Ubiquity UniFi vs Open Mesh Comparison
I wrote about Open Mesh networking at my Church IT blog back in 2009, which at the time replaced a dying Meraki network originally installed in 2007 (using hardware they long ago discontinued, similar to what Open Mesh became) and has done well in that situation. I had a reader comment yesterday about my current thoughts, and my response was different now that Ubiquity UniFi is available. I’d probably try and do things differently if I could do it again, though maybe not in that original situation. Any more traditional “office” setting other than a campground I’d still steer towards UniFi over Open Mesh now. My issues have to do with hardware and software, and not necessarily as much “software” as the whole platform and how things are set up for each. I already commented once on my original post but I also wrote a further email reply follow-up; that’s what I’m republishing here with limited editing:
My issues with Open Mesh are probably with both the hardware and software, but more software. Hardware-wise they’re OK, but with only one radio the actual throughput is very slow. This may not matter in your situation, and you can actually throttle it as well (but you can with UniFi too) per client, which would help keep abuse by large download abusers to a minimum.
The Open Mesh APs are designed for placement near a power outlet, which is fine except people tend to mess with stuff at that level (I’ve had people unplug them because they were trying to be helpful and “cleaning up,” and that’s a best-case). The other option is to spend another $20 on a PoE injector adapter for them, but they aren’t really made for ceiling mounting, though you could put it inside a ceiling perhaps (if it were a drop-ceiling), or try to mount them up high. They do have covers that mount over a plug outlet that hide them OK, but you can’t put the larger antenna on them with the cover too (if desired) and it keeps the outlet from being used for anything else (covers up both outlets). UniFi gear is like a disc that looks like a large smoke alarm, is made (and comes with the hardware for) ceiling, wall, or drop-ceiling mounting, requires PoE via an included adapter (so it can be plugged into a closet with the switch and not wherever the AP goes), and in practice seems a lot cleaner and less messy solution overall, and their other directional stuff also uses the same PoE stuff and can be run outdoors too and mounted easily (they make cheap wall and pole mounts for it).
The Open Mesh software is actually a “cloud controller” as you may know. But it’s slow–once you change a setting, it takes at least 20 minutes to propagate to the access points. If they go offline there aren’t many ways to troubleshoot the problem, and the feedback you get on the dashboard, while useful, is quite delayed. And I’ve seen some pretty poor throughput numbers, even to the point of access points dropping out and back (not sure how much this is due to distance but the signal’s pretty good when it works for most of the APs I have), but you don’t have much in the way of troubleshooting options. The “cloud controller” idea is cool and it does work, but not nearly as well as I’d like to see. I’ve also had some issues getting an IP with a device on the network, and sometimes the connectivity through to an AP that has the DSL line on it is flaky so I’ll either get an IP and no Internet, or won’t even get an IP and get connected. I’ve not solved this problem; it sometimes works and sometimes doesn’t. Hasn’t been ultra-reliable for me, but it’s better than the nothing they had before at the campground where I installed it. I have it in a related office building in the city as well for guest internet access, and it’s a little better there but not by a ton (it is a little more reliable), and there are only two APs not a huge mesh. I’d use UniFi for this office in a heartbeat; it wasn’t available at the time and I’m thinking about replacing it soon actually.
With UniFi, there’s controller software that needs to run on a computer. If you’re not doing a guest portal or RADIUS (per-user) authentication, the controller software doesn’t need to stay running after setup except for config changes and firmware updates The controller software is free and Java-based, will run on Windows (desktop or server versions) or Linux and doesn’t need a lot of power, an old cheap or free desktop would run it, or you can actually host it yourself in the “cloud” on a virtual server (any number of providers or Amazon’s EC2, or in your own office elsewhere with a port open). You do need to run your own DHCP server, though if you have an XP box as a controller there are some free DHCP servers available for XP. But changes with the controller are immediate, you can see the status of access points, map them on a floor plan or via Google Maps (similar options are available in Open Mesh but I find their mapping a lot more clunky, and it has to be Google Maps not a floor plan you provide), configure up to 4 SSIDs including guest/internal networks as needed (guest networks can share the same IP range and use internal firewalls on the APs to block traffic to the internal network), and if the controller runs all the time you can see statistics and users and optionally block users.
The UniFi controller features are similar in many ways to Open Mesh (though it only has one “staff” and one guest network available), but I find the UniFi configuration to be enjoyable, fast, and usable, and the Open Mesh controller is pretty until I want to use it and then I wish I didn’t have to deal with it and the time it takes and troubleshooting and time for configurations to take effect. I’ve also had APs that wouldn’t connect at all to the cloud controller and I had to manually re-flash the firmware on them, though hopefully they don’t have that issue with the present version of the firmware.
So those are my thoughts on the two; Open Mesh will probably “work” mostly, as I said, but I just haven’t been thrilled with them on a few levels after having actually used them. I haven’t really done much with them in a couple of years now (other than testing the Enterprise access points and being even less thrilled with the reliability there) so maybe they’ve improved some. I’d probably put together a more robust Ubiquity system with directional uplinks between buildings and UniFi for clients, though if buildings are close enough you might get away with the “wireless uplinks” feature of UniFi (unlike mesh you define the links manually, and each wired AP can only uplink to 4 others wirelessly).
Two notes to add to my above comparison:
- UniFi is still a lower-end solution with some very nice Enterprisey-features. It competes well in the right space, but places with a lot of interference and/or very high density requirements should look at something better, like Ruckus Wireless, which is excellent, pricier, but definitely has a place where conditions warrant. UniFi rocks but isn’t the answer every time, either.
- My dealings with Open Mesh are with the OM1P 802.11g access point (and some test units of their Enterprise MR500 unit while in beta). They now have a model OM2P 802.11n access point and the MR500 is in production, so some of my issues may have been solved. My original Open Mesh configuration was in 2009 and the Enterprise AP test was in 2011 and I have not re-evaluated them since. I still really love the way Ubiquity does things, regardless, but Open Mesh may be more of a contender with their new hardware and possibly firmware upgrades since my last use.
Microsoft Virtual Server inside of VMware ESXi virtual machine
Virtual machines inside of virtual machines like to sleep around. But maybe I should give you some context!
I just moved an SBS 2008 installation from a physical server to a virtual machine. It’s a temporary thing until we rebuild the whole server in a couple of weeks, but it’s one of the steps. The physical SBS box had Microsoft Virtual Server installed on it running Blackberry software for Exchange (just for one user, but he’s the owner so it’s important that it keep working!). Once the virtual machine was up and running (hosted on VMware ESXi 5.0 free), everything seemed to be going fine until I took a look at the Blackberry server. I had to change the networking in Virtual Server to use the new virtual network card (instead of the old physical one). Then I booted the virtual-inside-virtual machine….and lost networking to the SBS VM!
I’ll save you the extended details of troubleshooting, which involved some reboots and reconfigurations and resets. The solution was go into the VMware vSphere Client, click on the host at the left, then on the Configuration tab, and then on Networking on the Hardware submenu. I clicked on Properties of vSwitch0, and then edited the vSwitch configuration. On the Security tab, I changed Promiscuous Mode from Reject to Accept, and OK’d my way out of all the settings screens. This is a great security feature but prevents the use of sub-virtualized machines that require promiscuous mode (now you see why I mentioned sleeping around?).
One thing I also did was add a second virtual network card to the SBS machine and unbind it from IPv4 and IPv6, but assign it as the physical card used by Microsoft Virtual Server for the Blackberry virtual machine. This gives me a little logical separation between the NIC used by the SBS system and the one used by Blackberry, though it doesn’t gain me much given the overall setup. It was more one of my troubleshooting changes I decided was worth keeping. You do still have to enable Promiscuous Mode for the Virtual Server to get network connectivity (a hint was that with the defaults, broadcast traffic worked because the NIC would get an IP via DHCP, but unicast traffic would fail; broadcast traffic was functioning even with Promiscuous Mode disabled!).
I’ve dealt with Promiscuous Mode before to get firewalls working in VMware, such as pfSense, which is why I though to check on the setting eventually. I’m happy that my past experience was able to help with my current one, and now I’ve shared with you and, hopefully, future Googlers looking for a solution to a similar problem!
IT vs. Web Design vs. Web Development – they’re different!
A friend of mine, Nick Nicholaou, just posted a blog post about Web Development and IT – Are They The Same Thing? I started to leave a comment to expound upon his (correct) answer a bit because this is an area where I’ve done a bit of thinking. And then I realized, my comment is way longer than Nick’s post; perhaps I should move it to my own blog?
In his post, Nick says, “While at a conference last week it hit me that those who are not entrenched in IT (information technology) often don’t know there’s a difference between web development and IT.” What a true statement! I’m not sure why this confusion exists really, beyond people not paying attention (a common problem everywhere), although there are some similarities between the two and often one person does both (or some of both). And you must have IT infrastructure underneath a website for the hosting at least, so they are related, though IT for most websites isn’t even hosted on most organization’s internal infrastructure!
IT, by the way, is an initialism for Information Technology. This should be obvious, but we’re talking here about not knowing the difference between IT and website creation, so I’m not going to assume (which, as you may know, is not a good idea anyway)!.
Nick goes on to say that IT is an “applied science” and web development is an “applied art.” I think that’s good, using science/art terms; one (IT) is a creative position that happens to use a lot of technology (both in the creation and then in the hosting/setup of the result) and the other, while it involves creativity as far as creating solutions to problems with technology, consists much more of a defined process to find a solution to a problem or create and manage a technology platform for others to use for their own disciplines, and not creating content for public (or even captive audience) consumption.
Confusion happens because there are people who cross disciplines (sometimes well, often horribly) and because, as Nick mentions, systems set up in the IT world are then used to do web development/design as well a host it (though the hosting infrastructure is often outsourced, another confusion).
And hey, an issue I run into even more often is the difference between web design and web development. Again, because people cross disciplines (again, often poorly!) and don’t understand what is what. Design = visual layout and content creation, and human-computer interaction decisions. Development = creation of interactive websites by programming in various tools, including server-side scripting/programming, database interaction, and client-side programming such as JavaScript and HTML5, and even Flash.
A good designer is not automatically a good programmer (for web and other programming areas!) and vice versa. In fact I think one reason so many sites stink so horribly is the tendency for one person to do it all when they really are terrible at one of the two. I do know people who are excellent at both but they are uncommon, IMHO. And they often get bored with designing and programming websites themselves because they’re very smart and move on to more interesting and advanced things (one guy I know like this is getting his masters in Human-Computer Interaction Design here).
So, I would agree with Nick and argue that not only should IT and website creation be understood as separate functions done by (usually) separate people, or occasionally as two separate functions and activities done by the same person at different times (I’ve done this myself in the past!), but web design and web development should be thought of as separate, but symbiotic, functions that are best done by separate people in the best case, and by one talented person in rare circumstances. (Alternately, and commonly, a designer will use a previously developed tool, such as WordPress or another Content Management System, not having a separately commissioned developer for a specific project. However, these tools were created by web developers!)