A new lighthouse, shows the way.

Spent a little more time on Twitter digging through weeks of past tweets and came across this:

Which sounds awesome, because the LED not aligning on the USG or Switch(whichever way you look at it) was bugging me. Yeah, I know, tiny little details. But c’mon this is odd looking.


Which brings me to my next odd encounter. The Port Forwarding and Firewall settings. This is where it was little confusing, I kept looking under the Firewall page for Port Forwarding settings. Nope. They’re actually(for now?) under the Device settings, you select the device, which brings up Details about that device. Then you select Configuration and there it is, Port Forwarding.

Once you create a Port Forward, they do show under the “Settings -> Routing & Firewall” settings. But, you can not make changes to that Port Forward setting, you need go back to the Device page, select the device…you get the idea.

So after a little more reading, I ran into another odd thing, the “config.gateway.json” file. Not sure how odd this is to people who’ve been using that customized method. However, I came across this:

This may take some patience because if you get the formatting wrong you’ll trigger a boot loop on the USG.”

Wow… uhm .. so I have the option, to lets say brick my USG, interesting! This leads me into another thing I saw(I’m still trying to find where I read it) but if I remember correctly. UBNT knows this is an issue, so they hired Chris Buechler of pfSense to make this better. I think someone else made a comment to Chris about this and his response was(something along this line) “Yeah, I’m here to make that better”.  So this could be why the “Routing & Firewall” options have the label Beta next to it.

A simple little network.

I play Xbox a few times weekly and several weeks ago, a friend says “hey, I need to see all the stuff on my network”. So I asked what he currently had setup. Well, the cable modem had a couple network ports, that connected to other stuff and one port went to a “wireless router” that had some more network ports and those ports connected to other stuff.  Well hello double NAT.  Hi.  Usually something had to be power cycled for his Xbox to work better. Basically took about 15-20 minutes before each game session, as we’d have to figure out what the hell was not working. Sometimes voice chat would work then stop, just a bunch of odd stuff.

So I told him we need to get this fixed and a good test was with Open Mesh.  I had played around with Open Mesh, but really didn’t spend much time with them. But they came back on my radar after hearing Datto had acquired them.

Good thing about his house, it was already setup with CAT-5 all over the place. Each room had a network port. Good thing for newer construction. After doing a FaceTime call and seeing the main locations that needed good wireless, we decided on three zones.  Each zone would have an Access Point, mainly because of the house layout. Also, being a few states away I had to make this simple, plus I figured we could move Access Points around or add/remove if needed.

So yeah, this was an entirely calculated guessing game for a small wireless deployment. No scans to see what might be close by.  So yeah, we guessed.  Since we’re only using three Access Points, this makes the channel plan simple; 1, 6 and 11 on 2.4, and we did 40 wide on 5GHz staying in UNII-1 and 3.

So we picked two Open Mesh switches, model S8 and three OM5P-AC Access Points. One switch would go upstairs and one downstairs. The upstairs area, has the Xbox, Audio Receiver, TV and one Access Point.  Nice thing about the S8 switches, they have PoE support.

Another reason for picking the OM5P-AC was the physical size, it looks like a bar of soap. It does get a little warm to the touch, not a big deal, just don’t put a stack of papers on it. We had the equipment shipped to my office, I set everything up, made sure it powered on etc… left it on for a few days. After that, boxed it up and shipped it a few states away.

Hold on!  Why not just ship to the final destination? I thought Open Mesh is all cloud setup and controlled?

Stay tuned for Part 2….

The adventure road, has a little gravel…

So far here’s what I don’t like about UBNT and the little things that bug me.  First lets show a little love to the USG PRO-4. Much smaller than I thought, BUT the power cable. Using that damn, what I call mouse ears power cable. I’m not sure what the technical reason behind this is, however, how many people have that type of cable laying around Maybe that could be changed? Not a show stopper. (The USG does come with the cable needed).

Now about this Cloud Key cable, odd, but kinda cool looking. I dug around on Twitter and Instagram looking for what other people did. And, they just plugged it in and left the Key hanging off a switch port. Hmm. I’m not a big fan of that. The cable is thick and can stay in a bent shape. Which would keep it a little out of way. I ended up using a two foot Belkin CAT-6 and placed it on top the Switch. Maybe they could have an accessory that would mount into a 1U space that would hold the Cloud Key. Otherwise, some double-sided velcro is in the device’s future.

Now for this part, I’m sure nobody cares, however, that was the first thing I noticed when I placed the units on top of each other. Where the device name and square logo light is at. I think that should all be in the exact same spot so when the products are stacked up, it looks nicer. As for the LED color looking like a different shade of blue, I’m pretty sure it was just the angle of the picture. I don’t remember those being different blue shades.  I did like how the LED is white until the device is “Adopted“, then it becomes blue.


Our walls need APs, right?

So I wanted to do a quick little physical comparison between two wall-plate style Access Points. I think this market is pretty open, maybe not so much for greenfield projects, but this fits in a nice place for the brownfield folks.  Lots and lots of hotels need wireless access. And I think cost is a huge factor. If you have people paying $50 to $600 a night for a room you want excellent wireless connectivity. That might be hard for the hotels/motels that have been around for 30+ years. Hence why I think wall-plate APs are a very good fit. And, it goes well with “don’t put the APs in the hallways” chant.

So I have an AP from two different folks, one from UBNT: AC IN-WALL and the Cisco Meraki MR30H. (I think the MR30H sounds like MR38, should be renamed to MRH30)

Now this is just a physical comparison, nothing about performance, setup etc… or any other metrics have been done yet. I just wanted to show what they look like and because I think these units fit two different needs, and I’ll explain that thought a little down the road.

Alright, picture time. (UBNT is the smaller of the two)

They are roughly about the same size, however the MR30H is much heavier. If you tossed it in your backpack–you’d know.

For thickness they are roughly the same. One thing that is interesting about the UBNT is how it mounts. The AP is actually inside a plastic mounting “case”. You can see the little plastic push part at the top that you press to remove the top half cover. The back half is then mounted to your wall or junction box, or whatever. The AP has a couple screws to secure it to the back cover, then the front cover snaps on. It’s actually pretty difficult to pop off, a few times I thought it was going to break by the amount of force I was using on it. I would say it’s pretty secure–but if you are determined to get into it, well whatever, you’ll get into it.

The MR30H has a metal bracket that is mounted, then the AP connects to that, you have to use a special tool to release a little bracket, then the AP tilts off the bracket. I think this is a little harder to remove, because you need a specialized tool.  But you’ll need a screwdriver to remove the UBNT unit from the back cover too.  So bottom line is—for maintenance, a tool is needed. Not really a big deal.

And here is the UBNT unit…

And as for what comes in the box, MR30H has more, typical foam/sponge(Meraki does this with other products) that holds all the little screws etc, normal docs and mounting plate.

The UBNT is very minimal also, tiny little bag of a few screws and a little folded install, setup guide.

I mentioned early, I think these fit two different areas. On one hand, you could install a couple UBNT vs. one MR30H. What does that mean? Well, it’s the price. List price on UBNT is just under 100 US Dollars and the other is around 400.  Now, the MR30H does have four network ports. Personally I can’t remember the last time in five years I plugged into a hotel network port. But then again, my hotel stays have been in large metro areas. Good thing they do have networks ports though, as I always see some type of IP phone in the hotel room. Lets say one CAT cable is ran, you then have an AP and IP telephony. Cool.

Also, one requires a “cloud license” and the other a “controller” of some type.  If you’re reading this blog, then you know how one operates. But, the other can do local, cloud, or a hybrid controller. I think UBNT is fitting the perfect need of the smaller hotel/motel. As you know you need wireless access, but how? And, budget is a huge deal. Maybe you only have 75 or less rooms? If your facility is older, you probably have cinder block walls which equals nice attenuation. So you do one AP per room, drop the power or do whatever(but seriously though, do a predictive model–if you can).

So basically this is it, you just became a little more familiar on some wall-plate Access Points.

And Now for Something Completely Different…

You have to love a little Monty Python in this adventure.  And, that new adventure is Ubiquiti Networks.

We’ll call them UBNT for short(typing the full name is a pain–no offense), because this will be the first post of many. So far I have taken about 100 pictures. You know, to get all the little details that might be missed until you actually have it in your hands. I know other people will be focusing on how this gear will stack up, i.e. Lee Badman aka @Wirednot will be doing a more high-end approach, well because, frankly, he sees networks that handle 10’s of thousands of people. I think last he said his daily network usage is around 50K in devices. Yeah, nice!  And, mine well maybe 75/monthly. Sad Panda.

However, I do have access to multiple 1Gbps up/down WAN links. Which makes this a little more fun. And, an easier network to tear apart and put some of our devices behind.

So the meat of this will be focusing on the Cloud portion, i.e. Cloud Key, and the Security Gateway. So the USG should handle around 900(and some change)Mbps w/ DPI on.  Good thing for us we have access to Google Fiber.  So stick around the next few days, we both could learn something.


Where we’re going we don’t need backups.

So yeah…. that was my thought for six years. And, for six years it was good. But wait, nothing bad happened, data was still safe and “snapshots” were done.  Yeah — you heard me “snapshots”.  But then after a BLT sandwich with Vince Vaughan, we bought Veeam.

Now, Vaughan didn’t convince me to buy Veeam, he just explained what it can do.  For a few years prior I had been listening and watching to what other people had done, had come from and what was being used.  It still came back to “Hey, use Veeam”.

Our setup is simple, one VMware host with around 20 guests. Nothing big, nothing fancy, other than being a relic of another time—i.e. just damn old, I mean super old.  The system was turned on December 2009.  We needed a good way to get the data, the guests off the host. Now, we could do other things, yeah, but I’m lazy. I wanted something fun and simple.  Plus, I like the color green and Veeam fit the need!

Wait, did you just say you bought something based on a color??? Sure why not, lots of options for backups exist. But, I figure if a company has good marketing throughout the product and brand.  I’m thinking they must be looking at the little details. And, to me those little details count. And guess what, I think I was right.  So far we have not had any issues with using Veeam, updating Veeam, doing backups, doing recoveries(just for fun).

So what’s your point?  The point is, find something simple and easy to use, because one day, today or five years from now—things will break.  And, they could break–not during your maintenance window, not during the low usage times, but when you least think about it.  And, you want something simple, easy to use and stable.

That’s why I picked my road colored with Veeam green.

He Who Dares, Wins!

“He Who Dares, Wins”   I like that…. I find it interesting.  For the last few months I have a support ticket open for what is called a “cosmetic issue” or so I’m told.  And, that issue is, all of my Cisco Meraki MS220-8P switches are showing the  incorrect LED status, for any ports and even the main switch status light.

Here’s a somewhat bad photo that shows what I’m talking about:


The main status light on the far left is Amber, that should be Green.  However, if Port One is unplugged, which currently is showing Amber, the switch status light turns off. And, instead of showing Amber on the ports, it should show Green.  Hmm.

Cosmetic Issue …. Yeah … the switch itself appears to function fine, I have not noticed any issues with devices being able to pass traffic or any related performance metrics that are not meeting a goal. So Okay, then what are we winning?  Well, let me explain what I’m thinking….

Could Cisco Meraki be doing a client test or collecting information to see who actually looks at port lights? If we are moving to a complete cloud based system do we really need lights? Sure, I would think, maybe a power light, to say “hey, I have power, or I’m not doing well”.  BUT, how often do you *really* look at your switches or even look at each switch port status? From the (wireless) access point side of things, people want the status LED turned off.  Some people just do not like it.  Maybe that approach is making a road towards switches and other devices, turn all the lights off.

………… or maybe someone messed up and just hasn’t fixed it???