Migrating home infrastructure network from OpenWRT to Unifi
Short introduction
It’s been a while since I been using customized OpenWRT OS on my Linksys WRT1900ACs home infrastructure router (before I been using DD-WRT, Tomato firmware and custom Debian routers built by me, Cisco routers).
Home networking was heavily customized and adapted to my needs. I spent weeks configuring, troubleshooting while got results I wanted on my OpenWRT Linksys WRT1900ACs:
- Multiple VLANs to separate services (DMZ, IoT, home automation services, CCTV and etc.)
- Optimized Wifi (multiple SSIDs, guest WiFi and etc.)
- Custom, powerful firewall with Geo IP filtering, push notifications for alerts and firewall logging on remote syslog server
- OpenVPN service
- Automatic DNS updater (to update DNS records via DNS provider API)
- Networking dashboard
- Internal DNS, DHCP server
- Squid caching proxy
- Network monitoring dashboard
- Health checks on networking services and push notifications
- Tor proxy (Specific SSID/VLAN was allowing to proxy all traffic via Tor automatically)
- DNS filtering and automatic advertising blocking for all home devices and users
- Docker container services running on router itself for automation tasks/self-healing and etc.
In this setup my networking was completely stable (excluding usual OpenWRT post-patching problems), and I been running it for around 6 years.
Why I decided to move away from OpenWRT?
Main problem for me was OpenWRT patches/upgrades. Don’t get me wrong – I love troubleshooting, but if you have only single main networking device and performing regular patches – your infrastructure leads you to weekends nightmares sometimes and that means – you have less time spend with your family…
Why Unifi/Why UDM Pro?
- Well first it was recommended by my Network colleagues, they been using Unifi products for a while and been happy with overall quality for their home network setups, also online reviews looked promising
- Is modular (You can expand, add new devices on demand)
- Community support looked promising
- Hardware quality
- UI interface is amazing
- Frequent updates
- Automatic backups, Unifi protect seamless integration and etc.
- UDM Pro - finally all in one device arrived, which I was keen to try
- UDM Pro runs Alpine Linux
- More or less unifi products based on OpenWRT (I found similarities within devices OS)
- Less complicated (I mean for me Unifi was completely new, but to configure the way I want – it took me around 2 days)
Yes - Unifi has its own drawbacks and manual tweaks/hacks would be required but is doable. Some people complaining about strange firewalling concepts, but there is plenty info online which is helpful. It has missing features, but their developers continuously working to improve and add new features.
Moving away from legacy infrastructure to Unifi
First – I wanted to simplify my infrastructure as much I can, so I chose instead of having lots of cables, wires, power adaptors, IoT lose devices – put everything in the home rack cabin. Some might think is an overkill, my view is different :) Because is much easier to manage:
- Upgrade, replace, re-cable
- Easier to transport
- Less noise
- Better air circulation and ventilation
- It looks nicer (but for me is not about the look)
Parts for setup
- 9U rack cabin
- 2x PDU unit
- 2x 2U shelve
- 10x 1m long cat 6 cables
- 4x 2U cable management
- UDM Pro unit
- UAP-AC-nanoHD access point
- 1x 12cm speed adjustable fan
- existing hardware (modified HP Micro server with Xeon CPU, USB power hub, netgear modem, netgear switch, IoT devices (Arlo, PhilipsHue))
Work in progress
Actual assembling of rack cabin and hardware mounting reminded me old good times when I was building my first Slackware linux server :) It was messy first and I had to do few mods myself, like:
- Shortening PDU unit cables
- Repainting parts of rack cabin (as it was delivered scratched and with white marks - I have to admit, this was my second rack cabin purchase attempt as first one was delivered completely damaged)
- Hiding network, power cables and separating from each other
Final results
Finaly can forget networking and enjoy my walks with family.