Product rating for Ubiquiti UniFi Dream Machine

So I take the time to warn others of serious shortcomings with this product, providing extensive sources and I get downvoted without any feedback?

@csccx I did appreciate your time/effort. Thanks for sharing.

don't blame the product if you're configure it wrong! The vendor-class-identifier is needed for DSL and not for fiber! You have to set the vlan tag 10 on your wan port!

@Enzo79 Thank you for your contribution. Obviously I did try with just VLAN ID 10 on the WAN NIC, as this - at least - is easy to set in the UI. Guess what, that didn't work...

My current router, a Fritz!Box 7590 requires the VCI DHCP option in order to work with Swisscom fibre; and it looks like I'm certainly not the only one [1][2]. This could have changed over the last couple of months but it seems doubtful.

Do you actually have a working UDM, connected to Swisscom fibre over its WAN port? If not, you're the one misleading others. What's your purpose?

[1] community.swisscom.ch/t5/Internet-Allgemein/Glasfaseranschluss-mit-eigenem-Router/td-p/582855
[2] community.ui.com/questions/EdgeRouter-setup-for-Swiss-FTTH-providers/822977aa-88ec-4ff1-a75a-6b313d6e1f10 more

@Csccx
not with a Dream Machine, but with an USG.
After you set the vlan tag on wan, did you reboot the Dream Machine? I had to reboot the USG

Can you describe your setup? SFP (from Swisscom) in a media converter --> connected to the WAN port of the Dream Machine?


Swisscom TV will not work with the Dream Machine, it's missing the igmp proxy feature more

@Csccx
you mentioned the Fritz!Box 7590, that's a DSL MODEM/Router!! Do you have fiber or DSL??
The Dream Machine doesn't have a build-in modem!

@Enzo79: in my review, I took care to describe my setup as: UDM -> (WAN port) SFP media converter -> Swisscom fibre connection. I use the same media converter (a TP-Link MC220L) to connect the Fritz!Box using its own WAN port. Rest assured that I performed multiple reboots and tried multiple combinations with the UDM.

Reference [3] in my review also lists the (very) large set of features missing in the UDM (compared to the USG); among which, is indeed the IGMP Proxy feature, one of very many.

Unfortunately, the UDM uses a completely different operating system from the USG, which, at this point in time, can only be described as half baked with very little by way of vendor support. A USG would most likely work fine but it is a fairly outdated piece of hardware. My review is for the UDM, thanks. more

@csccx
I have a question here why didn't you connect the WAN port in UDM to your modem. then in UDM WAN configuration use DCHP?

@moustafa.galmad I suppose this might work.

However, the purpose of a router is to... route. My aim was to *replace* my previous router (the Fritz!Box) with a new router and improve security by leveraging VLAN segregation. Adding a new router downstream from the existing one increases complexity, power usage and is very unlikely to yield the full security benefit.

Further, if you intend to use the UDM with IP TV (or any sort of streaming, for example to WiFi speakers) on a separate VLAN, note the missing IGMP proxy support.

Anyone contemplating the purchase of this device should take a look at the official forum discussion [1]; scroll to the bottom. You'll find a growing number of rather disgruntled customers and still ZERO feedback from the vendor as to when these issues might get addressed (in over 5 months).

[1] https://community.ui.com/questions... more

Multicast/IGMP implementation has a long history with Unifi. Even the switches require a work around for disabling IGMP header validation (boot resistant). Since years people ask for a proper implementation. I've returned the DM and the switches and went back to EdgeRouter 4 which once setup properly (IGMP, IPv6 etc) is fire and forget. Even the most basic Netgear Switches or Asus Routers have a proper IGMPv3 implemenation. In my environment Unifi is now Wifi only and the controller hosted on my NAS with a docker image which works great, at least. more

@csccx
@scose

Hello guys


I was playing at my UDM and I found the following info:
you can configure your UDM via the following command
ubios-udapi-server
by using ssh
the main configuration file for the UDM located und /config/ubios-udapi-server/ubios-udapi-server.state
which it includes the following section:

"interfaces": [
{
"id": "br0" #this is the nat interface for your local network (lan)
}
],
"ipVersion": "v4",
"ipv6Modes": [],
"leaseTime": 86400,
"name": "net_LAN_br0_192-168-178-0-24",
"options": [
{
"optionNumber": 60, #test for lan
"value": "1111111.8"#test for lan
},
{
"optionNumber": 61, #test for lan
"value": "2222222.9" #test for lan
}
],
it shows that we can add dhcp option 61 for lan but i think we need to find the right section in this file "ubios-udapi-server.state" to add dhcp option 61 or 60 for wan i will work on it

in case if anyone here is interested in making his own configuration on HIS OWN RESPONSIBILITY
you can run this following command via ssh
ubios-udapi-server -c /PATH/OF/THE/CONFIGURATION/FILE

# ubios-udapi-server --help
Usage: ubios-udapi-server [opts]
Options:
-h, --help show this help
-v, --verbose print more information
-e, --extremely-verbose print also UDAPI communication
-c, --config [arg] configuration file (default /config/ubios-udapi-server/ubios-udapi-server.state)
-f, --fallback-config [arg] default/fallback configuration file (default /usr/share/ubios-udapi-server/MODEL|FAMILY.default)
-s, --socket [arg] server socket (default /var/run/ubnt-udapi-server.sock)

I wish you a nice weekend
Kind Regards
Moustafa more

@csccx
@scose
I'm connected directly to the internet via UDM and Zyxel MCT-3002W2SFP-DR (Media converter).
regarding the Vlan 11/10, this VLAN id is not correct. I've my connection from sunrise and VLAN wasn't 11 or 10 it was way higher it was 1xx
I got the VLAN id from the diagnosis file at my fritzbox once I add the correct VLAN id in the WAN section everything works well.
I still have an issue with landline number but it's a minor issue for me now. but I will fix :D
thanks, guy
have a nice Sunday more

@moustafa.galmad very well done for figuring this out! Unfortunately I can't try it out, having long since returned my UDM (against the 10% Digitec restocking fee).

It's a total shame that Ubiquiti doesn't document, let alone endorse such workarounds to their GUI shortcomings. Unfortunately it also quite likely means that you'll have to reapply your tweak after firmware upgrades, which may not be super practical but hey, at least you've found a way.

I see that you also posted your workaround on the UI forums [1]: this is probably the right place for further discussion but thanks again for the pointer for those who may brave the (current - but for how long?) shortcomings of this product. Note that besides other stumbling blocks, such as lack of IGMP proxy support (for IPTV, streaming etc), there are also reports of substantially inconsistent performance [2].

Good luck!

[1] https://community.ui.com/questions...
[2] https://community.ui.com/questions... more

@csccx
I'm really sorry for you. :(. But now we know hot to get work.
I would plane unifi for not providing a good support for their devices its disappointing
I wish you a nice evening.
Kind Regards
Moustafa

I think they fixed that in the latest firmware update?
https://community.ui.com/releases...

@csccx I think the DM would be a nice thing. But the privacy aspect and the ui sso are imho not acceptable, so I gonna move away from ubiquiti, and disregard their new products

@Csccx many thanks for taking the time and effort for your review and updates.
@moustafa.galmad thanks for your insights and finding the workaround.

Still looking into this, but as a Swisscom subscriber this is taking more time and consideration than I thought. Currently until the IGMP proxy is sorted out on the UDM, I think I'd have to go with the keeping the Swisscom router (for Swisscom TV) disabling DHCP and wireless and then sending all traffic to the UDM defined as my DMZ. Sound right, and any comments on this "solution"? more

@Anotherchris this should work - in theory - so long as you feed the Swisscom TV directly off one of the Swisscom router's hub ports. Not connecting the UDM directly to the Internet may also have some benefits in terms of controlling its "phone home" features, assuming you interject a capable firewall.

But you might also consider it overkill to have two moving parts (twice the number of things that can "go wrong") on your WAN path. And what is the UDM really buying you in that solution? Just additional complexity IMHO.

A year on from the waste of time that the UDM purchase was for me, I built my own router/firewall based on OPNsense running on a fanless mini-server (the UDM has fans!). I used very capable TP-Link hardware for my L2 requirements (TL-SG2008P switch and EAP-620HD WiFi AP - both bought here from Digitec - the latter also supports WiFi-6 unlike the UDM). Granted it was a fair amount of work (this point should definitely not be understated!) but I couldn't be happier with the result. I now have a perfectly segregated network, which I am completely in control of. Oh, and no IGMP issues: SwisscomTV is perfectly stable. more

@Csccx
Thanks for your reply. My Swisscom fibre setup (internet box v1) is currently working fine; I was interested in the UDM originally for an old house in France and like the idea that if necessary there are many unifi AP options and the management tools look good. Then I got to thinking it might be a good addition to my setup here in CH (VLANs, IPS, network management etc). So I got into researching the product, got close to buying and am here.

I think it still makes sense for France; and no harm in my trying out here and if I like it getting a second one to stay here.

I've already got a few unfinished IT projects (the raspberry pi being so inexpensive...) as it, so was interested in the turn key aspect rather rolling my own solution. Hats off to you though, and ideally I would do it that way, but with age I'm getting wiser and trying to prioritise better :)

All in all it's likely but not certain I'll order in a couple of days (after a final check of the unifi forums and the sub-reddit). more

The fritzbox cannot do IDs or ips, segmentation, and many other things. Not to speak of that the throughput is a joke if you use gigabit. So don't compare it to the UDM. No wonder swisscom does not work as they use PON. But I have no proof for it. Maybe they do prevent on purpose to use such hardware for private users. That's why I use a provider with 1:1 and not 1:32 connection. PON is one connection for 32 users. If a provider still uses IGMP Proxy then they use old tech. Multicast works also without IGMP Proxy if setup properly. Potty this is not the case in Switzerland. more

Perhaps you should read properly before rushing to defend the UDM; I never meant to compare it with the FB. I wrote: “Had to go back to my ‘consumer grade’ Fritz!Box that does all the above without breaking a sweat (although alas, no VLAN segregation)“.

I’m pretty sure Swisscom doesn’t use PON; out of the mainstream CH providers, only Salt does AFAIK. The issue was that the UDM, at the time, did not even support basic DHCP request options that many other routers - yes, including the consumer grade FB - supported.

Lack of DHCP options support has reportedly been addressed in the meantime but since there was *zero* feedback from Ubiquity at the time, it was anybody’s guess as to whether their approach would be another of these “we don’t think anyone should need this”… as with the IGMP issue (ie: “customer is, by default, wrong”). Yes, IGMP may well be an older standard but if your provider uses it for IPTV, it’s still tough luck with the UDM. Kowing it’s an older standard that’s unfortunately not quite obsolete won’t help you one bit, thank you…

The biggest issue that made me return the device at the time was the perceived lack of care from the vendor. Pity they aren’t as good at caring for their customers as they are at evangelising through their fanbois…

In the end I’m still glad I couldn’t go with the UDM. The OPNsense setup (described a few comments above) runs rings around the UDM and, most importantly, I also get to decide who’s allowed to collect “telemetry” from my home ;-) more

Ce produit n’est pas un modem mais juste un usg qui permet d’augmenter ou non le débit d’une connection avec la console intégrée et finalement je continue à dire « évitons d’acheter ce produit comme les autre dream machines » c’est qu’une usine à gaz ne faisant pas ce qu’on lui demande de faire more