I have a wireless backup[1] using Vyos[2] and a 5G router provided for free by the 5G service provider for those rare moments when both fiber links are dead.
At the same time I would never recommend anyone get 5G internet as their primary service if you have other options and especially not from one of these cheap providers.
I just did the update to 2025-Q2 (I use the quarterly stream build).
Initially I thought this is going to be a huge pain. I have many interfaces and also pass-through hardware like the SFP28 card. I made a copy of my primary router vm and added fake interfaces with the same MAC addresses. I then went through the update procedure which was very simple.
in vyos vm:
wget https://community-downloads.vyos.dev/stream/1.5-stream-2025-Q2/vyos-1.5-stream-2025-Q2-generic-amd64.iso -o vyos-1.5-stream-2025-Q2.iso
add system image /mnt/iso/vyos-1.5-stream-2025-Q2.iso
# follow prompts
reboot
# boot screen will offer two version now, old and new
That was it and it worked. So from now on I know I can just take a snapshot of my vm and do it directly on the main vm without making a copy.
You do loose any custom configs you may have. In my case it was fstab changes and my cron entries.
> Interesting fact that EdgeOS from Unifi was a fork
That's how I got started with it, my first "proper" router was an ER-X. It's sad they abandoned the Edge product line to move everything to the UI first Unifi one that still doesn't have all the features (specifically, conditional routing for address groups/ipsets).
Unifi is the Apple of networking gear. When something new is released the HN crowd is excited even when the same functionality existed already with another company.
This seems like a stretch. If your position is that the REAL experts are using Cisco gear instead, I guess fine. But the "HN Crowd" loves using Ubiquiti at home because it is light years better than any consumer brand, (1) in terms of giving people who know what they're doing sufficient control to do so, (2) in terms of performance, and (3) in terms of not being a buggy piece of crap.
Contrast with:
(1) eero has no web UI (ONLY mobile phone!) and almost zero network configurability. You can't set a hostname for instance for DHCP. You can have exactly one main and one guest network. You don't get to configure anything about it though. Etc.
(3) I bought a Linksys replacement for my Eeros to get 6E -- I returned it to the store due to how horrifyingly bad the Web UI was and how bad the "app" was too. AND it also had flaws like inability to have reservation IPs outside the DHCP pool range.
Apple is actually the opposite of Ubiquiti -- they don't want you to be able to configure anything or have any visibility into anything. It either 'just works' or just silently fails or fails with "An error occurred."
Ubiquiti at home because it is light years better than any consumer brand
As someone who simply wanted to isolate different devices on my home network, I was looking at nearly thousands of dollars of hardware, installing abstract OpenWRT software, and arduous VLAN rules to do this. It was shocking how immature this space is. I finally caved to the ubiquiti setup and am glad I did.
> Apple is actually the opposite of Ubiquiti -- they don't want you to be able to configure anything or have any visibility into anything.
True, however before I was running a UniFi household I did quite enjoy Apple's Airport equipment. Back in the day it felt like they were the first time I had consumer networking equipment that I wasn't forced to reboot regularly to resolve issues.
Ubiquiti is one of the few companies doing prosumer hardware - and doing it extremely well. They give you access to advanced, raw configurations without necessarily having to go "full enterprise" deployment. They also have solutions for just about everything.
That being said, I generally have moved towards other Wifi solutions as I've grown weary of tweaking Ubiquiti all of the time. I found that I could get better top-end performance out of Ubiquiti gear, but really struggled to hammer out poor performance in edge cases. Particularly, with jitter and random latency spikes.
My consumer mesh wifi system gets nowhere near it's advertised performance, with little way for me to tweak it. However, I rarely need "full performance" and it doesn't suffer from the same random glitches.
Where they differ also from Apple, and indeed is insanely amazing for a network hw company is that I'm still getting software updates for my , I don't know, at least 7 years old AP. A consumer device.
I used to think the same way, and I loved UBNT.
Sadly, after 2 different more advanced configs I had caused wild stability issues - affecting APs, a USG and the controller itself to the point of making them less reliable than a random TP-Link router, plus an ERL randomly dying on me without warning and never booting again - I decided to pull UBNT from anything and anywhere.
I now exclusively use open-source projects with a strong history and community - or used high-end enterprise gear that I pick up when it reaches EOL so it's dirt cheap.
Stability has been so much better, even with the most advanced configs I ever created.
I've moved to buying last gen used Ruckus Unleashed APs (usually R720 as they are cheap and very reliable). Way higher quality but steep learning curve for many functions, although if someone is willing to put in some effort it's not that bad.
Usually, I use Mikrotik wAP ACs for this kind of thing. They're cheap-enough to buy brand new, and they're designed to be able to work outdoors in the weather.
But I might pick up an R720 just to play with -- that's a different echelon of gear.
Mikrotik is pretty lacking in aspects that relate to the newest hotness of wifi standards.
802.11ax ("wifi 6") is as good as it gets, with [eg] their wAP AX.
They get a lot of stuff right, though. They run RouterOS, which is a custom userland for Linux that is intensely flexible. Approximately any routing-esque function a person can dream up that can work with a Linux kernel can be made to work within RouterOS.
The form factor of the wAP AC/AX boxes is really very nice -- they can blend well in on a wall (inside or outside), attached to a pipe, or whatever. I've got a wAP AC on the wall of my living room, for instance. I use another one when "camping" off-grid, zip-tied to the leg of an easy-up awning.
It's ostensibly just an access point, but it doesn't have to be. I mean, like: There's two ethernet ports, but they exist without a preconceived function. Want to use it as a router, with hardware WAN and LAN ports? How about with VLANs and a managed switch instead, so it works with just one cable? Eleventy-five different SSIDs? Bridging networks with wifi? Using station mode to leech bandwidth from the cafe across the street, and perform firewalling and NAT and VPN, so you can use it in your apartment -- with only one box? Sure, no problem. Whatever it is, it works.
Power is flexible. All of the bits to use passive POE are included; or it can just plug in with the included DC connector; or it can use proper 802.3af PoE.
I don't know how it compares to something from Ruckus, but I'm much more pleased with it than the Ubiquity gear that I am presently taking a break from fighting with.
Wi-Fi is, ah, politely, not MikroTik's strong suit. They're only just completing their Wi-Fi 6 rollout (while the cAP ax was released a few years ago, the wAP ax was only released late last year, and they've only just launched the hAP ax S). And the performance of their devices is pretty poor by just about any metric. I will continue to buy it, however, because it does what it does very reliably, and history proves they will continue to support existing hardware in the field until the heat death of the universe.
IMO, the consumer grade mesh systems are basically commodities at this point.
Wire still wins - especially for backhauls between endpoint. However, it’s really nice being able to stick an AP anywhere you have an outlet to extend the range. I have a few outdoor devices (speakers, lights, TV) that daisy chain though APs while getting just good enough performance for what I need.
They have always been stuck between prosumer, pro business, and enterprise.
They have tried to go subscription based licensing but that can be conflicting for companies who just want decent reliable network gear in all the above market segments.
I fit in the prosumer category and have about $10,000 in gear and while it's great for my needs I don't see myself ever spending money for network gear subscriptions.
It is nice stuff. I have several UniFi devices in a 2200 sq foot old house that are wired on Ethernet and the WiFi is great everywhere. They also have a line of point-to-point modified WiFi radios for long range links and it took about 30 minutes to set up a link between my house and another house on the property.
They made some good decisions aswell in the recent past, looking at their firewall configuration features (made it zone based).. All in all their eco system is worth it imo and the hardware is actually affordable. On the other hand I had some mikrotik gear in the past which was also really good, the user interface is just not as shiny ;-)
That is fair, though they at least walked back some of those, and self-hosting is still very much a thing if you prefer not to deal with configuring your system through Someone Else's Computer.
I still like them. I have almost no real complaints about their products. They just work for me. Here is an example: I had a Netgate with pfsense for my home gateway. My primary home internet provider can be a little flaky, so I have a beefy 5G gateway backup. It was way too hard to configure one of the ports to support automatic WAN failover. The, less expensive, unifi product just worked. It was just a simple setting in the gateway's management UI. The information provided in the dashboard is rich and it implements things like constant QoS monitoring that has a nice plot. It adopts and manages my home wifi and makes it super easy to configure channels, analyze congestion, and do all the deeper technical configuration I could ask for.
Another example, I had Frigate set up on a home rolled NAS. Again, it worked alright, but it always stole time from me. It always needed a little maintenance or tweaking or thinking. I bought a UNVR and modern Unifi cameras. Adopted, zero thinking or management from me. I still retain control of my data and it respects my privacy. It isn't perfect, but at the price point it solved meaningful problems I cared about in both cases. Yes they are commercial products and not open source, but they are priced reasonably to my eyes (the UCG ultra was actually cheaper than the netgate). That makes me a happy customer.
I have run their wifi APs for over a decade with no problems. It's not perfect, I know there are still privacy concerns. No company is really perfect, but they are good to me.
The corollary to them just working is that if they don't, they don't just ignore you like Apple. I reported a bug between two pieces of their hardware when talking to a specific 5Gbe NIC via their support without a support contract. They took a week to get back to me with a member of their QA department talking directly with me and having me validate beta firmware with them. After about a week of back-and-forth, they had a fixed version that has been deployed globally to everyone.
Meanwhile, Apple still hasn't fixed bugs that I reported to them between 2012 and 2014 while working for one of the largest universities in North America as a level 2 tech.
For wireless, the prices aren’t much different from products with comparable feature sets/performance. For some niche combinations, they’re the only option that doesn’t force you way upmarket (Meraki, etc.). Most of the money they make is from small business and tiny WISPs, not HN boosters overdoing it on their home WiFi in what must be a bid to get their partner to divorce them.
Their wired stuff is a total scam since Edgerouter fell off, though. The same functionality exists on a $50 netgear managed switch (or wired router, etc.), and the shitty unified configuration interface doesn’t justify the markup at all.
To be somewhat fair, the quality of their management tools for their switches and routers has increased somewhat, and some of their wired routers are actually decent on the price/performance spectrum these days.
Meanwhile, the quality of their competitors’ tools for managing multiple switches without manually configuring each one, individually, over SSH or via a graphical tool is not necessarily amazing.
For example, it’s been a while since I used Ruckus Unleashed (the low-end management tool from an very upmarket vendor), but I think UniFi Network (the management tool) is a good amount better than Unleashed.
I really wish the people who put so much effort into software like OpenWRT would put some of that effort into managing multiple devices in a nice, unified manner. The tooling could be so much better.
> I really wish the people who put so much effort into software like OpenWRT would put some of that effort into managing multiple devices in a nice, unified manner. The tooling could be so much better.
There is OpenWISP: Leveraging Linux OpenWrt, OpenWISP is an open-source solution for efficient IT network deployment, monitoring & management.
>HN boosters overdoing it on their home WiFi in what must be a bid to get their partner to divorce them..
Au contraire!
I got tired of the refrain "are you messing with the network again?" in the evenings when the neighbors are all streaming Netflix and crowding the airwaves, so I installed several low power UI APs around the house and and popped my own DNS and devices to a separate VLAN.
No more complaints :)
I do wish Unifi offered more configuration in the ad-blocking department, but I'm hesitant to inflict anything but the most vanilla deployment on the remainder of the household..
I haven't really seen cheaper overall solutions for medium-sized home deployments than their gear. I need a layer 3 switch with 1 SFP+ 10Gbe port, and at least 5 1/2.5/5/10 Gbe copper ports with POE++ on at least 2 ports. I cannot find a cheaper solution that the USW-Pro-XG-8-PoE from any vendor. If you know one, please let me know.
Sure some of their hardware is overpriced, but they're pushing the limits of what's available in the 10 and 25 Gbe areas at relatively reasonable prices.
I'm sure you can find price differences at different products & tiers, but quickly glancing around it sure doesn't look like Ubiquiti has any particular premium markup.
Regardless having a self-hosted, buy-it-and-own-it, non-business friendly product line absolutely has value. I loved my mikrotik switches when I was just messing around, but the single pane of glass, central management is not insignificant when time becomes a more precious resource and you just need it to work.
I have developed a deep dislike for UI overall through the years due to their many missteps (see: most of this thread), but those little PoE-powered 2.5G switches are amazing and I am surprised that while 2.5G is getting more and more popular, no one has any real competition for this product. No matter, I bought three!
I do wish they were even smaller (I've got one location I'd like to mount one inside a wall box, which is admittedly pretty niche), and I am never again touching UI's configuration software (even 10 years later I feel that wound), but, yeah... love these little guys.
To be fair, they have a nice ecosystem for networking nerds. I got a Dream Router last week for black friday and I'm super happy with it. Setup was like 20 seconds.
I'm looking forward to getting more Unifi gear in the near future.
They have the form-over-function aspect too, in that they decided to keep the external design language consistent across the board no matter what. Which meant they couldn't improve the passive heat dissipation enough to keep up with newer network standards, and had to resort to putting fans in their WiFi APs to keep them from overheating.
And they make the whole claim of 'minimalism means easy to use for power users', which really means 'we'll keep messing with how the meshing in your house works so that you're unable to pin preferred routes between nodes - because without seeing your house we know better'.
Which units is that? I have a pair of u7 pros in my house and they’ve never made a peep, though admittedly they don’t get pushed very hard at all; the TV and two main computers are wired, so it’s really just iot junk and phones on the wifi.
I've got some old Unifi gear and there's a couple of things that make them unlike Apple.
Firstly, I can run the network controller easily in Linux (in Docker as it happens, but the image is third party - jacobalberty/unifi). It's happily running on Raspberry Pi.
Secondly, I've got one really old access point that is now unsupported for updates, but apart from that, there's no problem with controlling it along with the supported ones.
Also, I don't need a cloud connection though they do encourage using one.
Not quite, DIY vs technologies like Unifi make it accessible to the masses where the former is for the few to feel good about themselves, and the latter makes a difference in moving things forward for the many without as much investment in time, because people shouldn't have to be free employees of technology to derive a benefit..
"Just works" means you can enjoy other parts of technology, like what you do with it, instead of just getting and keeping it working.
AVM is great for single-owner use with sub 20 devices.
Unifi is great for small IT companies providing network services to tens of costumers. Being able to manage everything remotely (and even batch things for all of your customers) is great.
Because Unifi is more focused on the needs of businesses and enthusiasts. AVM and Netgear Orbi are products for the consumer market. So they miss a the advanced features Unifi supports.
Unifi is used by the tech-savvy homeowner that needs PoE for their security cameras and wants to control and configure their network without needing a network engineer.
And also Unifi lets you just buy stuff instead of "contact a sales rep". If I go to Netgear and filter primary port speed to 2.5g, which is hardly an enterprise spec, all 3 options are "contact a rep" which... no thanks. Who on earth wants to contact a sales rep for a 10 port 2.5gb switch?
There is now also TP-Link's Omada line at least which seems like the most comparable alternative.
I tried out Netgear Orbi and I don't know who it's actually for. It tried deploying it at my dad's place, but had to return it because it just doesn't work. Dropped in Ubiquiti gear to replace it and I had the entire network up and running within 15 minutes of applying power. And it's had zero of the issues that I had with Netgear's system.
Just wanted to drop another data point that Linksys is also trash now. So for consumer-targeted gear it seems the options are:
1. Eero - great performance, no web config (only mobile app), cloud dependent, half the features paywalled for monthly subscription (eyeroll)
2. Linksys - confirmed piles of crap, a 6E mesh kit I tried last year performed worse than my 2018 Eeros so why bother. Config is even more limiting than Eero, the web UI is a slow disaster that times out constantly, and the app is terrible and the features are badly designed.
3. Netgear - sucks as parent comment explains
4. TP-Link - reputation is that it's bad but I haven't tried
5. Asus - never tried
6. Google - no doubt they'll kill and brick these at some point
TP-Link Deco line is reasonable. Fairly devoid of advanced features but plenty for probably 95% of the households out there - ie an easy VLAN separation into primary/IoT/guest networks, parental controls, QoS, meshing, etc.
Linksys should be immediately reflashed to run DD-WRT.
I recently bought their cloud fiber gateway and two in wall wifi 7 access points because I'm setting up a network in my new apartment and hear this multiple times.
Honestly they are nothing like Apple - like just look at their mobile apps - how many do they have - 10 ? To interact with the same gateway just for slightly different use-cases. Not to mention that the functionalities are hard to decipher
"It just works" with Teltonika and Glinet as well. In most of the openwrt based routers multi-wan is already enabled. It is also very easy to do with TP-Link Omada (just enable a checkbox).
So, implying that Unifi is the only company that does this in an easy way is misleading marketing.
Why would you guess Chinese? Broadcom, Qualcomm, MediaTek, and Realtek are the typical answers for radio chips, no? None of whom are Chinese? There certainly are Chinese radio chips, such as from Espressif or Huawei, but they aren't especially popular in APs or anything
The majority of their foundries are in Taiwan and South Korea which, to avoid politics, is outside what most people mean when they worry about tech made in China (they think about the PRC).
So not China unless you’re being pedantic and pretending when people say they are avoiding China they doin don’t mean the mainland governed by the communist party.
You can buy PoE splitters that will take ethernet in and give you ethernet + some power supply out. Looks like you need 12V/2A and a cursory search throws up a few options.
The big question is why do we need 5g? My phone doesn’t support it and my internet is fast enough as long as I have good coverage. Coverage problems are only exaggerated by 5G since the range for short waves is shorter
5G does not mean shorter waves/higher frequencies, that's just a common deployment. In Sweden we have 5G on the 700 MHz band, 5900 MHz, and several others in between.
Back in school, I had a teacher who was in charge of installing 3G, 4G, and 5G antennas for a carrier in France. The answer is that the 4G frequency bands are saturated, and they pushed 5G mainly to relieve congestion on the 4G network. Theoretically, 5G has just as much range (maybe even a little bit more with beamforming) on the 700 MHz and 800 MHz bands.
I’ve worked at companies with cellular failover for the most critical services.
5G in my city is 650 Mbps and is honestly cheaper than fiber, but my fiber has better jitter (and can go up to 2 Gbps). For a lot of people, 5G would be more cost effective.
The digital version over at https://map.geo.admin.ch/ has existed for many years but it is only a few years now that all Cantos have agreed to provide the data for free[1]. There is a lot of interesting data such as "Lärmbelastung" where you can lookup how loud car or rail traffic is at a location.
Search deals with mobile OEMs and apple(preferred engine in all mobile browsers) also paying off Mozilla for a start.
Also Goog has had a first mover moat for a while before Duck came along.
> By accepting this
agreement and using the software you agree that Microsoft may collect, use, and disclose
the information as described in the Microsoft Privacy Statement [...]
There's a couple of terms in contract law, like fairness of obligations, unconscionability, disproportionate penalty, excessive advantage, etc. that the US seems to have forgotten. In the EU and other countries such... aberrations are struck down and unenforceable. People are still scared silly, but the ones that protest are usually left alone.
Those aspects of contract law mean that if MS included "you owe us your first born child" or "if you have not uninstalled this operating system within 2 weeks of installation, you owe Microsoft an additional one million dollars" then that clause wouldn't be valid.
They don't however mean that MS choosing to put adverts all over Windows is illegal, or a breach of the contract, just because users would prefer the OS be ad-free. The EU could legislate in various ways that would mean MS had to stop doing so, but they haven't yet and there's no aspect of general contracts law currently that prevents it.
One could argue that, and like I just wrote in my reply to your sibing comment (https://news.ycombinator.com/item?id=46087142) I would agree with you with regards to ethics, but it's not a valid argument from an actual legal perspective.
I'd love to be proven wrong about this, because I'm not blowing smoke up your ass I really do agree with you in that I wish MS could and would be sued over this, and lose, and have to stop making Windows shit like this. But I'm fairly confident that the only possibility would be for EU (or individual nations) to write new legislation addressing it.
If you bought and paid something (not a subscription) that was ad-free and then all of a sudden in a mandatory update you start to get ads, well, maybe someone already tried and failed to sue MS but personally seems pretty predatory.
From an ethical point of view I completely agree that it's predatory, I just don't believe any EU laws exist that mean anyone would have a chance of success trying to sue over that, I don't believe it to be illegal. And while I'm not all-knowing, nor am I someone who knows every single relevant law like the back of my hand, my opinion is somewhat backed up by the fact that I'm not aware of anyone with actual legal knowledge having ever suggested this behaviour of Microsoft's could be considered illegal the way you want it to be, it's only ever people who are users who think it should be considered breach of contract. (And considering how much money it would be worth if you could sue MS for this and win, if it were even a 50/50 question you'd get lawyers trying.)
Umm actually, you did. You also waived off the right to name your firstborn, and if you disagree, you’ve waived off your right to anything except arbitration. Sorry, I didn’t make the rules.
(Friendly reminder that legality, once again, ≠ morality. Victimless crimes can be illegal, and Enron fucking shit up and filing bankruptcy can be legal.)
A lot of Swiss government services do not need to be available 247 outside of the country.
There is no need for the SBB (Swiss national railway) to use cloudflare or AWS when the same can be provided by a local provider that also has the ability to deal with large DDOS and cap off the outside when it comes down to the wire. It is more important for someone in Switzerland to be able to purchase a ticket than someone planning a trip from abroad.
>A lot of Swiss government services do not need to be available 247 outside of the country.
Obviously without talking specifics it's hard to discuss, but I'd hate to be a Swiss who was traveling abroad and had to access the gov website deemed "not 24/7" in an emergency of some kind (planning travel for the next day for the railway for example), or to finish something due to a goverment imposed deadline.
> the same can be provided by a local provider that also has the ability to deal with large DDOS and cap off the outside when it comes down to the wire
Local providers often can be 2-3x to 10x+ expensive compared to hyperscalers for the same featureset. If you're willing to compromise on features, you can get down to 2x but with basically vendor lock-in and Swiss German support (!= German - which in Switzerland can fly if you're a medium-small company, but if you want to attract talent you'll need also English). I'm not sure there's any local provider capable of mitigating large-scale DDOS either.
Hyperscalers understood the need for local presence despite being located right across the border and in EU (Germany, Italy, France): Azure, AWS and Google all opened up locations in Switzerland in the past 3-4 years.
Basically every medium/big Swiss client I've worked for was or is still in the process of migrating away from local providers (even the big-S one) due to costs. Add to that that most companies use some form of AD and most were already using Outlook or the Office suite, you can integrate everything with less costs via Azure. If you are a big company and have multiple locations all over the world, you anyway also need hyperscalers to allow the team in Spain, US or India to interact with familiar tools.
EDIT: replying to the "local services, local tools" part: I wouldn't like to be stranded at 2am in Zurich kanton in some god-forgotten town I went to exactly once, because the SBB app relies on a local provider which has a small team of on-call people that still need to wake up. There's also people interacting with government services at all times, I've seen logs of people trying to access apps at 3:30 in the night. While I can agree it can be fixed the next morning, the question becomes: why spend more for the lesser choice?
quite shameful to me that SBB uses so much AWS stuff, considering the amount of IT workers it has. but what are you gonna do, MGMT hears about cloud being cheaper and better and proceeds to change the whole strategy. hope they'll seriously invest into own DCs again or at least use local providers.
considering how relevant SBB is to a functioning Switzerland it really feels like they should be in control of their own Infra.
I would be more concerned that many data centers in Switzerland are owned and operated by large foreign companies and some of their physical security is questionable. Not at all what you see in their ads and I would say you are only as secure as the least secure DC you have...
At the same time I would never recommend anyone get 5G internet as their primary service if you have other options and especially not from one of these cheap providers.
[1] https://sschueller.github.io/posts/wiring-a-home-with-fiber/
[2] https://sschueller.github.io/posts/vyos-router-update/#wan-f...
reply