r/Ubiquiti — reddlx | reddlx-frontend

🔥 Hot ▲ 1.0k r/Ubiquiti

New Rule Announcement: No AI/LLM Generated Content

We've operated for years with only 1 rule -- keep it relevant to Ubiquiti. In today's age, unfortunately we need to introduce another, super simple rule:

No AI/LLM generated slop.

If you don't know something for sure - that's okay! We're all here to listen and learn, but do not post AI summaries, answers, or other slop. Unless personally verified by you, such content is merely clutter and is subject to moderator removal at our discretion.

Please report content you see that breaks this rule so we can keep the subreddit clean, clear, and accurate.

reddit.com

u/iKjQ2a4v — 18 hours ago

🔥 Hot ▲ 248 r/Ubiquiti

10-inch rack of happiness

I had a few Pi 5s and some Pi 4Bs scattered around my office and a mish-mash of various network gear. Got sick of it and pulled the trigger. Custom designed a 10-inch rack with laser cut 3mm panels and 3D printed accessories. Found a couple carrier designs for the gateway and switches online. Then brushed off my CAD skills and designed some custom Pi carriers. The end result? Joy.

Got a couple U7 Pro frisbees on the way to complete the kit and upgrading my fiber connection to 2.5Gbps once those are live to get all the giggly-bits over the wifi I can.

The whole kit:
- Five Pi 4Bs (PoE, USB fixed storage)
- Four Pi 5s (PoE, NVME storage)
- Two Flex 2.5G PoE switches
- One UCG Max
- One TerraMaster D5-300C (five IronWolf 6TB drives)

equals one happy me.

u/dainbrump — 12 hours ago

🔥 Hot ▲ 110 r/Ubiquiti

Pushback from vendor on installing Unifi cameras and Protect

My church is looking to install cameras indoor and outdoor and we asked our alarm company for a bid. In our state (Tennessee), you need to be a state licensed installer to deliver security cameras and alarm systems for commercial applications. But in the meeting today, the installer pushed back on doing Unifi claiming that they weren't UL certified for the stuff they typically install and explaining to me that's why you don't see them installed at banks or police stations. But we're not either of those properties and I wanted to ask people here about this kind of vendor pushback. Is it normal to have an installer not wanting to install what the customer is asking for, especially if our needs are different than what they pushed back on?

reddit.com

u/Sevenfeet — 10 hours ago

🔥 Hot ▲ 58 r/Ubiquiti

G6 Entry didn't play nice with my door frame, so I made a custom mounting block

Since running a wire from behind wasn't an option, I ran into a bit of a snag with the new G6 Entry. Unlike the G4 Pro, the G6 requires that massive junction box for surface wiring, which was a total dealbreaker for me.

I decided to take matters into my own hands and fabricated this custom mounting block. It was a PITA to get the weatherproofing right, but I think the final look was worth it. Ask me in a year if it survived winter... 🤞

u/NullMDK — 7 hours ago

🔥 Hot ▲ 82 r/Ubiquiti

Uh incorrect.

Why?

u/tampon_whistle — 10 hours ago

🔥 Hot ▲ 173 r/Ubiquiti

Easter bunny spotted

My daughter thought the U7 Outdoor looked like a bunny, so she put googly eyes on it.

u/CBaeyens — 20 hours ago

🔥 Hot ▲ 140 r/Ubiquiti

Oh no

u/lazydrippin — 19 hours ago

🔥 Hot ▲ 104 r/Ubiquiti

Found the root cause of IPS/DPI killing livestreams and video calls on UniFi gateways — it's Suricata's memcap, and here's the fix

UniFi IPS/DPI kills livestreams and video calls every 5-10 minutes — root cause found and workaround

If you've ever had YouTube streams, Teams calls, or Zoom meetings drop every 5–10 minutes on a UniFi gateway with IPS or DPI enabled, I found the root cause and a workaround.

The problem:

UniFi gateways run Suricata for both IPS (Threat Management) and DPI (Traffic Identification). The Suricata config ships with stream.memcap: 16mb — a tiny buffer for tracking TCP streams. When this fills up, Suricata enters "emergency mode" and starts killing flows using a 100-second timeout. Your livestream or video call is the biggest flow, so it gets evicted first.

Key findings from my testing on a UXG-Lite:

With IPS+DPI on: stream drops every 5–10 minutes like clockwork
Disabling IPS alone doesn't help — Suricata stays running for DPI
Disabling both IPS and DPI: zero drops for 45+ minutes
The UI's "Allow List" for IPS only suppresses alerts — Suricata still tracks and evicts the flow
The same 16 MB memcap is used on ALL UniFi gateways regardless of RAM, which is why the UDR7 (3 GB RAM) has the same issue

The fix:

Add a BPF filter to exclude your streaming/calling machine from Suricata's packet capture. Create this script on your gateway via SSH:

/data/fix-suricata.sh:

#!/bin/sh
IFACE_CFG="/run/ips/config/iface.yaml"
EXCLUDE_IP="10.99.0.140"  # change to your IP

[ ! -f "$IFACE_CFG" ] &amp;&amp; exit 0
grep -q "$EXCLUDE_IP" "$IFACE_CFG" &amp;&amp; exit 0

sed -i "s|not net 169.254.254.0/24|not net 169.254.254.0/24 and not host $EXCLUDE_IP|g" "$IFACE_CFG"
kill $(cat /run/suricata.pid 2&gt;/dev/null) 2&gt;/dev/null
logger "fix-suricata: excluded $EXCLUDE_IP from Suricata capture"

Then:

chmod +x /data/fix-suricata.sh
echo "* * * * * root /data/fix-suricata.sh" &gt; /etc/cron.d/fix-suricata

The cron runs every minute and only patches if needed. IPS/DPI keeps working for every other device. The excluded host still has firewall and NAT protection, just not Suricata deep packet inspection.

To persist across reboots, also create /data/on_boot.d/fix-suricata-cron.sh:

#!/bin/sh
[ ! -f /etc/cron.d/fix-suricata ] &amp;&amp; echo "* * * * * root /data/fix-suricata.sh" &gt; /etc/cron.d/fix-suricata
/data/fix-suricata.sh

And chmod +x it.

The real fix Ubiquiti needs to make: scale the stream.memcap based on available RAM, increase the emergency-established timeout, or give us a proper UI option to exclude hosts from Suricata flow tracking (not just alert suppression).

Tested on UXG-Lite, UniFi OS 5.0.12. Should work on any UniFi gateway running Suricata (UDM, UDM Pro, UDR, UCG, UXG, etc).

UPDATE:

Further testing showed the BPF filter workaround reduces but does not eliminate drops on the UXG-Lite (1 GB RAM). With the BPF filter active, drops went from every 5 minutes to every 10–25 minutes. We confirmed the BPF filter works — Suricata only processed 120K packets in 33 minutes vs the ~1.2M the stream alone would produce — but Suricata's ~300 MB memory footprint on a 1 GB gateway causes periodic forwarding stalls during system housekeeping, regardless of whether it's inspecting the affected traffic.

What actually works:

Disabling both IPS and Traffic Identification (DPI): zero drops confirmed over 45+ minutes
BPF filter exclusion: reduces drop frequency but doesn't eliminate them on 1 GB gateways

The same issue is reported on the German UniFi forum: https://ubiquiti-networks-forum.de/board/thread/12795-problem-mit-intrusion-detection-and-prevention-ids-ips-bei-ms-teams/ — suggesting Ubiquiti ships the same undersized Suricata config across all gateways.

Conclusion: On the UXG-Lite, the only reliable fix is disabling IPS/DPI. Gateways with more RAM (8 GB like the UDM Pro Max) would likely handle it, but Ubiquiti should scale their Suricata stream.memcap and emergency-established timeout based on available hardware resources.

reddit.com

u/uncmnsense — 22 hours ago

▲ 10 r/Ubiquiti

G6 Pro Entry install with backplate ;)

The unit was a lot larger compared to G4 Doorbell Pro so got this backplate from Esty to balance things a bit.

u/kid2010 — 5 hours ago

🔥 Hot ▲ 88 r/Ubiquiti

A small start but a happy one

My starter UniFi set up for my small apartment. Really excited to get things going!

u/mangum95 — 22 hours ago

▲ 3 r/Ubiquiti

AP placement inside - Also WiFi Outside?

Hi! I'm building a new house and moving to Ubiquiti for the first time, trying to build a solid foundation for years to come.

I have three outdoor areas that may need WiFi coverage. The pictures show 5 GHz coverage from the UniFi Design Center.

Some info:

The images are from the ground floor (90 m² / 968 sq ft).

Porch (pink): 11 m wide × 3 m deep

Wooden deck (black): 8 m wide × 4 m deep

Backyard (blue): ~13 m from the house

Questions:

Since I'm still in construction, should I just pre-run conduit and ethernet to eaves/deck for future outdoor APs, rather than relying on indoor units for outdoor coverage?
Can indoor APs realistically cover outdoor areas like these, or is it generally not worth relying on?
Picture 2 seems to show decent coverage — but how bad is the interference between the two APs? Is overlap at that level a concern?
Would you place the APs differently?

Planned gear (nothing purchased yet):

UCG Fiber

U7 Lite or U7 Pro XG

u/Zyxzan — 2 hours ago

▲ 14 r/Ubiquiti

Planning a dual-stacked Toolless Mini Rack. Thoughts on this layout?

Hey everyone, I’m looking for some feedback on my current plan.

Putting together two stacked UniFi Mini Racks and could use some feedback on the flow.

The Gear: UCG Fiber (3D mount), Aggregator, Pro Max 16 PoE, and a Pro 24.

The Plan:

ISPs hitting the top patch panel, then down to the UCG Fiber.
UCG into the Aggregator via DAC (either through the 3D mount keystones or the brush panel).
Aggregator feeding both switches via DAC (15cm/30cm). Planning a 2-port LAG for the Pro 24.

I have a bunch of spare patch panels and brush plates, so I can easily rearrange the stack. Does this layout make sense for cable management, or is there a cleaner way to route this?

Any suggestions or critiques are welcome.
Many Tks (From Brazil :-) )

u/AltruisticMusic8276 — 8 hours ago

▲ 6 r/Ubiquiti

UTR + G4 Instant camera while traveling works well

In case anyone else was considering using the UTR + Protect in a similar way: I'm currently on a trip and I was able to connect my camera to my Protect server back home through the UTR VPN. I had to reset the camera and connect to the new SSID but that was it. It just showed up in my Protect console. Features like geofencing don't work properly since Protect doesn't know the camera is not at home. Luckily the hotel wifi connection is decent so no issues with uploading the footage.

We are using the camera as a baby monitor at night and move it to the living room as a security camera for when we go out. The security camera use case is just a bonus, normally don't care about setting one up in a hotel room.

reddit.com

u/copystand — 6 hours ago

▲ 22 r/Ubiquiti

Ubiquiti Camera's

Hello All, I need suggestions on what Cameras would fit right in order to get coverage to the front of my home. Currently I'm thinking I would need 2? One on each end but not sure which ones would be ideal for my scenario.

Any suggestions would be greatly appreciated.

u/Mammoth_Astronaut_71 — 14 hours ago

▲ 23 r/Ubiquiti

Camera install DIY

After much planning and waiting on decent weather here in the north I finally was able to mount my cameras! Thanks for the help folks. Lots of great suggestions on previous posts and now I have my UniFi protect setup up and running! FYI using Toggle (Molly bolts) for the soffit installs worked like a charm!

Now I need to do the hard part of setting up alarm manager.

Thanks again everyone!

u/Emotional-Cheetah-16 — 15 hours ago

▲ 3 r/Ubiquiti

Are you also addicted to watching logs and tinkering with things inside the Unifi Network interface?

I have UniFi ecosystem since a couple of months (UCG-Fiber, UDB-switch, U7 Pro XG). I must say I have an addiction looking inside the logs, checking some settings, analyzing interference of a channel etc. EVERY DAY
Compared to my previous router, TP-Link, UniFi has a lot of firmware updates in a month. I was happy if I got an update/ new features in two months with TP-Link.

reddit.com

u/Not__Alpha — 5 hours ago

▲ 5 r/Ubiquiti

cloudkey gen2 as a controller vs ucg fiber

Hi all, trying to decide between UCG fiber and UXG fiber. I currently have a cloudkey gen 2 running as my controller (protect is on a UNVR).

From a hardware perspective, it looks like the cloudkey g2 has more memory (3GB RAM + 32 GB eMMC) than the ucg fiber (just 3GB RAM).

Will I see any difference in performance from a controller perspective for my home setup (with 9 APs, 2 POE switches, a UPS 2U and a USP PDU all on the controller) if I move from the CKG2 to the UCG fiber as my controller, given the fiber has inferior hardware? Am I better off just getting the UXG Fiber and sticking with the CKG2 as my controller? Or should I simplify and just go with the UCG Fiber and toss my CKG2?

Thank you!

reddit.com

u/jonnyange — 8 hours ago

▲ 6 r/Ubiquiti

UTRs in stock for now

Been waiting for one and got the notification they were in stock. If you have been waiting… run don’t walk.

reddit.com

u/Suspicious_Refuse_96 — 10 hours ago

▲ 2 r/Ubiquiti

Philips smart TV crashing network

I'm having a very annoying issue for the last year now. From time to time, my Philips smart TV literally crashes my whole network. Also devices in another VLAN, also all wired devices including access points.

The only way to solve it is to physically unplug the TV from the dream machine and after that the whole network comes back online.

it happened a few times last year and now a first this year. When everything is up again, and replugging the TV, everything will go down again.

- how is it possible that a single device can take a whole network offline? the only way to access the DMP is remotely when everything is offline.

- why don't I see any reason for this in the logs?

- why is there no protection from this?

- how can I prevent this?

u/henk1122 — 4 hours ago

▲ 7 r/Ubiquiti

UTR Back in Stock

Just randomly checked the site and they were back in stock after a month. Grabbed one while I could!

reddit.com

u/links_revenge — 12 hours ago