cross-posted from: https://lemmy.world/post/21641378

So I just added a TP-Link switch (TL-SG3428X) and access point (EAP670) to my network, using OPNSense for routing, and was previously using a TP-Link SX-3008F switch as an aggregate (which I no longer need). I’m still within the return window for the new switch and access point, and have to admit the sale prices were my main reason with going for these items. I understand there have been recent articles mentioning TP-Link and security risks, so I’m thinking if I should consider returning these, and upping my budget to go for ubiquity? The AP would only be like $30 more for an equivalent, so that’s negligible, but a switch that meets my needs is about 1.6x more, however still only has 2 SFP+ ports, while I need 3 at absolute minimum.

I’m generally happy with the performance, however there is a really annoying bug where if I reboot a device, the switch drops down to 1G speed instead of 10G, and I have to tinker with the settings or reboot the switch to get 10G working again. This is true for the OPNSense uplink, my NAS and workstation. Same thing happened with the 3008F, and support threads on the forums have not been helpful.

In any case, any opinions of switching to ubiquity would be worth it?

  • PieMePlenty@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    4 minutes ago

    If a security flaw is discovered and patched, it is a good sign the manufacturer is standing by their product and providing support. AFAIK, tp link does push regular fw updates for their omada gear. I’ve had two in the last month.

    In your case, I’d open a support ticket with that issue and see what tp link thinks directly. If you don’t like their reply or are ignored, you will have your answer on whether or not you should switch.

  • runtime@lemmy.ml
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    1 hour ago

    I migrated from OPNSense + 3 omada EAPs + two omada switches to a full Unifi system + UDMP Max, feel free to ask away.

    Mostly I was tired with the bugs both for Omada (sometimes I had to restart the switch to change the VLAN on a port bc just changing it in the controller didn’t work; yeah) and OPNSense (OSS vs proprietary complaints in general about “it just werks”).

    Unifi really has come a long way, they have proper switch ACLs, real BGP (!!!) by you just uploading whatever frr.conf you want, policy based routing, and more stuff that I can’t remember.

    It’s not perfect but I would say it’s very good value for money.

    • yeehaw@lemmy.ca
      link
      fedilink
      English
      arrow-up
      1
      ·
      38 minutes ago

      Opnsense and ruckus and Aruba here. Zero issues, but I’m not running bgp at home…

  • infinitevalence@discuss.online
    link
    fedilink
    English
    arrow-up
    5
    ·
    edit-2
    1 hour ago

    Ubiquity is trash with fickle support based on the whims of what sells wide adoption. TP Link IMO is a decent value for the money if you want easy “prosumer” level networking gear. I have I have 3 TP Link APs as well as a 16 port 10g core switch and its great for my needs.

    Mikrotik offers more features per $$ but its not as easy to use.

  • TechAdmin@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    2 hours ago

    You can try seeing if you can set the speed/duplex of NIC/ports manually if auto-detection keeps getting it wrong.

    Unifi I like the APs for mesh & multiple SSID+vlans but I keep them on dedicated vlan with zero internet access because I don’t trust that I properly followed instructions to disable opted in analytics/telemetry. The mgmt software is alright but new UI wastes a lot of space. The PoE switch was alright until it stopped being able to keep a config last year. USG router I kept less than a year because it was too slow with any useful features enabled. I’ve glanced around at replacement APs here & there but pretty much waiting until I have more wifi 7 compatible devices and that’ll be another couple years.

  • RelativeArea0@startrek.website
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    2
    ·
    3 hours ago

    everything has trackers, even those APs or wifi routers flashed with 3rd party firmware (openwrt, ddwrt, etc). If OP is willing to spend time on doing packet tracing or even the most simple one like a setting up a localized dns server/sinkhole, OP might be amazed what lights up.

  • histic@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    1
    ·
    8 hours ago

    I may be wrong here but the tp link issues were in the more consumer based hardware and not the eap and switch

    • rehydrate5503@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      8 hours ago

      From what I’ve seen it seems consumer routers, but it raises flags is all, and makes me reconsider options.

        • rehydrate5503@lemmy.worldOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          6 hours ago

          Fair enough. Is there anything one can do to mitigate? Like I know for the recent issue in the news, a mitigation strategy for consumers is to basically reboot their router often. I keep my router and all hardware up to date, and try to follow news here. Not sure if there is really anything else I could do.

  • BearOfaTime@lemm.ee
    link
    fedilink
    English
    arrow-up
    6
    arrow-down
    8
    ·
    7 hours ago

    Ubiquiti?

    You can’t give me that garbage. I despise it, after setting up a single access point (plus also watching friends deal with it at client sites).

    Besides the discovery issues and slow performance when trying to manage it, I had a random open network on it after setup. This network didn’t appear anywhere in the control panel. I could turn off the access point and the network disappeared.

    It didn’t show up in the guest network config (which was turned off anyway). It had the same name as the WPA-protected network, it was just open - no security at all.

    I had to reset the access point to get rid of this weird random open network.

    What kind of garbage product does that?

    Now let’s look at cloud keys. One has a hard drive in it. Just one drive, 3.5", which besides storing data also stores the OS. What? Why is the OS not on some firmware or at least an M2, since the drive is really for storing surveillance data (did I mention it’s a single drive?), what a joke. Why would I bother with such an expensive device that has zero fault tolerance, when I could simply buy a cheaper real machine, run multiple drives, and host the software there?

    I lack the vocabulary to describe how bad Unifi is.