New Ubiquiti setup at home

Discussion in 'Networking & Security' started by ocbaud, Aug 28, 2019.

  1. ocbaud

    ocbaud I'm a baud Man!

    Messages:
    5,654
    Joined:
    Nov 3, 2000
    Finally had enough of my Netgear X6 R8000 router. Kept slowing down and giving me iffy wifi.

    My gigabit fiber was only hitting speeds of around 270Mbps on after the newest firmware update over ethernet.

    It's been some years since i ran ubiquiti stuff but decided to go all in this time.

    - Edgerouter 4
    - Unifi Switch 8 60w POE
    - Unifi AP AC Pro


    Got things setup and running in about an hours time and it's great.
    Speeds over ethernet are hitting 920Mbps or so now up and down and wireless is stable.

    At this point, I want to start tweaking and adding some firewall rules, but I'm unsure what all I really need.
    Wanted to get opinions on what others are running for a home setup.


    Plan currently is to have 3 seperate networks.

    1- Primary for pc's , gaming devices, phones, etc
    2- IoT type devices that are blocked from accessing the other networks
    3- Guest network, again, blocked from accessing other network.


    That's pretty easy to implement honestly, but are there any other rules I should consider? I'm not running any VPN here at home at this point.
     
  2. Spartacus09

    Spartacus09 [H]ard|Gawd

    Messages:
    1,024
    Joined:
    Apr 21, 2018
    Any reason you didn’t to go for the USG/pro for the full unifi monitoring?
     
  3. ocbaud

    ocbaud I'm a baud Man!

    Messages:
    5,654
    Joined:
    Nov 3, 2000
    Familiarity with the Edgemax line of routers.

    From what I read, the normal USG wouldn't be best for the features/speeds I have and the edgerouter4 ticked all the boxes I needed.

    Beside better integration with the Unifi monitoring suite, what benifits would the USG have given me? The USG Pro is cool but form factor doesn't work for me at this point in time.
     
  4. CookieFactory

    CookieFactory Limp Gawd

    Messages:
    308
    Joined:
    May 17, 2006
    Not to hijack your thread but I also have a similar question and I'm interested in your experience. How's your setup treating you?

    I'm currently using a Netgear R7000 all-in-one, which is connected to the AT&T provided router. I have about 120 Mbps down and up.

    I'm thinking about upgrading to one of the following:

    Option 1:
    • Edgerouter 4
    • 2x UAP-AC-PRO access points
    • TP-Link PoE 8-port Switch
    Option 2:
    • Custom PFSENSE box
    • 2x UAP-AC-PRO access points
    • TP-Link PoE 8-port Switch (needed?)
    Option 3:
    • Netgear Nighthawk X10 AD7200

    With my current Netgear R7000 and ~20 devices, I notice significant slowdown/flakiness when there are P2P sessions active so I'm hoping one of the above options will cure my networking woes.

    For Option 1, are there any other devices I should be considering? Would the USG (or some other) router serve me better?
    For Option 2, is there a sweet spot in CPU performance I should be looking at? For my use case, would a PFSENSE set up be overkill?

    Performance is the first and foremost concern, followed by ease-of-use (user interface, reliability, etc), and then bang-for-buck. Thanks for any insight you can provide.
     
  5. Spartacus09

    Spartacus09 [H]ard|Gawd

    Messages:
    1,024
    Joined:
    Apr 21, 2018
    Mainly just the single pane management capability, and ability to do data inspection (which i think the edgemax has as well?).
    What features/speeds do you have that are limited by the USG? I have 940/50 connection with no limitation and multiple vlans configured.
     
  6. peanuthead

    peanuthead [H]ardness Supreme

    Messages:
    4,652
    Joined:
    Feb 1, 2006
    Spartacus09 - Do you have IPS/IDS turned on? I take it you are using the Pro flavor?
     
  7. Spartacus09

    Spartacus09 [H]ard|Gawd

    Messages:
    1,024
    Joined:
    Apr 21, 2018
    I'm using a regular USG, I do have DPI turned on not IPS/IDS, turning on the threat management reduces the throughput to about 100mbps due to hardware restriction, I want my speed over security :).