Blasting WiFi across the street

Posted on November 6, 2018 by ubntfan

I have a lot of front yard to maintain.

UMA-D_Front_Angle

It would be nice to have good WiFi signal while mowing all this lawn. There’s an AP in the attic above the front door but the signal doesn’t reach all that far, maybe 30-40′ out. I needed something with a bit more oomf and the UAP-AC-M + UMA-D antenna combination sounded like the perfect solution.

If you haven’t heard, the UMA-D is a tiny miracle antenna: dual-band, 15dBi, 45-degrees on 5GHz and 90-degrees on 2.4GHz, for $99. It transforms the otherwise unimpressive UAP-AC-M into a directional WiFi blaster that will send its signal hundreds of feet downrange in open terrain.

As an initial test, I placed the combo in the bonus room knee wall space:

Blasting through my roof I was getting about 180Mb/s of download speeds to my iPhone XS… from across the street! That’s 140-ish feet away.

Of course, that wasn’t good enough for me, so I found a pre-existing hole to run an Ethernet cable to and mounted it outside the garage.

The improvement is incredible.

That’s from my phone. 140 feet away.

If you need to blast a WiFi signal far away outdoors, the UAP-AC-M + UMA-D are a powerful and affordable solution.

60GHz Point-to-Multipoint Backhaul

Posted on November 6, 2018 by ubntfan

This past weekend I finally had everything in place to deploy my Mikrotik 60GHz gear to backhaul the WiFi being installed in my pool house and detached apartment. There are a few reasons for choosing the 60GHZ equipment over using wireless uplinks within UniFi or running AirMax gear:

For wireless uplinks I’d still need to mount an AP on the outside of the house. Brick exterior terribly degrades 5GHz signal.
Mikrotik advertises gigabit, full-duplex. The headline numbers for AirMax AC gear are substantially slower and half-duplex.
The 60GHz band frees me from concerns about interference from neighboring WiFi. Or my own.

I already had a Wireless Wire kit I’d intended to use for a PtP link at my old home, so I just needed to add a WAP 60G AP unit to enable PtMP. And figure out where to mount everything.

The previous owners helpfully left me a couple holes where they’d mounted cameras. But climbing up the maximum reach of my ladder while drilling a mount above my head wasn’t something I really wanted to do.

Fortunately I found another set of holes coming off the living room. I wasn’t sure I could safely climb back down from that attic space, so first I embarked on a project to add another 2×4 step to the studs.

For mounts I used Ubiquiti’s UB-AM. On the house end, the Ethernet cable goes back to my main PoE switch in the bonus room closet. At the remote ends I’m using the Mikrotik PoE injectors with the data side connected directly to the data end of Ubiquiti injectors that power the WiFi APs. I figured it wasn’t worth installing switches in each location just to run a single AP, but if I install more devices later I may add them.

RouterOS is a bloody eyesore, but Mikrotik thankfully provides a quick-start interface for getting the units connected to each other and it was relatively painless.

The moment of truth was turning on the bandwidth test server on the AP side and getting both CPE units to bi-directional tests concurrently:

Screenshot 2018-11-06 at 9.16.06 AM

That is up to 1.9Gb/s of aggregate bi-directional throughput! Amazing. Individually I’m seeing about 1.3Gb/s, which is quite a bit less than the advertised 1Gb/s full-duplex rate, but 2-3X what I’d expect from AirMax AC gear in this scenario.

AmpliFi’d

Posted on September 14, 2017 by ubntfan

Irma took me out for a few days, but I’m back!

Lately I’ve been trying to make sure all of the tech at my girlfriend’s home can actually be managed by her, should I be hit by a bus and fall into a coma. I was in the process of building a Sophos XG UTM, decided to buy a Circle instead. Kids needed a computer, so I got them an LG ChomeBase instead of going through the hassle of making Windows secure and kid-safe. She had some home automation going with a Wink Hub, Echo Dots, and an assortment of LED smart bulbs, so I handed down my EcoBee3 when I upgraded to the 4.

The EdgeRouter PoE and UAP-AC-Lite combo were the remaining weakest link in terms of self-management and control. The ER is wholly unsuitable for mere mortals, and while the UAP could theoretically be reset and managed entirely via the phone app… that would be another hassle to deal with in my absence.

And I also had a coverage gap I wanted to address. I’d place her AP in an alcove to keep everything neat and tidy, but it’s a horrible spot for 5GHz propagation to the back patio where I often work. Dropping a UAP-AC-M or UAP-AC-Lite near the area and using the wireless uplink feature would have solved it, but that’s adding more complexity where I want less.

Enter AmpliFi Mesh:

The early reviews on this product weren’t all glowing, from the technologist’s perspective it has a number of compromises and a purposeful lack of features, but from the I want a multi-AP setup that the girlfriend can easily manage from her phone perspective it ticks all the boxes. Since the initial launch they’ve simplified the product line, the Base and LR mesh kits are gone and the HD Mesh kit has dropped a couple hundred bucks down to $349 retail. I picked up a used kit on eBay for $200-ish and I’m not sure which version it is.

I’ve configured the system in bridge mode behind the EdgeRouter while I figure out how to replicate my site-to-site VPN. The Mesh units are placed in the laundry room downstairs and the hallway upstairs, and I am bathing in glorious 5GHz coverage where previously it was spotty. I’m sure it’s not the absolute fastest using 2.4GHz for backhaul but the Internet connection here is ~60Mb/s and I’ve no trouble achieving that throughout the home despite this being an apartment complex with a bazillion 2.4GHz APs in view.

So far, I’m liking it a lot… it addressed my pain points at an affordable price and is gorgeous to boot. Since I’m just using the wireless functions there isn’t much to dislike, but one minor nit is that it doesn’t support Guest access in bridge mode.

Would recommend for situations where an EdgeRouter / USG + UAPs are overkill and a high-quality simple solution is desirable.

Update: Troy Hunt put together a thorough review of an AmpliFi install with lots of screenshots.

Final (maybe?) Update on ER-X / ER-X-SFP Aggregate Performance

Posted on July 11, 2017 by ubntfan

It has been confirmed to me that the ER-X / ER-X-SFP have only one 1 Gb/s link between the SoC and switch. Since every packet that enters the SoC through that link will have to exit the same path, 1 Gb/s is the maximum aggregate throughput.

I’ve not been able to garner any interest in why bi-directional testing take a substantial performance hit. I may try some earlier firmware releases in the future but for now I’m moving on from this subject.

ER-X vs ER-X-SFP Performance

Posted on July 9, 2017 by ubntfan

See Preliminary Observations of the ER-X for the story leading up to now. I retrieved the ER-X-SFP but after giving it some more thought I concluded that the SFP port shouldn’t provide better throughput because it has to be hanging off the switch.

But I decided to test away anyways. Here’s a baseline iperf run of my test setup:

iperf-laptop-no-router

About what I’d expect from the hardware I’m using: 908 Mb/s uni-directional, 1,465 Mb/s aggregate bi-directional.

Here is the ER-X, with eth0 WAN and switch0 / eth1LAN:

iperf-er-x

The bi-directional result of 765 Mb/s is one of its better runs, high 600s to low 700s was its general range.

Now, here’s the ER-X-SFP in the same config:

It takes a hit, tho it’s results were consistently in the high 700s — a tiny bit better than the ER-X.

Now let’s try it again using an RJ45 SFP in eth5 as WAN:

iperf-er-x-sfp

929Mb/s bi-directional! And consistent! So it performs better… and I’ve no idea why… but clearly the platform is limited to 1Gb/s aggregate throughput.

As a sanity check I ran the same test against an ERLite-3 and was able to get > 1,700 Mb/s using multiple threads. Using multiple threads against the ER-X did not affect the results.

Both ER-X and ER-X-SFP on v1.9.1.1, configured using the Basic Setup Wizard for single LAN, with set system offload hwnat enable and port forwards for 5001, 5201, and 5202 TCP & UDP (iperf / iperf3).

Preliminary Observations of the ER-X

Posted on July 8, 2017 by ubntfan

I’m going to work up a thorough review soon, but preliminary testing confirms what others have seen: Bi-directional performance of the ER-X is sub-1Gb/s aggregate and a fair bit lower than uni-directional performance. I’m seeing over 900 Mb/s uni and low 700 Mb/s for bi-directional NAT’d traffic on v1.9.1.1.

I’ll do more testing with routed non-NAT traffic next week.

I’m surprised more attention hasn’t been brought to this given how often the ER-X is promoted as a cheap router for Google Fiber and other Gigabit FTTH offerings. The reality of the ER-X is that it’s more like a 350/350 router than Gigabit.

In trying to understand why this is, I came across a blog entry speculating that one of the 1Gb/s interfaces from the SoC is reserved for the SFP on the ER-X-SFP. I’ll be swapping one of these ER-X’s for the ER-X-SFP at my girlfriend’s home to test if there’s a performance improvement using eth0 and eth5 on the ER-X-SFP vs eth0 and eth1 on the ER-X.

Another item of note: Pass-through PoE does not require a 24v PSU! The included 12v PSU is only 0.5A and not suited to powering anything else — it will, but expect stability problems under load, or perhaps a fire — but any 9v-26v PSU that supplies more watts will work. An upgraded 12v PSU will generally be a few bucks cheaper than 24v.

UniFi v5.6.x Goes Testing!

Posted on July 5, 2017 by ubntfan

UniFi 5.6.10 Testing has dropped. I haven’t been paying much attention to the v5.6.x Unstable releases as I’d been waiting for v5.5.x to become Stable, but now that we’re here… Here’s a run down of the differences I see from v5.5.19 -> v5.6.10.

First and foremost, a bunch of things have been removed from the Properties pane for the USG. Rejoice! All of that stuff has been moved to various places with Settings.

The Advanced section offers lots of new goodness, including control over Offload features.

Over in Site settings, we now have control over SSH access. Previously SSH was always enabled.

Fast Roaming for 802.11r devices is now available. Use at your own risk.

Networks brings much more control over DHCP. Highlights are DHCP Relay, being able to specify a gateway other than the USG, and control over various settings used for PXE and VOIP booting. It’s not everything we’ve always wanted but it’s a great first step.