Switching to Orcon 1gbps UFB and wanting to upgrade my networking gear to Ubiquiti

Forums › 2degrees (including Slingshot, Orcon, Flip, Stuff Fibre, MyRepublic, 2talk and Vocus) › Switching to Orcon 1gbps UFB and wanting to upgrade my networking gear to Ubiquiti

1 | 2

chevrolux

4962 posts

Uber Geek
Inactive user

#2209121 1-Apr-2019 21:29

I tend to think if someone thinks they want a USG, they should just stick to their ISP router. Really the only thing it does is make the Unifi controller report pretty things.

You can't do many "advanced" things with it in terms of routing & NAT rules. And as has been demonstrated a fair bit lately going by posts on here, doesn't actually give any better routing performance. Also, if you are want to do clever routing, you need to know how to configure it. And if you know how to configure it, you wouldn't buy a USG in the first place.

Then if you want to use the properly cool stuff like IPS, they are even more useless. I would really question the need for IPS in a home environment though, as you have to know how to configure it first. And if you know how to configure it, you wouldn't buy a USG in the first place.

I would liken most USG's in a house, to those Fortinet's/Junpier/Sonicwalls/Sophos' you see in a businesses that some IT houses just love installing. Just expensive routers, that aren't doing anything different to a $90 Mikrotik because the cool stuff isn't actually configured.

OP - I'm always on-board with going over-the-top in your home set up. Why not right? But do it properly, get the cool router, not the "easy" one. Just be prepared to learn.

michaelmurfy

meow
13240 posts

Uber Geek

Moderator

ID Verified

Trusted

Lifetime subscriber

#2209142 1-Apr-2019 22:19

@chevrolux I actually disagree here.

I've done many installs with the complete kit - USG, UniFi Switch + Access Points. The reason people want them is they want a modular network with a nice control panel that is easy to manage. If you want a VLAN for your kids pointing to Cleanbrowsing DNS? Simple, literally less than 1min and you've got an entire network set up with this for the kids complete with DPI running to catch them out.

There are merits with running the USG along with the other Ubiquiti gear. Yes, I fully understand it is a simple product but this is the market it is aimed towards. There are more and more features getting released to the USG with every major release of the UniFi software. I always recommend them for people who want an advanced network and doesn't have the technical knowledge to mess around with the Mikrotik or the Edgerouter. Even those with a more advanced background often won't need anything above what the USG offers.

With IPS I've actually used this with larger sites who have on premises servers with port forwarding rules active. Normally these sites may have 100/100Mbit Business UFB so the USG Pro runs this well. It does work quite well when configured correctly as a second line of defence.

I do know the Edgerouter, Mikrotik or even other routers can do these features with more granular control but the USG has its place as being an easy to manage networking product with great routing performance across the line.

Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.

richms

28168 posts

Uber Geek

Trusted

Lifetime subscriber

#2209144 1-Apr-2019 22:34

michaelmurfy:

@richms I think you had a faulty unit here. I've deployed many USG-3's on Gigabit connections and they work as well, if not better than existing ISP kit. IDS is not offloaded so this is why it drops speed.

One of the connections one of these USG-3's is running on is actually a Voyager Gigabit connection with full IPv6 and several port forwards running. Never had an issue and looking at the portal it has over 100 days uptime.

It does run hot and always show over 50% CPU in the controller. But I am not going to get another one when its clear they have a whole new platform in the dream machine.

Im sure if I could get some layer 3 switching happening here that would probably drop the load a little on the USG, but I now have the NVR and computers viewing cameras on that vlan, so the only cross vlan traffic it should see is when I look at the cameras on the gaming PC or one of the laptops, and its only a handful of megabits so shouldnt cause it to break a sweat.

Richard rich.ms

Sounddude

I fix stuff!
1928 posts

Uber Geek

Trusted

2degrees

Lifetime subscriber

#2209263 2-Apr-2019 09:17

richms:

It does run hot and always show over 50% CPU in the controller.

I am lucky if I see mine even close to being 5%. Most of the time its 1%.

Not sure what you doing, but I consider myself a power user and I do a lot with mine (VPN tunnels to many end points, OpenVPN server etc) and don't experience anything what you experience.

1 | 2