Upgrading the Home Network

May 9, 2020

In my last post, I dipped my toes into the pool that is the Unifi product line. The money-sucking monster that lives in that pool immediately grabbed me and pulled me under, refusing to let me out until I went all-in.

Hardware

This is what I ended up with:

Did I need it? No.

Is it overkill? Yes.

Did I want it? Absolutely.

Some of the boxes I got (plus dog tax).
Some of the boxes I got (plus dog tax).

Rationale

While there wasn’t a whole lot of thought that went into these purchases, I do have reasoning behind some of these purchases.

Tripp Lite 9U Rack

I currently live in an apartment with a small corner available to place a rack. This corner is small enough that a full-depth rack would absolutely not fit, so I started searching for shallower racks meant for networking and media equipment. This rack has the benefit of being enclosed for a small amount of noise abatement as well as looking passable as a furniture piece.

Unifi Dream Machine Pro

I was originally going to purchase a security gateway and cloud key as separate pieces, but after a little more reading, I found that the USG is not ready for gigabit speeds. After weighing this against the numerous online complaints documenting the advertised but not-yet-implemented features and the frequent bugs, I decided to just go for it. What’s the worst that could happen, right?

More on this later.

The Switches

For the main rack, I chose the 250W 24 port PoE switch. I wanted to make sure that I had enough ports for future expansion, and I could envision myself using 16 ports, so here we are. The 8 port switch is for the network panel in our apartment. I needed a switch in the panel so that I could connect the ethernet ports located in each of the 3 bedrooms that are terminated at the panel. The nice thing about the 8 port switch I chose is that it can be powered using PoE, which eliminates one more cable from the panel.

Installation

The physical installation process was pretty straightforward, although I still have no idea how you mount the first item in a rack without three arms.

With the door closed, this ended up looking like just a bunch of cables in a box…
With the door closed, this ended up looking like just a bunch of cables in a box…

The sight of the Raspberry Pi and Hue Bridge on top of the rack sickened me, so I immediately turned around and placed another order:

Starting to look like something other than just cables.
Starting to look like something other than just cables.

One patch panel and about an hour of cable management later:

Look at all the blinky lights.
Look at all the blinky lights.

Network Panel

Moving the majority of the equipment away from the network panel allowed me to clean up the panel and gave me my biggest aesthetic win yet.

The door actually closes now.
The door actually closes now.

This is one of the places I goofed though. The PoE injector and patch cable could be removed if I used a USB power adapter for the fiber jack. Same number of power cables and one less patch cable. Oh well, it still looks good.

Configuration

With all the physical components of the network in place, I moved on to configuring the software.

UniFi

To configure the network, I connected the fiber box to the WAN port of the UDM-Pro and connected my laptop to one of the LAN ports.

After navigating to 192.168.1.1, the Unifi setup guide appeared. The only special setup I had to do was to configure the VLAN ID and QoS tag for the WAN as per this Reddit post. This was only necessary because I completely removed the Google Fiber network box from the network. Strangely, the UniFi setup kept failing the internet connectivity check until I pressed the “Troubleshoot” button, at which point the internet immediately started working. Go figure.

I have seen one or two posts floating around that suggest the VLAN and QoS are no longer necessary, but omitting or changing either setting eventually affects internet connectivity for me.

After establishing a connection to the outside world, I moved on to adopting the switches and FlexHD into my network. The switches immediately appeared for adoption, but the FlexHD did not initially show up. Because I am impatient, I factory reset the FlexHD, and it eventually showed up in the interface approximately five minutes later. I don’t know if the reset was necessary or if the fact that the access point had been configured in “standalone” mode had anything to do with this, but it works now.

Pi-hole

Configuring the network to use the Pi-hole as its DNS server was super easy once I found the setting in the UniFi interface. It’s under Settings > Networks > LAN > DHCP Name Server. By default, there are no restrictions on traffic between VLANs, so configuring a network to use the Pi-hole for DNS is as easy as entering the IP address in the aforementioned field. If you are using the guest network feature, the Pi-hole’s IP address must be added to the “Pre-Authorization Access” list under Settings > Guest Control to punch a hole through the default policies that prevent devices on the guest network from accessing other devices on the network.

The only hangup I ran into was that at some point during my fiddling, the Raspberry Pi crashed which caused the internet to be inaccessible. It took me a few minutes to discover that the blinky lights on the pi were not as blinky as usual, but once I did, a power cycle fixed the problem. This does suggest that running two Pi-holes is probably a good idea for such a crucial piece of the network.

The UniFi Dream Machine Pro

From what I’ve seen in real-world use of the UDM-Pro, the device is working exactly as intended. It’s been rock solid and maintained gigabit speeds even with DPI enabled which is all I really need right now.

I know there is a laundry list of missing features, but as a newcomer to the world of UniFi, I can’t miss something that I haven’t had before. However, it is disappointing there isn’t a parallel to the JSON config files on prior platforms. Providing a way to work around features that aren’t yet available in the UI goes a long way towards shifting perception from “this is an unfinished product” to “this is the early stages of a product”.

Lacking any sort of networking experience or qualifications, I don’t feel comfortable passing any sort of judgement on whether anyone else should buy the UDM-Pro. For me, it has done exactly what I need it to do, and I have yet to encounter a task I would like to do that is not supported.

Next Steps

Now that I have the base of the network set up, there are a few other tasks I have in mind in order to improve or expand the home lab.

Tags