called internet gateways because they not just interface between your LAN and the ISP network, but they can also manage your LAN. So these gateways have a modem, router, switch and sometimes even an AP combined into one. 

 

Standalone modems typically still exist for people using cable/coaxial connections from their ISP. These modems can usually be swapped out for your own if the ISP allows it. However, this tends to not generally be the case if your ISP is providing you with a fiber connection as fiber ONTs are not typically sold at regular consumer stores. In some instances, fiber ISPs might terminate their connection in a media converter to which you can attach your own router via ethernet.

[Deuteronomy93]

Hi Both

 

Thanks for your feedback on this, I realised whilst currently watching a pfSense video that the router will be the one to allocate the IP addresses and you're confirming this too!

 

I'll have to have a look at what options we have here with my wife as she'll be the one to discuss with our ISP.

 

I had a look on a site and can see how the recommend the Unifi setup with a £78 router being the first step after the modem so it looks like I have my answers now, thanks again!

 

[Deuteronomy93]

37 minutes ago, Oshino Shinobu said:

EDIT: Also, looking at your diagram, I wouldn't advise using anything labelled as Cat7. It's not a TIA recognised standard and the specifications of it that are recognised by some bodies require to use of TERA or GG45 connectors rather than RJ45, so pretty much everything labelled as Cat7 in the consumer market doesn't meet the requirements of the specification. Stick with Cat 6a which is a recognised TIA standard that uses the normal RJ45/8P8C connectors. 

 

EDIT2: Something you may want to consider is a UDM Pro. It hosts all UniFi applications (ie. controller and protect), acts as a router/gateway and NVR, as well as providing 8 Gigabit ports and a 10G SFP+ uplink if you wanted to hook the server into it. Keeps things simple. Only thing to note is that it doesn't have any PoE ports, so you'd need a separate switch or use injectors for that. The main drawback to it IMO is that it only has a single HDD bay, so there's no redundancy for the NVR if the drive dies. That rules it out for business use for me (though protect isn't suitable for business use anyway), but for a home setup I'd consider it a good package. 

Just seen the edits, thanks for the feedback on this too.

 

Sounds like Cat6a is best for the moment then. We'll be ideally moving sometime in January so doubt things in this space will change. I was thinking about calculating the amount I would need then buying a spool of the amount +20% extra or so. I had read that CAT7 had additional shielding (and the houses in Beijing have had horrible noise making it worse) which was why i was considering it but maybe we can just take some extra precautions with shielding when getting it all done.

 

Regarding the UDM Pro, I'd been having a look at this briefly before but wanted to improve my knowledge of things before coming back to it.

 

Just to confirm, I would go? Modem>Router (such as USG)>UDM Pro>PoE Switch or injectors>APs+cameras etc

 

I would be having a home server set up at some point, could I not have the UDM-Pro back up the recordings to a specific folder on the server or offsite? I agree with you on redundancy though if it can't be achieved within the actual hardware of the UDM-Pro then having it backup every evening would be good.

 

I'm sure everything would be fine but being a new dad I would like to make sure my little girl is always safe!

[Falcon1986]

2 minutes ago, Deuteronomy93 said:

I had a look on a site and can see how the recommend the Unifi setup with a £78 router being the first step after the modem so it looks like I have my answers now, thanks again!

If you're going to invest in a Ubiquiti setup (especially seeing that you intend to use Protect), don't bother about the USG. Yes, it's a decent firewall/router (I have one), but it can't host the UniFi controller locally, has no built-in storage nor can it support internet connections at +1Gbps WAN-to-LAN throughput. You're better off getting a UDM-Pro or UDM-Pro SE (coming soon).

 

I see you have a server in your flowchart. Some people might find the UDM-Pro limited when they want more advanced features. If you're that kind of person, a pfSense (or similar) firewall appliance can be far superior. It won't be able to integrate fully with UniFi.

[Falcon1986]

6 minutes ago, Deuteronomy93 said:

I would be having a home server set up at some point, could I not have the UDM-Pro back up the recordings to a specific folder on the server or offsite? I agree with you on redundancy though if it can't be achieved within the actual hardware of the UDM-Pro then having it backup every evening would be good.

The UniFi NVR is specifically designed for handling redundancy for your Protect device recordings. The UDM-Pro will give you everything to start off using Protect with a few cameras, but is not intended for a full HD multi-camera setup.

 

Although I don't use Protect/NVR, I'm sure there is a way for you to back up recordings to a NAS device.

 

6 minutes ago, Deuteronomy93 said:

Modem>Router (such as USG)>UDM Pro>PoE Switch or injectors>APs+cameras etc

Fixed.

[Deuteronomy93]

Just now, Falcon1986 said:

If you're going to invest in a Ubiquiti setup (especially seeing that you intend to use Protect), don't bother about the USG. Yes, it's a decent firewall/router (I have one), but it can't host the UniFi controller locally, has no built-in storage nor can it support internet connections at +1Gbps WAN-to-LAN throughput. You're better off getting a UDM-Pro or UDM-Pro SE (coming soon).

 

I see you have a server in your flowchart. Some people might find the UDM-Pro limited when they want more advanced features. If you're that kind of person, a pfSense (or similar) firewall appliance can be far superior. It won't be able to integrate fully with UniFi.

Just realised when reading this that the USG-Pro is a router too, I had thought it was a switch etc so that's my mistake, thanks for clarifying!

 

I've been watching a video in the past half hour (not yet finished) on pfSense though again this is relatively new to me. Regarding the server, the main use would just be file storage for work that my wife and I can access, share files and try to relatively seamlessly switch between desktop and laptops when working, and then storage for our media to playback on TVs/projectors etc.

I had thought about the only other feature I could be interested in be to remotely access files on the server whilst travelling including internationally.

 

Would this be something the UDM-Pro could achieve or is this getting more into the territory of pfSense? I don't think I would be seeking more advanced features, but I also don't know what I don't know yet

[Oshino Shinobu]

3 minutes ago, Deuteronomy93 said:

Just seen the edits, thanks for the feedback on this too.

 

Sounds like Cat6a is best for the moment then. We'll be ideally moving sometime in January so doubt things in this space will change. I was thinking about calculating the amount I would need then buying a spool of the amount +20% extra or so. I had read that CAT7 had additional shielding (and the houses in Beijing have had horrible noise making it worse) which was why i was considering it but maybe we can just take some extra precautions with shielding when getting it all done.

 

Regarding the UDM Pro, I'd been having a look at this briefly before but wanted to improve my knowledge of things before coming back to it.

 

Just to confirm, I would go? Modem>Router (such as USG)>UDM Pro>PoE Switch or injectors>APs+cameras etc

 

I would be having a home server set up at some point, could I not have the UDM-Pro back up the recordings to a specific folder on the server or offsite? I agree with you on redundancy though if it can't be achieved within the actual hardware of the UDM-Pro then having it backup every evening would be good.

 

I'm sure everything would be fine but being a new dad I would like to make sure my little girl is always safe!

The UDM Pro is a router/gateway so not need for a USG. It would go Modem > UDM Pro > PoE Switch > PoE Devices. 

 

Currently protect has no way of backing up other than manually individual recordings. Though this has been the case for over 3 years now. Protect is really not suitable for anything other than home use and if you have some real security concerns, you should use something else as your camera/security software. Protect is honestly not ready for release even today. It's missing so many basic features and some of them outright make it illegal to use in a business setting in some European countries. Just recently they changed a UI setting that got rid of a button so now what used to take a single click takes 3 which is infuriating. 

 

I personally use it because I don't need it for any really serious security concerns, the application is nice and easy to use which is good for other, non-techy people to access and the lack of subscription for the software, as well as the fact that it actually looks nice and modern, while most CCTV software available still looks like something out of the early 2000s. 

 

The other option for protect, as a backup solution is missing, is to use the UNVR instead of the UDM Pro as it has 4 drive bays and can be configured in hot-spare, RAID 1/5 and RAID 10 for redundancy. 

[Oshino Shinobu]

13 minutes ago, Falcon1986 said:

Although I don't use Protect/NVR, I'm sure there is a way for you to back up recordings to a NAS device.

There isn't. Protect is missing many critical features and has been for a long time with no real signs of that changing. Even the EoL Unifi Video has basic features that Protect is still missing. 

 

It works for some use cases, but for anyone looking for a bullet proof and configurable NVR solution, Protect is atrocious. 

 

I still like Ubuqiiti's stuff, but to be honest it feels like they're losing their way. I'm still on an old version of the UniFi Controller hosted on a VM as they've outright removed support for "legacy" devices now. Before they just weren't receiving updates but could still be configured and such. If I upgrade to a newer version, I will lose all ability to configure those devices, so if I need to change anything or re-adopt them, I'm out of luck.

 

They also removed the ability to run the NVR stuff on your own hardware when they moved to protect. I used to run UniFi Video on a VM and had it recording a network share just fine and you can obviously then manage that as you please but they've completely removed that option and striped vital features from the NVR when moving from Video to Protect. Really really basic things, like being able to assign permissions in such a way as to allow access to a camera's live feed but not the recordings is still not available, despite it being present in Unifi Video years and years ago. 

[Falcon1986]

3 minutes ago, Oshino Shinobu said:

Even the EoL Unifi Video has basic features that Protect is still missing.

Good to know. Maybe this is what I was remembering.

[Deuteronomy93]

13 minutes ago, Oshino Shinobu said:

The UDM Pro is a router/gateway so not need for a USG. It would go Modem > UDM Pro > PoE Switch > PoE Devices. 

 

Currently protect has no way of backing up other than manually individual recordings. Though this has been the case for over 3 years now. Protect is really not suitable for anything other than home use and if you have some real security concerns, you should use something else as your camera/security software. Protect is honestly not ready for release even today. It's missing so many basic features and some of them outright make it illegal to use in a business setting in some European countries. Just recently they changed a UI setting that got rid of a button so now what used to take a single click takes 3 which is infuriating. 

 

I personally use it because I don't need it for any really serious security concerns, the application is nice and easy to use which is good for other, non-techy people to access and the lack of subscription for the software, as well as the fact that it actually looks nice and modern, while most CCTV software available still looks like something out of the early 2000s. 

 

The other option for protect, as a backup solution is missing, is to use the UNVR instead of the UDM Pro as it has 4 drive bays and can be configured in hot-spare, RAID 1/5 and RAID 10 for redundancy. 

So the security is a bit more to achieve my wife and her family's peace of mind. Our daughter is mixed race (god knows how I helped create such a beautiful thing!) and they have voiced multiple times about someone trying to steal her which I doubt would be the case but putting in a bit of extra effort could just put them at ease and make my life slightly easier!

 

Given the above feedback from you and Falcon1986, it looks like the functionality of the UDM Pro for the home security wouldn't really be the best solution and that I should go for an UNVR.

 

You both also mentioned about the requirement to have either PoE injectors or an additional PoE switch to handle the APs and cameras/intercom etc.

 

If this is the case, should I not go for a more powerful switch+USG+UNVR, or is there a more suitable router/switch combo (like the UDM Pro without SVR but with more ports/PoE) that I can pair with the UNVR?

 

I can see there's a USG-PRO-4 but it looks to have similar features though no NVR and very slightly cheaper.

 

Sorry about throwing a spanner in the works with this one! I am going through their site at the moment but have to admit that searching for their routers seems a bit less structured than you'd have thought. It doesn't seem like (at least the site I'm on via VPN) there is any filter for just switches or just routers etc.

 

 

 

 

 

I have also just seen Oshino Shinobu's comment on them losing their way. This does make me slightly hesitant honestly, I had thought they were a good company to invest in their products due to Linus' videos and a colleague that has a more normal setup but wouldn't want to be cast aside with limited support when my devices reach end of life.

 

Is it "better" now to just build your own router and handle everything using old server equipment etc? I understand that this may require a lot more knowledge to actually achieve..

[Oshino Shinobu]

9 minutes ago, Deuteronomy93 said:

So the security is a bit more to achieve my wife and her family's peace of mind. Our daughter is mixed race (god knows how I helped create such a beautiful thing!) and they have voiced multiple times about someone trying to steal her which I doubt would be the case but putting in a bit of extra effort could just put them at ease and make my life slightly easier!

 

Given the above feedback from you and Falcon1986, it looks like the functionality of the UDM Pro for the home security wouldn't really be the best solution and that I should go for an UNVR.

 

You both also mentioned about the requirement to have either PoE injectors or an additional PoE switch to handle the APs and cameras/intercom etc.

 

If this is the case, should I not go for a more powerful switch+USG+UNVR, or is there a more suitable router/switch combo (like the UDM Pro without SVR but with more ports/PoE) that I can pair with the UNVR?

 

I can see there's a USG-PRO-4 but it looks to have similar features though no NVR and very slightly cheaper.

 

Sorry about throwing a spanner in the works with this one! I am grouing through their site at the moment but 

So further to the backups thing. There is a way to sync the files to another machine, but it's not built into Protect, you'd need a script to access the video files on the NVR and sync them to a drive or network share. There's a thread on their forums from 3 years ago asking about this and they still haven't implemented it https://community.ui.com/questions/How-to-backup-recordings-with-protect/0b431ca1-68cc-4da8-9125-2d9bdc326bd4

 

A community member does elaborate on the script used in that thread. Though the files are proprietary, so you'd need protect to read and play them, so not sure how it handles restoring the files back in the event of a drive failure. 

 

The UNVR is definitely better than the UDM Pro as it has more than one drive bay, but the fact still stands that due to the lack of a robust backup feature, if someone were to break in and steal or destroy the NVR and drives, you've had it. 

 

The thing is, Protect is getting updates and fairly frequently, but from what I've seen of it it's also really silly UI changes, like removing buttons for no reason or removing options to assign and manage permissions from the app so you have to do it through the web interface rather than being able to do it from both. For the UNVR there's also two different settings menus, one for the device itself and one for Protect, despite the fact that the device does nothing but run protect so it's stupid to have to go to a different settings menu to configure things on the same device. It's still missing a load of basic functionality that was present in UniFi Video. It works for what I need it for, but I can't bring myself to recommend it to others and with the lack of real progress in terms of features in the past few years, I can't recommend it in the hope of features being added in the future either. 

 

EDIT: For the USG Pro, it's just a router/gateway. It doesn't host the controller or NVR. You'd need the USG Pro, UNVR, Cloudkey (to host the controller) and the switch. 

[Falcon1986]

4 minutes ago, Deuteronomy93 said:

they have voiced multiple times about someone trying to steal her which I doubt would be the case but putting in a bit of extra effort could just put them at ease and make my life slightly easier!

Oh, my! Sorry about that.

 

4 minutes ago, Deuteronomy93 said:

it looks like the functionality of the UDM Pro for the home security wouldn't really be the best solution and that I should go for an UNVR.

For the regular home user (or even the paranoid one), the UDM-Pro is sufficient. It can support the UniFi suite of features at a central control point, maintain a gigabit internet connection and also offer IDS/IPS without significant loss of performance. It is far superior to the USG. I wouldn't even bother paying attention to the USG-Pro because at that price point, you're entering UDM-Pro territory anyway.

 

I'm sorry for the confusion as I thought you might have had more advanced network needs which a pfSense appliance might be able to offer. But being a beginner at this, I'd say stick with the UDM-Pro for now. As your needs/knowledge grows, you can upgrade later.

 

The UNVR is an add-on to expand local storage for your camera system that also happens to integrate with the UniFi software.

[Oshino Shinobu]

12 minutes ago, Deuteronomy93 said:

I have also just seen Oshino Shinobu's comment on them losing their way. This does make me slightly hesitant honestly, I had thought they were a good company to invest in their products due to Linus' videos and a colleague that has a more normal setup but wouldn't want to be cast aside with limited support when my devices reach end of life.

 

Is it "better" now to just build your own router and handle everything using old server equipment etc? I understand that this may require a lot more knowledge to actually achieve..

I'm divided on that. 

 

On the one hand, their networking stuff offers a solution and sleek management system at a price that can't be matched by others. Cisco Meraki stuff is the closest in terms of solution I can think of, but that, along with other solutions with nice centralised management systems all charge a fairly large subscription fee and also have the issues of devices going EoL and basically becoming ewaste if you update the controllers. 

 

On the other, if you can deal with a not-so pretty or user friendly management experience, there's others that can offer way more than Ubiquiti's stuff at the same or cheaper price point. Especially for high bandwidth 10G+ stuff, which is silly expensive going down the Ubiquiti route. 

 

Mikrotik is one I'd look into for switches. They offer some really good stuff, it's just a bit more involved to configure. Though really, I like the UniFi management system, but I barely ever touch it. Once it's setup, you're not really going to use it and unless you're running it in a business environment, the performance and analytics stuff it can do is wasted. 

 

For Protect, I can't recommend it. I live with it as it offers what seems to be an unrivalled ease of use experience for end users, especially for remote access. Everything else about it is at best lacking and at worst illegal if you're using it for a business CCTV system. You're also locked into using their cameras with their software on protect. If they EoL a camera, it becomes ewaste and is basically unusable for anything else.

[Oshino Shinobu]

19 minutes ago, Falcon1986 said:

Oh, my! Sorry about that.

 

For the regular home user (or even the paranoid one), the UDM-Pro is sufficient. It can support the UniFi suite of features at a central control point, maintain a gigabit internet connection and also offer IDS/IPS without significant loss of performance. It is far superior to the USG. I wouldn't even bother paying attention to the USG-Pro because at that price point, you're entering UDM-Pro territory anyway.

 

I'm sorry for the confusion as I thought you might have had more advanced network needs which a pfSense appliance might be able to offer. But being a beginner at this, I'd say stick with the UDM-Pro for now. As your needs/knowledge grows, you can upgrade later.

 

The UNVR is an add-on to expand local storage for your camera system that also happens to integrate with the UniFi software.

Agree here on the USG Pro. It's not needed for home use. The normal USG would be more than enough, or the UDM Pro

 

Though the UNVR isn't an add-on, it's a standalone NVR. As far as I know, you cannot link it in to say a UDM Pro to expand the storage. You run the Protect NVR application on it and use it for storage, it doesn't link in with any other NVR devices. 

 

EDIT: Meant USG Pro, not UDM Pro

[Oshino Shinobu]

14 minutes ago, Oshino Shinobu said:

I'm divided on that. 

 

On the one hand, their networking stuff offers a solution and sleek management system at a price that can't be matched by others. Cisco Meraki stuff is the closest in terms of solution I can think of, but that, along with other solutions with nice centralised management systems all charge a fairly large subscription fee and also have the issues of devices going EoL and basically becoming ewaste if you update the controllers. 

 

On the other, if you can deal with a not-so pretty or user friendly management experience, there's others that can offer way more than Ubiquiti's stuff at the same or cheaper price point. Especially for high bandwidth 10G+ stuff, which is silly expensive going down the Ubiquiti route. 

 

Mikrotik is one I'd look into for switches. They offer some really good stuff, it's just a bit more involved to configure. Though really, I like the UniFi management system, but I barely ever touch it. Once it's setup, you're not really going to use it and unless you're running it in a business environment, the performance and analytics stuff it can do is wasted. 

 

For Protect, I can't recommend it. I live with it as it offers what seems to be an unrivalled ease of use experience for end users, especially for remote access. Everything else about it is at best lacking and at worst illegal if you're using it for a business CCTV system. You're also locked into using their cameras with their software on protect. If they EoL a camera, it becomes ewaste and is basically unusable for anything else.

Further on the Mikrotik stuff, 

 

I believe they have some switches that also have the option to function as a router (using either RouterOS or SwitchOS), so you could have one switch that acts as the router, with PoE ports and if you want it, multiple 10G ports, all for less than one of the UniFi 24 Port PoE switches with 10G SFP+. This is probably the solution I'm going for when I move as to get the same performance and features from Ubiquiti I'm looking at well over double the price

 

The one area where I'd say UniFi still makes total sense is for access points. They're very good for the price and the price and having the centralised management means any changes made to the WLAN profile populates to all access point at once, rather than having to configure each one, which makes things like SSID and password changes super easy. 

[Deuteronomy93]

Many thanks once again for your feedback on all the above! It's really helping me to learn the technology but also increasing my awareness of brands and what they offer.

 

I've been a bit busy with certain things but had a chance to look and Mikrotik is available in China though certain shops do seem to try and take advantage a bit, others do seem ok. Also looked over some videos on building your own router but it seems like this might be best for a more involved setup/hobbyist?

 

I've been watching some reviews and it looks like people are very favourable about them, so all things considered, mixing and matching rather than going for a locked down environment is the best route. I'm not a fan of being locked into an ecosystem hence leaving Apple a long time ago, but also didn't realise that Unifi can lead to this route.

 

Based on everything discussed so far, it looks like this may be what I should aim for:

(For reference this is what we had discussed with just using Unifi: Modem>UDM Pro>PoE Switch or injectors>APs+cameras etc)

• Modem: ISP Provided, should be fine however others are available if necessary.
• Router: https://mikrotik.com/product/crs328_24p_4s_rm
  • I hadn't actually realised that the cameras don't plug directly into the UNVR etc, they plug into the switch.
  • The reviews of this router seem very good, here is what I took away/required from watching the reviews.
    • Ports I need support for:
      • PoE:
        • 2 for access points.
        • 6 for cameras and 2 for front/back door access.
        • Potentially (though not likely) 2 more for front and back garden door access.
        • My devices will be within the specs for it's PoE output.
        • I wouldn't need to buy injectors or another additional switch.
      • Non powered: 
        • 17 for various rooms around the house as well as HASS and NAS.
        • 1 to help with debugging etc.
        • Extras are not necessary but are a bonus.
      • I do not really need many 10gb ports in the foreseeable future. My mobo has one and sure they will become more common but 4 seems more than adequate so may as well save money here.
    • This switch has the ports I need with extras available. The ports are managed via 3 daughter boards with equal power being sent to them.
      • Ideally I should check the power requirements of each PoE device and split them out evenly across the 3 boards.
    • I would not need a separate router/switch.
  • Rack mountable which I do want.
  • Does not have redundant PSUs and only one can be used.
  • 2 fans included but has mounting for 2 others.
    • I'm a bit of a silence freak with my hardware, being able to put in 4 Noctuas to create positive pressure with low rpm would be great.
  • One quick question I have is that I've heard of routers running out of IPs to give out. Is there a way to find out what the limit is for your router?
    • I haven't fully researched this either yet, but I'll look into Zwave and Zigbee for devices that mainly do reporting such as voltage detectors, humidity, light etc.
• Access Points
  • I'm agreeing with what you said above, it does seem like Unifi's APs just seem to be the best available.
  • I was going to go for these as I need 2.4g, 5g and 6g channels to support various devices. Anything that can within reason just plug into an ethernet port will be, however due to trying to get everything smarthome integrated, the robot vacuums and mops etc require 2.4g.
  • The Mikrotik option doesn't support 6g, isn't as good looking and is the same price.
    • Looks aren't my priority here but are a consideration due to it needing to be visible in the house.
  • Based on videos I've watched in the past, 1 of these for each floor should work perfectly due to the design of the house.
• NVR and cameras
  • This will probably be my next step with research to try and finalise the general idea of what I will go for, any further feedback on these that people know of would be great!

In case it's of interest/further reading, I haven't yet decided on where I'll actually be placing the server cabinet and how I will organise it. I'm looking at using a lot of aluminium extrusions for my office and a custom desk I've been planning for a long time, and have seen some people use these to build a rack. This could be a fun project, or it could just be better to use a general purpose one and close it off with some ducting for airflow.

 

I'll also be looking to finish off the rack with some extra touches:

• Redundant PSU
  • This will likely just be one that is available for the cheapest at the time I buy it that fits the power requirements, is rack mountable, reputable and can possibly sway me with some additional features such as HASS integration.
• Patch Panel
  • Not sure whether I will do this but at least it's something that can be added later.
  • Do many of you find that they are necessary/help with a home environment rather than labelling your cables well?
    • As I haven't really done a custom home server/network at all before, I don't know how often I would need to plug/unplug.
  • I was sort of liking the idea of having one and then custom making short cables to connect the panel to the switch despite how tedious it would undoubtably be.
• Powerbar
  • Rack mounted and plugged into the UPS with switches for each socket.

[mtz_federico]

On 10/9/2021 at 3:46 PM, Deuteronomy93 said:

One quick question I have is that I've heard of routers running out of IPs to give out. Is there a way to find out what the limit is for your router?

This depends on the subnet mask that you use. For local networks you should only use IPs defined in RFC1918, those are:

192.168.0.0 – 192.168.255.255

172.16.0.0 – 172.31.255.255

10.0.0.0 – 10.255.255.255

 

Most home networks use 192.169.x.x/24, that gives you 255 ips.

 

I like to create different subnets for different things and use different address spaces. Like:

IoT - 192.168.10.x/24

Guest - 192.168.0.x/24

Main/Secure - 192.168.1.x/24