What's new

Curious about UniFi UDM-Pro

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

RobNY

Occasional Visitor
Was wondering why no one here is talking about UniFi Dream Machine Pro? Also will it be reviewed here? Seems like a real nice high end home router at the same price point of Cisco RV's.

-Rob
 
The UDM Pro isn't really talked about at SNB because it's not really a device that most users here would be apt to look for by default, despite the growing level of awareness of proper, discrete-component network design and distributed wireless.

Also, it hasn't been public available for all that long, and the firmware is still a work-in-progress (along with the UDM), so it's at best usable for lab-ing and/or home enthusiasts, but not really proven to be production-ready, and probably won't be until the end of this year at the earliest.

Additionally, while the concept of a converged appliance is nice and all, many USG users are also simply looking for a USG-XG Gen2 equivalent, and don't need or want all that UniFi Protect nonsense thrown into the code base (to just bog it down and fill it with more bugs). They'd probably take a UDM Pro in the meantime, but hopefully we'll also see significantly more powerful USG's coming in a refresh sometime soon.

Nonetheless, the device has promise, presuming UI can work out the kinks and maintain stock.
 
Last edited:
Mine is on its way! But I’m brand new convert or perhaps self paid tester for Unifi line. But after my surprise experience with their AP, I’m really excited.
 
@Tech Focus - The UDM-Pro is probably 80+% functional for most anyone's needs, and for the average home user, likely even more so. The remaining bugs may not effect you much at all, and it will only get more bug-fixed from there. So I would say all-good for a home enthusiast at this point.
 
I am not sure where the UDM-PRO is positioned for. It is about 2 times the price of a RV340 router. It is more in line price wise with the RV345P router which is in the same series but the UDM-PRO lacks the POE which makes the RV345P much easier to setup for a coffee shop or small business in a simple setup. The UDM-PRO has more processing power than the Cisco RV340 series but I don't think users are buying internet faster than a gig right now. I am sure there are a few but gig internet is the de facto standard right now. Anything extra gets discounted. The extra processing power might be good for processing VLANs but this comes up vary lacking compared to a layer 3 switch. A Cisco layer 3 switch runs at line speed which would run off and leave the UDM-PRO way behind. Switches are faster than routers.

So I would chose a Cisco RV340 and a Cisco layer 3 switch which I have. Maybe when we have 2 or 3 gig internet pipes. I have to say I am biased as I have been using Cisco for a long time.
 
@Tech Focus - The UDM-Pro is probably 80+% functional for most anyone's needs, and for the average home user, likely even more so. The remaining bugs may not effect you much at all, and it will only get more bug-fixed from there. So I would say all-good for a home enthusiast at this point.

I would say I may not even notice those bugs due to my fortunate ignorance!

For me having 2 ASUS ax11000 and 2 RT ax92, DMP and 2-3 AP are actually compatible price.
 
Entirely different animals. Each has their strengths and weaknesses, which relate more to who they're made by than anything else.

Regarding superior CPU power, the difference has nothing to do with buying or not buying gigabit (or faster) internet, or L3 routing efficiency (which should be handled by L3 switching if you have that much traffic). The real difference is software-driven throughput for non-offloadable services that tend to remain on the gateway in smaller networks: VPN, QoS, DPI and similar. And it shows up long before you hit 1Gig. No debate possible.

On the software side, RV/SG/WAP tends to be less bug-prone for what they do advertise to support, but the control plane integration of UniFi is miles beyond, even with all the additional bugs. Overall, I don't have a clear favorite here; each is best used in different circumstances.

For hardware, again, it's a toss-up depending on use-case. With Cisco you don't get quite as much novelty, but what you do get is typically high-reliability. With Ubiquiti, UniFi in particular, their ecosystem is much more robust, but quality is still more inconsistent than it should be.

For support, Cisco still slaughters Ubiquiti for vendor-direct. No contest there, and I don't see that changing any time soon. UI, like Mikrotik, relies more on their VARs/integrators for that. If you're dealing with a use-case where OEM-direct support is vital, Cisco is the better choice in many instances.

At the end of the day, pluses and minuses to both, and IMHO one would be remiss not to be willing to master and use both brands.
 
Last edited:
Like I said I am biased to Cisco and I like layer 3 switching. If I want traffic inspection like a layer 7 firewall then I would run an UTM firewall behind the Cisco router which I did for years. I have retired and given that feature up. I also think the attack vectors are different now days any way but an UTM would be a better setup plus it distributes the network load across more devices which keeps the load off the router to open and close the front door. So I do disagree even though you think there is no debate. Also QoS in regards to IP phones what about 20 IP phones. It is much better to off load the QoS to the switch rather than run at the router. So another point can be debated. I agree there are things better run on a router but all this is very debate able.

PS
I try to stay away from VPN. I used Cisco VPN many years ago. I had a neighbor which worked with Cisco VPN 4 years ago. He said they used 512 encryption with a certain stack. Some of the stacks at 512 were hackable. And anything below 512 was hackable. More than likely it would be good to offload VPN from the router as well. But like I said I don't travel in those circles any more. I have no real need for VPN since I don't work. By hackable I mean not secure.
 
Last edited:
It would be interesting to run a test scenario from a typical US small business with a single ISP link for all traffic. 2018 Ookla #s were 97Mb down, 35 Mb up for all US commercial and residential traffic. Let's assume upward trending and also exclude the thousands of businesses still below whatever current average that is, and assume an ISP speed of 300Mb down, 50 Mb up.

You load each LAN with 20 workstations and 20 VoIP phones, all with active traffic, enough to saturate that 50Mb upload somewhat routinely, the way a typical office would. For Test A, you do QoS on L3 switching -- 802.1p, DSCP, extra queues, the whole nine yards -- and for your gateway you run an RV345, with pfifo_fast and whatever legacy QoS schemas one deems necessary. For Test B, you use identical switching hardware, but you leave QoS off completely on the switching and run an SQM-capable router, similar in price to the RV345, let's say an EdgeRouter 12 or UDM Pro, configuring only a single Smart Queue, no extra QoS rules at all. I'd be curious to see which network's VoIP quality would be routinely better, or routinely worse, by average sample.

Going on experience of having solved the same issue with only SQM on the gateway, and zero QoS on any switching or the gateway, I would be inclined to suppose it would be Test B, but maybe I would be pleasantly surprised? (I wonder what @dtaht would say?)

The one thing I think we'd both agree on is the benefit of having local QoS active on the switching, whilst also having SQM on the gateway. Thus my penchant for running ER-4's alongside SG350's, and the stance that it's great to master and utilize both brands for what each does best.
 
Last edited:
Adding to your test. What if you add a network load of more than a gig of local traffic traffic across VLANs like day to day working users? They may be doing backups, fileserver and SQL queries, big drawings, images, etc. The router is going to have a harder time processing all the traffic compared to the L3 switch just dumping the internet traffic off to the router which is a lot less traffic for the router. What about 5 gig of local traffic? The router will not scale like a layer 3 switch. At this point I think the router will not be able to deal with all the traffic. I would think 20 to 50 people and 5 gig would be easy to hit in spurts.

So Trip do you have your SG350 doing layer 3? There is nothing wrong with SQM we sure needed it back in the DSL days. And SQM would be a good thing to have now.

PS
Businesses are setup with VLANs. You usually have the servers segmented off from the slow users VLANs. The users are segmented by like payroll, accounting, marketing, and etc. So there is local traffic routing going on all the time. Users are told the servers will be backed up keep your latest working files on the server which results in users working on files on the fileservers on different network VLANs. Plus the server have battery backup incase of power outages which protects the files on file servers. This all places local LAN loads on the network. As the user count goes up so does the local LAN load.

PSS
Just so you know, Cisco has a low latency QoS setting on the RV340 router which would probably work with IP phones if you don't setup the layer 3 switch which is the way I would do it or if you are completely saturating your internet connection. Cisco is trying to keep it simple on the RV340 router. Cisco is much more sophisticated on their PRO line. I am not sure how to set this up. Do you need a class of service? Will it pickup the priority VoIP traffic coming from the Cisco layer 3 switch?
 

Attachments

  • Capture37.PNG
    Capture37.PNG
    76.5 KB · Views: 225
Last edited:
All good points. I'm thinking you may be getting hung up on the switch vs router thing. As previously stated, in both cases, we would have L3 switches in place already handling the local L3 stuff -- inter-VLAN, local static routing, etc. Add as much local traffic as you want, 1Gb, 5Gb, whatever, should be fine, presuming we've spec'd enough switching fabric of course.

Re- L3 and how I deploy it, usually when I've got an SG350 or other L3 switch in the works I will run L3 on it, yes.

Re- VLANs, absolutely. In both test cases we'd have L3 switches handling that traffic identically, so upstream egress/ingress would be a roughly identical load for both routers.

Re- QoS options on the RV, that's encouraging and a good start. Full-blown SQM would be even better an can actually be made to be even simpler (classless, aka "knobless"), so along the paradigm of simplicity there's no reason Cisco couldn't include in the RVs for that user base. Hopefully they catch up there soon.

I think we're circling around a similar end to all this. I'd propose that a multi-vendor stack sometimes isn't the worst thing in the world, especially when you can inter-operate on open standards. For standalone switching, I'd take an SG over a UniFi Switch or EdgeSwitch a lot of the time. For gateway, EdgeOS has a bit more going for it. I'm cool with that, and don't need to go all single-vendor, but I get why you might want to, which is cool too.
 
Well I tried pfsense a while back when I was thinking your way. It turned out I was patching the software way to much and they would break things which I would have to deal with. It all got to be too much so I gave it up. Any way pfsense wants to control everything and they tell to run your switch in layer 2 mode. pfsense will work with a layer 3 switch but there is very little support for it. They treat you like a step child. I went back to my Cisco router and realized how easy it was to maintain with almost no problems. And running with a Cisco layer 3 switch it is very simple. I did look at one of the Edgerouters back then but they were having a lot of UDP sequencing problems so I chose pfsense instead. Life is so simple with the Cisco RV340 router I see no reason to stray any more.

PS
I paid less than what the UniFi UDM-Pro costs for my Cisco RV340 and my Cisco SG300-28 layer 3 switch. I bought the Cisco router new and the Cisco L3 switch used. It was before I built up layer 3 switches on this forum. Cisco layer 3 switches are harder to find now used. The Cisco SG300-28 is now EOL but back when I bought my Cisco switch they were current.
 
Last edited:
pfsense has had its ups and downs, for sure. And yes, returning to the known and/or previously functional is not the worst thing in the world. Albeit certain innovations may not be accessible by self-imposing your own vendor lock-in. But I can certainly see why you've done it. Besides the causes you've listed, it's also one less phone number and vendor culture to deal with, which can be a very good thing as well.
 
@coxhaus, @Trip, thank you for the great conversation above! :)

And my apologies for misreading the model here I thought I read about (missed the 'pro' part). :)

I can only hope to have the skill and experience you two possess, maybe one day. :)
 
PS I paid less than what the UniFi UDM-Pro costs for my Cisco RV340 and my Cisco SG300-28 layer 3 switch. I bought the Cisco router new and the Cisco L3 switch used.
We can play the I-got-it-the-best-for-the-cheapest game all day, but suffice it to say, there are very economical ways to deploy any/all forms of the setups discussed above, with multiple vendors who will all perform perfectly well.
@coxhaus, @Trip, thank you for the great conversation above! :) I can only hope to have the skill and experience you two possess, maybe one day. :)
Thank you, but you'd also have the pleasure of many headaches as well. ;)
 
I hope everybody understood UniFi UDM-Pro is a more powerful router than the RV340 router and will probably handle two 1 gig internet connections. But how you build the network is the most important thing.
 

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top