Help me move from unifi to something else

[hmw]

I extend all my VLANs out to OPNSense as my sole router, with no instability.

Care to share your OPNsense setup? The last few releases have been problematic with VLANs. For example see here: Occasional interface flapping on all interfaces and vlan issues - in combination with IPS (IDS works)

I am using OPNsense on bare metal - tried with X710 and X550 NICs, for whatever reason, having trunked VLANs to OPNsense would cause the Unifi SDN's VLAN "gateways" to go down every 5 ~ 15 mins

Turning off IDS didn't seem to help - there's also a bug where 'disable all hardware filtering' sets VLAN hw filtering to 'Default' which for X710 is the ON state. At some point I just grew tired of the untimely interruptions to Zoom or to file transfers and called it a day

It's a shame because I was using my ICX6610 to handle all the heavy VLAN routing and hence the UniFi XG24 and OPNsense really didn't need to do anything much. In addition, using OPNsense GUI and DNS/DHCP was far far better than setting ACLs on Brocade or using the crappy Windows DHCP/DNS services

 

[kpfleming]

I have a few small switches powered via PoE splitters, some Ruckus APs, various ESP32 devices with either native PoE or splitters, a VoIP phone, and some IP cameras. It's quite nice to do it this way, as the UPS backing up the switch also backs up all o those devices by extension.

 

[Sean Ho]

I also use a cheap gigabit PoE switch (Enterasys C3) as a generic LV PSU for the house. ATA, rpi, cable modem, etc.

Care to share your OPNsense setup?

It's not fancy; I use an old m73 tiny plus mPCIe NIC (rtl8111), so two gigabit ports, both to ICX6610. One port untagged to a VLAN that also has my ONT for WAN; the other port is dual-mode, tagged with all the home VLANs. DHCPd run on all internal VLANs. The ICX is used solely for L2. Kernel wireguard, but no suricata.

Flapping interfaces would drive me nuts; I am empathetic to your plight!