• Review: UniFi Switch 8

    Three years ago when we bought our house, I decided I wanted to put in surveillance cameras. When selecting the cameras, I decided that the cameras had to be powered by PoE (Power over Ethernet) so that I could change out the cameras later on if I wanted to and didn't have to worry about dragging a separate wire for power which could be different for different cameras. At the time I was looking, the number of small, fanless switches that did PoE was quite small. I decided on a Cisco SG300-10P which is a 10 port managed switch with 8 of the ports being PoE.

    The managed switch was definitely overkill for what I wanted, but an unmanaged gigabit PoE switch without a fan was nowhere to be found. The switch has worked fine for my needs. Since then, I've experimented with other unmanaged PoE switches (a 16 port one with 8 PoE ports) as I needed more ports. The Cisco switch works fine, but I really didn't do much with it.

    Last year after I tried out Ubiquiti's UniFi AC Access Points, they asked if I wanted to test their new UniFi Switch 8 port switch that was coming out. Of course, I said yes! The switch, like other products in the UniFi line is controlled by the UniFi controller software. As I've mentioned before, the software is quite utilitarian, but works well. The switch easily integrates with my access points and is simple to setup.

    One of the things I dinged the UniFi access points for (not the Pro) was the lack of 802.3af PoE requiring the use of a power injector. Well, like other switches in Ubiquiti's line of switches, the 8 port switch provides passive PoE to individual ports if configured which will power the UniFi access points. So now that I had a UniFi switch, that negative point of having to use a power injector no longer applied.

    My needs of a switch are pretty minor; I just need PoE provided to cameras and I need it to pass VLAN traffic for my guest WiFi network. The UniFi Switch 8 easily does that and a whole lot more. The controller interface works and I love being able to see statistics and have control over much of my network from one screen.

    I really would like 10 ports and the switch has 2 SFP ports. Normally SFP ports are used for fiber connections, but they also support copper modules. I'm in the process of trying to get working copper modules from Fiberstore which is proving to be difficult; of the 6 I ordered, only 1 worked. Their support is good, but being in China, it takes a long time to get replacements. I would rather have had a combo RJ-45/SFP port like the Cisco switch has, but the SFP modules will eventually work.

    One of the things I've overlooked until recently in a managed switch is the ability to use SNMP and monitor traffic. There is no real use for watching the traffic, but I find it interesting. I have monitoring for my access points and my Cisco switch as well.

    Cacti

    With a retail price of $199, who should buy this switch? For most home users, there is no reason to purchase this switch. However, if you've bought into the UniFi line of products (which I'm quickly doing as unified management is excellent and gives me lots of control), then getting a UniFi switch should be a no brainer. To me, multiple 8 port switches beat out the 24 port switch due to the lack of fans. Yes, it would cost more, but in my setup, I try to keep noise at a minimum.

    IMG 5572

    Pros

    • Integrates well into the UniFi line
    • Silent operation
    • Powers all the UniFi access points (802.3af or passive PoE)
    • Controller software is easy to use (but utilitarian)

    Cons

    • Not rack mountable; the Cisco switch I have has really long ears to mount it which Ubiquiti could have done. In my case, I put it on a Raxxess RAX Rack Tray
    • No combo RJ-45/SFP Ports
    • A little pricey

    Summary

    While the UniFi Switch 8 isn't for everyone, I've been quite happy with the Ubiquiti products and plan to purchase one of the 8 port switches to replace my Cisco switch (I'm waiting until the SFP modules work properly as I actually need 19 ports between my 2 main switches). The unified controller makes things very easy to manage. The Cisco switch has lots more options exposed, the UniFi switch can do a bunch with the command line; however, I haven't had to touch it.

    Standardizing on UniFi switches will also allow me to possibly use their UniFi Video cameras including their new 1080p as those are powered by 24V passive PoE which the switch will provide (if you're listening, Ubiquiti, I have 7 cameras and would need an NVR to go with it :-)).

    If you're going all in on Ubiquiti products, getting one of their switches should be a no-brainer.

    Note:The UniFi Switch 8 was provided to me by Ubiquiti at no cost for testing and review. It should be clear that my review is not biased by this as I plan on purchasing another switch with my own money.

  • Plateau for Mac processors?

    Recently my dad asked me what he could do to make his 2007 iMac faster. The machine is running a 2.4 GHz Intel Core 2 Duo processor which by today's standards is woefully outdated. We had already maxed out the RAM at 6 GB (specs say it can handle 4 GB, but 6 GB are recognized) and it had a 500 GB 3.5" spinning hard drive (7200 RPM, I believe).

    As we were looking for the most cost effective solution, I said that we should try an SSD drive in it. I told him to purchase the Samsung 850 EVO and a Newer Technology AdaptaDrive Bracket. The items arrived and then I was tasked with installing it (I actually had my dad get a different bracket which was wrong, so it was extra work, but let's just pretend he got the right bracket). Since the iMac didn't recognize my USB 3 docks to copy the data from his iMac to the new drive, I had to put the iMac in target disk mode, hook it to my Thunderbolt display via FireWire 800 and then copy the data to the new SSD hanging off my MacBook Pro. This process was long, but required no effort.

    Opening up an iMac of this vintage was relatively straight forward, and I installed the new drive. After putting the machine back together, I booted it up to test it and was surprised at how well the machine performed. Before the drive replacement, the machine was far too slow for me to use. Boot time was long and opening up applications took too long. Now, the machine booted up a lot faster and applications opened quickly which seemed similar to my 2012 Retina MacBook Pro with a Quad Core Intel i7 processor.

    So now I was comparing a nine year old computer to my 3.5 year old computer. My computer has a significantly faster processor and lots more RAM (16 GB), but the performance in opening apps (startup is still faster) and day to day operations seems reasonably close. Of course, I didn't do any benchmarks on the 2 machines, but here you have about 6 years separating 2 computers and in everyday tasks, the performance seemed acceptable on both.

    My dad runs VMWare Fusion on his iMac (for his accounting) and that is a pig; for that (Windows 10 running on 1 core of a 9 year old iMac is a recipe for pain). Other than that, my dad has been quite happy with his upgrade.

    So the question I have to ask is if the processor speed in Macs matters much anymore for everyday tasks. It seems that the limiting factor may be drive speed. I'm not talking about compiling, running virtual machines, or transcoding video, but for web browsing, email, etc., how much speed do we really need? I'm not giving up my machine any time soon and if I can get my hands on a faster machine, I'll definitely do that.

  • The end of DST?

    Twice a year we go through the process of changing clocks either forward or back when daylight saving time rolls around or comes to a crashing end. Yesterday I had to change the time on 5 devices and luckily a bunch more automatically changed. While this process is a little bit of a pain and losing the hour of sleep wreaks havoc on our schedules for awhile, I like daylight saving time as the extra hour of daylight is most welcome.

    Recently, a member of the California Legislature has introduced a bill (AB-2496) to eliminate DST. While this sounds like it would simplify things and not subject us to schedule adjustment, generally everything I've read indicates that people want DST all year long and not have PST. Unfortunately, this bill doesn't address that.

    If people really wanted DST all year long and still get that extra "hour" of daylight, then we, as a society, have to shift our schedules and notions of when things start. So instead of having a normal workday be 9-5 (OK, I know that 9-5 is a cliché, but bear with me), we'd make it 8-4. Everything would have to shift so that we would have the perception that we have an extra hour of daylight; we wouldn't gain an hour of daylight, we'd just start and end the routine activities (like work) early so that we can have free time when it is daylight. This, of course, is never going to happen.

    Given that we're stuck with either our current system of DST or ditching DST and not shifting our schedules, ditching DST is not easy. While yes we wouldn't have to change our clocks, think about all the computers that automatically change their clocks. So now instead of Pacific Standard Time which assumes that DST is followed, we'd have another option like "California time" which doesn't handle DST. This means that computers and IoT devices have to be updated to support this. It isn't technically difficult, but rolling this out could be harder than the daylight saving time switch in 2007 (based on the Energy Policy Act of 2005) as consumers would have to explicitly choose this new time zone (with the last change, the rules which specify the DST rules just had to change with no user interaction).

    If you take a look at an iCalendar entry, you can see that most modern calendaring programs already take into account DST rules.

        BEGIN:VCALENDAR
        VERSION:2.0
        PRODID:-//Apple Inc.//Mac OS X 10.11.3//EN
        CALSCALE:GREGORIAN
        BEGIN:VTIMEZONE
        TZID:America/Los_Angeles
        BEGIN:DAYLIGHT
        TZOFFSETFROM:-0800
        RRULE:FREQ=YEARLY;BYMONTH=3;BYDAY=2SU
        DTSTART:20070311T020000
        TZNAME:PDT
        TZOFFSETTO:-0700
        END:DAYLIGHT
        BEGIN:STANDARD
        TZOFFSETFROM:-0700
        RRULE:FREQ=YEARLY;BYMONTH=11;BYDAY=1SU
        DTSTART:20071104T020000
        TZNAME:PST
        TZOFFSETTO:-0800
        END:STANDARD
        END:VTIMEZONE
        BEGIN:VEVENT
        CREATED:20160304T043923Z
        UID:AAAAAA
        DTEND;TZID=America/Los_Angeles:20160311T220000
        TRANSP:OPAQUE
        X-APPLE-TRAVEL-ADVISORY-BEHAVIOR:AUTOMATIC
        SUMMARY:Some Event
        DTSTART;TZID=America/Los_Angeles:20160311T180000
        DTSTAMP:20160304T043925Z
        LAST-MODIFIED:20160304T043923Z
        SEQUENCE:0
        END:VEVENT
        END:VCALENDAR
    

    Yes, EVERY calendar entry you have has DST rules in it because they are a mess worldwide. So while calendaring programs are already ready to handle a DST change, are we ready for it? Can you imagine someone in California scheduling a meeting for people in New York and Portland? People in Phoenix already do this, so it should be easy, right?

    As much as I don't like changing clocks and having to wake up the Monday after the change to DST to get ready for my day, I'm OK with the current system. I know that a recent study shows a link between the switch to DST and stroke, but there are also links between the Super Bowl and violence. Should we get rid of the Super Bowl as well just because of that? (There are other reasons to get rid of a sport that almost encourages head injuries, but that is a different story.)

  • Review: UniFi AP AC Lite and AP AC LR

    I've been using my EdgeRouter Lite for more than 6 months now and couldn't be happier with it. After posting my review, Ubiquiti contacted me and asked if I was interested in testing out some new hardware. As I love playing with new hardware, I couldn't say no. I was actually eyeing the 802.11 ac access points, but the price tag put me off as I didn't need a new wireless access point; my Time Capsule has been working fine in bridge mode providing coverage throughout my house pretty well.

    Ubiquiti sent me a UniFi AP AC Lite and UniFi AP AC LR for testing. Both units are basically identical with the LR providing better range and potentially better throughout on the 2.4 GHz range. I'm going to focus on the LR device as the price difference ($89 vs $109) is so low, that for the home and small business use, the LR is a no brainer when compared to the Lite (the Lite is also a bit smaller which could make it fit in better on the ceiling in a home).

    Most home users purchase an off the shelf router such as the Apple Time Capsule which includes a router as well as a WiFi access point. This serves most people's needs, however some people find that they need additional access points to fill in the dead spots in their homes. In order to do this, they either use repeaters or additional routers in bridge mode. This is basically wasting a large portion of the router. While this isn't what I'm doing because I didn't need to fill in gaps in coverage, I was quite intrigued about a WiFi access point that simply did WiFi. In addition, the UniFi access points are Enterprise grade access points which means (to me) that they're highly reliable and highly configurable.

    When I first opened the AC Lite (I tested it first), it had the access point, a mounting bracket, and a PoE injector in it. A PoE injector allows power to be supplied over Ethernet; this means that only 1 Cat6 cable goes to the access point and the injector is placed close to the switch and plugged into a power strip. The first thing that disappointed me about this access point is that it didn't use the 802.3af PoE standard which would have allowed me to connect it directly to my Linksys PoE+ Switch. When I asked Ubiquiti about this, I was told that a lot of their customers are price conscious and when deploying a lot of devices, the cost difference can be significant. In these cases, their customers use the UniFiSwitch which provides passive PoE (like the injector). For my testing setup, I simply turned the access point upside down (nose pointing down) on a high shelf. For permanent installation they should be mounted on a ceiling (the docs indicate they can also be wall mounted, but based on the antenna design, ceiling mounting will be better). If I had known about access points that were this cost effective and could be PoE powered, I would definitely have run extra Cat 6 to central places in the ceilings. Anyone that is remodeling and putting in Ethernet cable should throw in a few extra runs in the ceilings to mount access points; even if they aren't UniFi access points, some type of PoE access point could easily be installed.

    The second step was to install the UniFi Controller software on my server. The software is used for initial setup (they also have an Android app and an iOS app that onfigures the access point), monitoring and ongoing maintenance of one or more access points as well as some of the other products in the UniFi line. The controller is a Java app and installed without too many problems. If installing on OS X Server, I recommend modifying the ports that it uses by going to ~/Library/Application Support/UniFi/data/system.properties and change the ports; OS X Server likes to run the web server on the standard port even if you turn off websites. Note that you have to run UniFi Controller once to create this file. In addition, when modifying the file make sure that there is nothing on the line following the port such as a comment as that will prevent the file from being read. (After spending 30 minutes trying to figure this out, I found a forum post with this information in it.)

    I don't like Java apps for daily use, but for server use, I have no objections to them (I also run Jenkins and it runs well without bogging down the machine). After installing the controller, I wanted to use my own SSL certificate (I'm not a huge fan of accepting self-signed SSL certificates). I setup an internal hostname for the machine and then using my SSL certificate in a pem file:

    openssl pkcs12 -export -in server.pem -out ~/Desktop/mykeystore.p12 -name "unifi"
    cd /Users/mediacenter/Library/Application Support/UniFi/data
    keytool -importkeystore -srckeystore ~/Desktop/mykeystore.p12 -srcstoretype PKCS12 -srcstorepass aircontrolenterprise -destkeystore keystore -storepass aircontrolenterprise
    

    (This requires restarting the controller software.)

    Once I had the controller software installed, I went to a browser and connected to port 8443 on my server. The controller software walks you through the simple setup and the access point is up and running. I don't recommend stopping here as there are a number of options to setup to take full advantage of the access point.

    Unificontroller

    The controller interface is very utilitarian, but in my opinion is not easy to use. For the basic access point, it shows a lot of stuff that is irrelevant and can't be turned off. The good news is that the controller software isn't used all that often. I spent a bit of time experimenting with the interface to get what I wanted. First off, I wanted separate 2.4 and 5 GHz networks. If you have one SSID for both 2.4 GHz and 5 GHz, Apple devices pick the frequency with the better signal and this tends to be the 2.4 GHz and won't jump over to 5 GHz automatically. I found a reference to an Apple technote describing the behavior. By separating out the 2.4 GHz and 5 GHz networks, you can explicitly select the frequency. (Apparently the band steering option in the UniFi access points is supposed to help with that.) Next up was a guest network. While the controller can setup a guest network and portal mode, this turns on QoS (Quality of Service) and actually degrades performance even if no one is connected to the guest network. This was not acceptable to me, so I just created a separate SSID and told it to use VLAN 1003 and used what I wrote about before to separate out the traffic. While I would have liked to use the built in guest network and play with the portal, I rarely have people using the guest network so the tradeoff wasn't worth it for me.

    There are also settings for controlling power and bands for the router, but the default settings work for me.

    So now that everything was setup, the next question was "do they work?" Well, it's pretty hard for access points not to work! I setup the networks separate from my Time Capsule so that I didn't subject my household to my testing and put my devices on it. Would my devices stay connected? Did the access point have hiccups and require rebooting? How was the performance of it?

    I've been testing with my 2012 MacBook Pro, iPhone 6 and iPhone 6s, and iPad Mini 2. The iPhone 6 and 6s do 802.11ac, the iPad Mini 2 does 802.11n, and the MacBook Pro does 802.11n. I've found that the MacBook Pro consistently stays connected on the 5 GHz network (preferred network) and usually negotiates at 300 Mbps. Using iperf connecting to a local server, I get 150-200 Mbps. That's not too shabby. The connection is rock solid and I don't see the MacBook Pro switching to the 2.4 GHz network. Using the iPad Mini 2, I can stay connected to the 2.4 GHz network, but the Mini seems to require me to toggle WiFi periodically to see all the networks including the 5 GHz network. I have no idea why, but not an access point issue. When I use the 2.4 GHz network, I can get 50-60 Mbps and on the 5 GHz network, I can get 110-140 Mbps. My iPhone has no problem with the 5 GHz network and gets 100-110 Mbps. (I used iPerf3 on iOS to do the measurements. iPerf3 has an awful user interface, but it does work.) I saw similar, if not better performance with my Apple Time Capsule. Indications from reading the forum is that these access points have trade offs for supporting more users vs higher performance on a small number of users like in my situation. However, the performance is more than acceptable given that I currently have a 100 Mbps Internet connection and the only time I could exceed that is hitting my internal network.

    While I don't live in a condo or a multi-unit dwelling with units stacked on top of other, I do live in an area with crowded airwaves. The 2.4 GHz frequency as you can see below has a few peaks (my networks) and a lot of access points. Performance on the 2.4 GHz is acceptable and since I don't normally run speed tests is more than adequate for my 50 Mbps downstream cable modem connection (for now until I get 200 Mbps hopefully next month).

    2 4GHz

    The 5 GHz frequency is a lot less crowded which is why I try to get my devices on it at all costs (I'm tempted to have the devices forget the 2.4 GHz network, but I suspect that will cause more problems).

    5Ghz

    Since I love statistics, I turned on SNMP in the UniFi controller (it actually tells the access point to turn on SNMP and monitoring is done by connecting to the AP and not the controller), and setup Cacti to monitor traffic. There, of course, is very little use in me monitoring traffic on my network, but I'm always curious about network performance and utilization. However, the graphs do tell me that very, very rarely do I ever see bandwidth spikes above 50 Mbps.

    Catci

    This access point is definitely a step up from consumer grade router/access point combos. It is extremely flexible, cost effective, and unobtrusive (I forgot to mention that it looks like a smoke detector). I've been so happy with my EdgeRouter Lite and this access point, that I have already purchased a UniFi AP AC Pro to see how that will perform.

    Pros

    • Highly configurable
    • Easy to install
    • PoE for placement with just an Ethernet cable
    • Unobtrusive
    • SNMP capable
    • Decent performance in the single user environment
    • Low cost

    Cons

    • Lite and LR units use passive PoE instead of 802.3af
    • Controller software is a bit cumbersome to use
    • Not all advertised features are currently available such as band steering and airtime fairness
    • Guest portal and rate limiting options drastically affect performance

    Summary

    While the UniFi access points are designed for enterprises, they are a great addition to the EdgeRouter Lite. If anyone has a little time to setup an access point and can deal with the not so consumer friendly controller software, I would definitely recommend this line of access points. If you're OK with the 3x3 MIMO on 2.4 GHz and 2x2 MIMO on 5 GHz vs 3x3 on 5 GHz, than the LR access point is probably the better bang for your buck. The Lite for the home network where $20 isn't going to break the bank may not a great choice, unless the smaller size is attractive due to mounting. In my case, I'll be mounting 1 access point behind my TV and 1 in my office, so no one will see them. If you're like me and the lack of the 802.3af PoE bothers you, than the Pro access point is the way to go. Since I already have a PoE switch (actually 2 of them and neither is a Ubiquiti switch that provides passive PoE), having to use an unsightly injector (which uses an extra power outlet) doesn't excite me.

    The Ubiquiti forums provide a wealth of information for the tinkerer. Ubiquiti staff is very helpful and provide lots of answers (as do community members). The controller software and AP firmware is being updated all the time which is very exciting; I don't need new features, but a fresh UI and more options (such as being able to turn off the LED not just using a command line) would be nice.

    For better coverage, getting at least 2 access points would go a long way to having full coverage in a house. While 1 will get me coverage bars all over my house, a second one will give me better performance and not just bars of coverage. Once I get the Pro unit, I'll be able to space out my access points.

    Most home users just accept mediocre WiFi coverage and buy into the marketing of many router/access points that say that they're access points perform better than others. The problem really is that the access point can have higher transmit power (based on the maximum allowed), but really if your device can't connect or have good WiFi performance, it doesn't help. More access points are going to provide better, more consistent coverage. The UniFi access points do that quite well at a reasonable price.

    NOTE: Test units were provided to me at no cost from Ubiquiti Networks. However, that didn't influence the results of this review and no conditions were placed on what I wrote about the units.