De-Smart Bulbing

Between buying a second home and taking over the ADU at our primary residence to be my home office, the need to make 20-some new lights smart had me reconsidering our home automation strategy. Our main home has somewhere in the neighborhood of 80 Zigbee bulbs and I’m just sooooo over them. People can’t be trained not to flip switches, no amount of remotes on the walls and blocks on the switches will stop them. Plus my non-Hue bulbs never get firmware updates, so they’re older than manufacturers figuring out that maybe they shouldn’t all turn on after a power outage.

Also thanks to tariffs / COVID / inflation, the bulbs I used to routinely buy for $6-7 are now more like $10.

The problem with smart switches 5 years ago was price. Zigbee switches didn’t really exist, Z-wave switches started around $50, and if your home lacked neutral wires at the switches the only option was Lutron Caseta dimmers which are $70. I’ve picked up a few used Casetas for exterior lights and other fixtures where I couldn’t use a smart bulb, but even scouring eBay for bargains it’s tough to get them under $45.

There are many more Zigbee and Z-wave choices today but prices haven’t dropped much and there are still few options that don’t require neutral wires.

The first thing I decided to try were the SONOFF ZBMINI-L relays, because the best smart home tech is invisible and they’re theoretically a bargain at $40 in a 4-pack.

What I found while installing them, however, was that their size and shape can make them incredibly difficult to fit in US-style boxes. I’d intended to trial 8 of them but after having trouble fitting 3 out of the first 4-pack I decided to return the second package. Functionally they’ve been solid but I had to set their maximum reporting interval for OnOff state very low to keep zigbee2mqtt from showing them as unknown state. They have seen an OTA firmware update, IDK what it was supposed to address or if that issue was resolved.

A switch that I’d missed in my first round of searching, that Amazon helpfully put in front of me when I started looking again, is the Martin-Jerry No-Neutral Zigbee switch. At $50 for a pair it’s significantly cheaper than anything else I’ve found for Zigbee or Z-wave, neutral wire or not.

Unfortunately, my second order seems to have pushed them out of stock. Hopefully they’ll make more soon but that probably won’t be soon enough for me. The ones I’ve installed so far are doing great, tho I find the design a bit weird. It’s hinged at the top and you have to press at the bottom to toggle. Why not just make the whole thing the button? Or properly emulate the “Decora” two-way rocker? It’s definitely going to confuse houseguests and I’m tempted to install them upside-down to optimize for the “fumbling for a switch in the dark” use case.

In the process of doing smart relay and switch installs in a bunch of fresh locations locations, I noticed that all my switch boxes were not, in fact, lacking neutral wires. In terms of Zigbee / Z-wave / Lutron that doesn’t really open up other options at my sub-$30 price target, but Wi-Fi switches get down to $10 or less.

I’ve been hesitant to add more Wi-Fi smart devices to my home for two reasons. Mostly my experiences with ESP-based Wi-Fi devices is that they just aren’t good Wi-Fi clients. My MyQ Garage Door opener used to constantly drop off the network, tho it seems to have improved. I bought a 4-pack of Wi-Fi color bulbs that were on clearance for a stupid cheap price, Tuya-based, and they’ve also experienced frequent disconnects despite being incredibly close to an AP. I have a few other random devices, some Tuya and some not, and I think the only one that has never been difficult is the Ultraloq Wi-Fi bridge.

But also I don’t want to be locked in to anyone’s phone apps or tied to their “cloud.” This is why I left SmartThings for Hubitat early on, and pretty much every device I have that doesn’t provide purely local control is something I regret choosing and will eventually replace.

Used to be that Tuya designs could easily be re-flashed over-the-air with open firmware, but they’ve managed to shut that down since about two years ago. They’ve also been introducing new products and redesigning old ones to use non-ESP chips that don’t have mature alternative firmware options like Tasmota / ESPHome.

I don’t want to deal with taking devices apart to flash them, especially if there’s further risk of discovering that they quietly switched to a SoC that’s useless to me.

Martin-Jerry to the rescue again, they have pre-flashed Tasmota switches for $14/ea and dimmers for $20.

Other options for inexpensive switches that ship with Tasmota or ESPHome firmware include Athom and CloudFree. They all have weird designs so I’ll be sticking to the M-J switches and dimmers for some semblance of consistency.

So far I’ve installed 10 Tasmota devices and they’ve been solid, much better than any other ESP-based devices in my home. I wish there was a software tool to make getting them joined to my Wi-Fi and pushing a basic configuration as easy as it is to add a Zigbee / Z-wave device, but after doing a few of them it becomes a fairly quick task.

As it stands, I’ve installed 21 new smart switches and have at least 30 more to go.

Good times.

“Just Works”

Somethings I find I’ve unintentionally made something magic happen. This weekend I brought an unprovisioned UniFi Talk phone to our cabin in the mountains, expecting to need to perform some VPN trickery with a VPS to get a local Talk install properly receiving calls behind CGNAT. Imagine my surprise when I plugged it in and my existing Talk install back home discovered the new phone.

It adopted just fine, no problems making and receiving calls through the VPN tunnel.

The “magic” was that I run multicast-relay on all my personal networks and have it configured to also relay to my VPN network. All the wannabe Network Engineers’ heads are exploding at the thought, but I’m sure I had reasons when I decided to do that and, well, My Networks, My Choice.

Then I fired up my new Home Assistant install and quickly realized that auto-discovery across a VPN tunnel is not always a good thing 🤣 When I have more round tuits I will perhaps make things a bit more granular.

UXG Pro exited Early Access

Well, guess I lost a bet on that one. At 21 months since announcement, that has been one incredibly long EA cycle. Still $499 — because why shouldn’t you pay a premium to get lower-spec hardware that runs less software?

Speaking of long EA cycles, I’m still very happy with my UISP Console / UISP-R Pro. Still plenty of functionality to wish for but as a basic router they’ve been rock solid.

UISP Routers

Ubiquiti first teased the UNMS Router Pro back in August of 2020, with the first Early Access sales in October. This is an exciting device, basically the UDM Pro hardware platform shrunk down to a desktop form-factor, minus the drive bay, priced at $299. I bought one and played with it for a minute but at that time it was hamstrung by UNMS/UISP just not providing enough control over routing functionality to be useful in any way.

Last month they released a revised version called the UISP Console. An internal 128GB SSD was added to support running UISP directly and the price dropped to $199.

I imagine the price drop is to incentivize more people to test a router that has been known to be in development for over a year and the price will go up at release. But right now, $199 for a 10Gb router is an incredible deal. And a year of development has brought UISP routing to the point where it’s serviceable.

At the core software level, the UISP routers run UbiOS and really are “the same” as the UDM line, minus everything that happens in the unifi-os container. It’s running the ubios-udapi-server and udapi-bridge and the /config/ubios-udapi-server/ubios-udapi-server.state looks just like what you’d see on a UDM. It’s the same on the (presumably discontinued) Router Pro and the UNMS/UISP Router Lite UISP Router (based on the same MediaTek platform of the ER-X and its many variants).

All of them are initially configured via Bluetooth on a smartphone running the UISP app. With the UISP Console, it will join to your existing UISP installation if you are currently signed in. Otherwise, it will go through the process of setting up the onboard UISP instance with cloud-based proxying via an * domain.

The “router functionality” is still pretty minimal. You can assign IPs to interfaces, add static routes, configure OSPF, and set Source and Destination NAT rules both pre- and post- routing. Aside from routing, it has Firewalling on par with what an EdgeRouter can do and a DHCP server.

And that’s it.

Still no DNS, PPPoE, DHCP Relay, VPN, Load Balancing / Failover, BGP, VRRP, and a host of other functionality that is common and expected to be found on a router. The latest theorizing is that these products are targeted to ISPs with low technical expertise, so I maybe wouldn’t hold my breath on some of those more advanced features ever arriving, but even with that narrowed scope there are many glaring omissions.

That said, I’ve deployed my UISP Console to proper Home Production use. I recently had fiber Internet installed at my home with an add-on static IP allocation, and the UISP routing platform is perfectly sufficient for dividing that up. Ironically, UniFi 6.5.51 just went GA and finally has the functionality to make multiple WAN IPs useful for most common scenarios, but I have some services I’d like to expose to the Internet directly without any NAT and that’s much simpler to do if I route those IPs directly to a non-UniFi router.

UniFi Disappointment Router?

The UniFi fanbois were aflutter when Ubiquiti released this video promoting an upcoming UniFi Dream Router:

It sounded like a substantial upgrade to the UniFi Dream Machine: WiFi 6, two ports of PoE, 128GB SSD, an SD slot for storage expansion, and the ability to run Protect and other Ubiquiti controllers that haven’t been available to UDM users due to the lack of storage.

Then it hit the Early Access store for $79. Huh?

Turns out it’s based on MediaTek’s MT7622 platform. Two slow ARM A53 cores vs four fast ARM A57 cores on the UDM. It’s not a Better UDM, it seems more like a move to bring the “UniFi Dream” vision to the entry-level consumer browsing the shelves at Best Buy.

At the software level, like the UDM Pro SE and UXG Pro that still remain trapped in Early Access, the UDR runs on Debian 9 and ditches the mutant Debian unifi-os container. Hopefully that brings a significant reduction in CPU utilization, because my own UDM Pro typically sits at 30-40% just running Talk and Network without IPS/IDS, and I’d expect that to translate to 75-100% on the UDR’s CPU.

Early reports are that the boot process takes upwards of four minutes, LAN to WAN routing is maxing out around 800Mb/s unidirectional and enabling IPS/IDS drops to around 500Mb/s. I don’t think the routing performance is a significant concern for people who’d buy this product at $79 (or $159) but hopefully there’s more optimization that can be achieved because line-rate ought to be table stakes in 2021.

Where I do think Ubiquiti has missed the mark is on the storage and promoting the UDR as running the full suite of UniFi controllers.

SD cards have a well-deserved bad reputation for reliability. These days there are many cards rated for continuous usage in NVRs but the Average Joe is going to buy the cheapest card on the shelves and there’s the longstanding problem of avoiding counterfeit cards.

They could have made the M.2 socket easily accessible for upgrades, though it’s understandable that they wouldn’t. For the target audience, external USB storage would be the best option and the MT7622 does provide a USB 3.0 host.

On the controller front, given the relatively low-performance CPU and 2GB RAM, promoting this device as running every UniFi controller just seems unwise. The Access and Connect markets shouldn’t be bothered by needing a $379 UDM Pro or $199 CloudKey Gen2 Plus, and while Talk on the UDR potentially has an interesting use case as a teleworker gateway, especially with the direction UID appears t be headed, at the moment Talk is a long way from being suitable for that purpose.

Longer-term, Ubiquiti needs to free these devices from the constraint of being locked to their on-board Network controller. The entry-level buyer whose needs eventually push them to a higher-level “UniFi Dream” router will be left with an attractive piece of e-waste because the onboard AP and switch can’t be adopted to their new UniFi Network controller.

Unpopular Opinion: Don’t use a Raspberry Pi for that!

A Raspberry Pi is great if you have a need for which it excels. GPIO, extremely low power requirements, tight space constraints. But the Pi should not be the first thing you reach for when “Unobtrusive and Inexpensive Linux Host” are the only requirements.

Years ago I migrated my Pi-hole from an actual RPi to a NUC-sized system based on the AMD GX-415GA that I paid $5 for bare bones, roughly $45 all-in with PSU, 4GB RAM, and SATA SSD. It’s not screaming fast but it’s still overkill for something like Pi-hole. More importantly, it boots faster than a Pi and the storage is WAY more reliable than micro-SD cards and those things are kind of a big deal when DNS being down effectively means the Internet is down. At about 7w in use the difference in power consumption is about a penny per day.

More recently I wanted to build a stack of Docker servers to run a couple Frigate instances and consolidate my sprawl of containers running within VMs. I bought this stack of HP Prodesk 600 G4 micro desktops for an average of $260/ea. Two came as i5-8500T / 16GB RAM, one i5-8600T / 8GB RAM, all with 256GB NVMe drives. That’s a lot of compute in a tiny package and I’ll be upgrading them all to 32GB / 1TB NVMe.

A complete Raspberry Pi 4 Model B 8GB kit is admittedly cheaper — typically $150 these days — but you can find complete i5-6500T systems in that ballpark with 8GB RAM and a hard drive or small SSD. Lower specs, or i3-6100T systems, can get down to $100. Again, for the money a 6th-gen Intel CPU is a ton more compute than a Pi, provides faster and more reliable storage, and you don’t have to put up with the quirks of Raspian or running an alternative distro that has zero community.

Granted, these are systems that will idle at 10-15w and can hit 55-60w at 100% load. There are situations where that may be unacceptable but that’s probably not the situation when you’re building a tiny Linux server at home.

Once you start down the rabbit holes of Pi-hole and Home Assistant, you’ll probably acquire a bunch of other things to run — I’m at 10 distinct Docker-ized stacks and have a few more things to migrate — and you’ll be happier having starting with one system that’s overkill for everything you’ll want to throw at it than accumulating a bunch of limited-purpose RPis that you’ll eventually want to consolidate on something more powerful anyways.

If you’d like to learn more about tiny PC options, check out ServeTheHome’s TinyMiniMicro series. I specifically looked for HP G4 systems from the MP9 / ProDesk 600 / EliteDesk 800 lines because they have dual M.2 M key sockets plus an A+E key, which provides maximum flexibility for NVMe storage and Coral TPUs.

Repeating Old Mistakes

Early last month, my 20-month old UNVR stopped working. I pulled the drives, tried the Reset button, and thanked the Deities that I live in an area where a UNVR is something that I can buy. In a store. On a Sunday.

At the time I’d seen hints that wearing out the internal storage was not uncommon. What I hadn’t learned, yet, was that the internal storage is a USB stick. My discovery of this was accidental — I was mucking around on my new UNVR and decided to run lsbusb -tv and there it was.

With a quick search of the Googles I found fresh knowledge that it is, in fact, a generic USB stick, and that replacing it is as simple as putting in a blank drive and holding the Reset button on boot. I guess they learned some lessons from the EdgeRouter Lite USB failure debacle. Just. Not the lesson that they should never put a USB stick in a device!

Old and Busted. Blast it with a heat gun or your girlfriend’s blow dryer for a moment to release the glue.
New Hotness, Samsung Fit 32GB.

I’m tempted to hack this “extra” UNVR into a NAS, though I have concerns about what could go wrong if the USB fails again. I’ve had great luck with Samsung Fit drives but maybe an M.2 SATA SSD in a USB adapter would be a better option.