I’ve installed OpenWRT on an Edge router (ERX) and its made me want to custom firmware every piece of networking equipment I own.

I’ve got an ER4, AP Pro and PlusNet (BT) router lined up but I wondered if it’s possible to do anything with the Unifi switch I have? I know there’s OpenWRT images for the ToughSwitch line by Ubiquiti but looking at the OpenWRT forums it looks like the Unifi switches are a dead-end.

I’ve got a craving to hack/customise it but can’t find any options.

  • litchralee@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    0
    ·
    1 year ago

    IMO, custom firmware is a means to an end, rather than an activity undertaken just for the sake of it. That is, I run custom firmware when it gives me features I otherwise wouldn’t have had, or because the original firmware has issues.

    For a great majority of home routers, OpenWRT and the like open up enormous possibilities, so I have no objection there. For a managed switch, however, the returns are diminishing: most of the time, the complexity of a network falls upon its gateway or firewall, rather than the switch. Yes, there could exist complex VLANs with priority flow control and GRE tunnels, but if a switch doesn’t support that, it’s usually because it can’t, due to lack of ASIC support or necessary performance, rather than firmware not implementing it.

    Of course, things get wild in the enterprise switch space, where switches rise to the forefront of network design, with things like per-user VLANs and “lite L3” routing. But I’m ignoring those, since they’re hideously expensive and beyond the entirety of Ubiquity’s product line.

    So I posit to you: what sort of feature would you want to see in your switch that’s not there today? Would that feature have to be on the switch, or could it still operate if it was on your router?

    • rather than an activity undertaken just for the sake of it

      My god man! Do you have no sense of adventure!! I installed openWRT for the fun of it!

      complex VLANs with priority flow control and GRE tunnels

      Now you’re highlighting one of my issues. I’m a programmer so have only a sparse knowledge of networking from 20yrs ago when I was at uni and learnt the OSI stack. I realised after installing OpenWRT on my router I really don’t know anything about networking!!

      Which leads me to say - maybe I should learn more networking and learn to use this first router well before I decide to start converting everything!

      So I posit to you: what sort of feature would you want to see in your switch that’s not there today?

      As I said above I probably don’t know enough to give a decent answer but my main issue is that my Unifi switch needs a separate controller software running on a Pi or similar to configure it. I wanted to have a self-contained programmable (managed?) switch. For example there’s a feature where you can open one of the ports to forward all packets the switch is handling (so acting like a hub) which I’m guessing would make it useful for an IDS monitoring solution to be attached. But that can only be done with this messy separate software.

      I think first order of business is to get comfortable with my current router and read every page of the docs. Then I’ll see what else I could want from there.

      If you have any suggestions on learning more about home networking (like the stuff you mentioned) let me know! I saved someones network architecture diagram on Reddit cos it looked amazing and some of the stuff they could do and managed looked great but I understood about 40% of it!!

      • litchralee@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 year ago

        Do you have no sense of adventure!! I installed openWRT for the fun of it!

        OK, I concede haha. You’re absolutely right that doing things Just Because ™ is as valid as reason as anything else, and as an engineer I shouldn’t be dissuading other folks from exploring. One thing I will say is that because my work develops network switches, it’s an occupational hazard that I’ve become less interested in going home and doing more recreational networking. I still do, but not on my “production” home network. I have a separate equipment stack for playing around with.

        maybe I should learn more networking and learn to use this first router well

        I would doubly recommend this: networking is a great big world that underpins so many things, but is often unsung and misunderstood, or even just not understood at all. Looking under the hood is seldom unenlightening.

        my Unifi switch needs a separate controller software running on a Pi or similar to configure it

        You’ve pretty much arrived at exactly the reason why I don’t use Ubiquiti’s switch products, inexpensive and capable as they are. I’m a proponent of “fewer moving parts”, so it’s either self-contained network appliances (ie router, switch, modem) or tightly-integrated equipment with configurability and performance that overcomes the complexity burden. These controller-managed or cloud-managed devices are just adding points-of-failure, IMO.

        Regarding the feature you mention, I think the industry uses the term “mirroring”, as in Port Mirroring or VLAN Mirroring. That said, the volume of traffic is basically a firehose and could potentially overwhelm whatever port or entity is to receive the mirrored traffic. High-end switches will instead forward traffic on a more granular basis, based on filters issued from the IDS for what constitutes suspicious traffic. You might consider reading about OpenFlow and Software Defined Networking (SDN) for how some of these scenarios are implemented, but this is getting rather deep into networking.

        The refresher I was given a while ago to read for networking was The All-New Switch Book, second edition. It’s a bit old at this point, but it’s a solid foundation on Ethernet and standard network features.