Ubiquiti UniFi Performance

[Andne]

I'm starting a network upgrade since my pfSense box has failed and needs replacing (one of those SuperMicro Atom D525 boxes from years ago). While trying to decide on another pfSense (or similar box) vs. a dedicated appliance I came across the Ubiquiti USG-Pro and Dream Machine Pro.  Currently I have multiple VLANs in my network that a Cisco SG300 does the routing between and forwards internet traffic to the pfSense box.  This gives me some pretty nice speeds between computers and servers and so is a configuration I want to keep.  Prior to having the layer 3 switch I used pfSense to route VLANs and that was significantly slower.

 

While my immediate need is for a router, I'm hoping to use it as a starting point for an overhaul of my network. I've heard good things about Ubiquiti UniFi system and the integration when you use all of its stuff, but they don't seem to have any layer 3 switches so I'm concerned that the Dream Machine would be doing all of the routing in software and as such wouldn't have very good throughput between VLANs. Searching online isn't giving my very clear information (half of it is marketing stuff, some of the rest seems to point to a different issue in the SFP ports). Does anyone here have any experience they can share regarding VLAN routing on Ubiquiti hardware?

[nrf]

does your cisco switch route the vlans based on vlan tags or ip addresses?

[Andne]

It's running in Layer 3 mode and does IP-based routing.

[oj88]

Keep the Cisco switch for inter-VLAN routing and use the USG or DM upstream on a routed port. This is particularly helpful if you have a server somewhere (Plex Media server in my case) that can benefit from wirespeed inter-VLAN performance.

 

Obviously, you'll need to manage your UniFi products (USG/DM and/or UAP) and your Cisco switch separately.... which should be fine... if you don't change the VLANs regularly.

 

Here's my setup:

 

Big family.

 

Logical:

 

Physical:

 

 

 

Edited April 30, 2020 by oj88

[Andne]

Yeah, I have a Plex server as well along with Server 2012 Essentials on a separate VLAN from the main computers.

 

I do need to upgrade my core Layer 3 switch sometime too, running low on ports on it (it's just a 10-port), so I'm also trying to look at this as the starting point for planning out other changes to my network (I moved recently, so some of my existing layout doesn't work as well anymore).  Seems like if I'm not going to replace most of my equipment with Ubiquiti (which if it can't easily do wire-line speed between VLANs I won't) there's little reason to use any of it.  Then I think I'm looking at Cicso RV-series routers (half my other equipment is Cisco SMB line already) or another 1U box running pfSense or something else.  Just can't decide on the appliance device vs. build-my-own again.  Add in starting to need to update the main servers as well and no new versions of WSE anymore and I think I have a lot of pieces to figure out and put together now.

 

Checked my order history on Newegg, I bought the pfSense box in November 2012. So good use out of it at least.

[ShadowPeo]

I use a USG4 Pro at home, more so because I cannot be bothered with multiple management interfaces. I have had no real issues with the performance, but it does route based on tags as my best guess. Having said that I have no doubt that the Cisco equipment would be faster

[mattb75]

Bit late to this, but Ubiquiti now do a layer 3 switch in two flavours in their UniFi Gen 2 switch range.

1) A 24 port PoE pro version which is around £800 in the UK

2) a 24 port non-PoE Pro version which at around £350 is the same price as their 24 port PoE version which doesn’t do layer 3 but does have PoE.

The configuration is all through the controller. Lawrence Systems on YouTube did a review a few weeks back on the firmware update which enabled the layer-3 support.

[nrf]

On 4/29/2020 at 9:35 PM, oj88 said:

Big family

so many vlans. in the unifis, how do vlans get assigned to client devices?

[oj88]

31 minutes ago, nrf said:

so many vlans. in the unifis, how do vlans get assigned to client devices?

All APs boradcast multiple SSIDs while each SSID is assigned to a specific VLAN.

 

Each family is assigned an SSID and consequently, a VLAN. It was primarily used to separate our IoT devices from seeing each other (which they will if they were all on the same broadcast domain).

Edited July 22, 2020 by oj88

[nrf]

cool. in practice, do any of those IOT devices get routed to other VLANs by the L3 switch?

Edited July 22, 2020 by nrf