Are you not satisfied with the result of your basic UniFi network setup? Are you curious what happens if you turn on the setting? Now that you have solid functioning setup, you can start playing around but at your own risk.
Pre-requisites
List of features covered in this article
- Custom DNS
- Fast roaming
- Optimize for High Performance Devices (5G band steering)
- Uplink Connectivity Monitor
- Deep Packet Inspection
- Intrusion Detection and Protection System (IDS/IPS)
- Wi-Fi AI
- Auto-Optimizer
- DTIM Interval (added 6/28/2020)
This article will be updated as I learn/play with other different configurations.
Before starting, there are two rules I highly recommend in addition to auto backup of the system that you already have on from the basic guide.
- Only make one to two changes at a time. Ideally wait a day or even longer to make sure all is still working.
- Keep a track of what you have changed. You may even consider using excel or google spreadsheet if you intend to change many things eventually.
Custom DNS
Setting > Internet > WAN Networks > Edit > Common Settings > DNS Server
Function
DNS is a phonebook of the Internet. The proper DNS selection can help improve internet connection latency.
DNS can help improve internet connection latency.
DNS can also be used for malicious site or adult content site filters. I would try 1.1.1.1 DNS.
With it, your web surfing experience may be better by having faster loading web pages.
Potential Issue
Not every site may benefit from a given DNS. Imagine different phone books. One is built for country A vs. another country for country B and the last is for combined country A & B. Dedicated single country book has less content in the book so the content can be found quicker than combined book. However, if a wrong book is used, it will take longer as one has to bring second book.
Recommendation: Use 1.1.1.1 DNS
You can try use ping command to some of your commonly visiting website before and after changing DNS and see how things improved. However, in reality, user experience is what matters. So if you do not notice any improvement or perhaps slow down of webpage loading, consider reverting back.
Enable Fast Roaming
Setting > Wi-Fi > Edit Wi-Fi Network > Advanced Settings > Miscellaneous
Function
Enabling fast roaming will make supported client device to roam faster (ref). This is only for those supported clients. In another word, if client does not support 802.11r protocol, you won’t gain anything.
For instance, iOS devices do support 802.11r (ref).
Potential Issue
Issue: Long Association Time message on Wi-Fi Metrics Anomalies
Description: Once I turned on the Fast Roaming I have started to receive above anomalies logged on my main controller screen several times a day.
Symptom: Asymptomatic. I have never noticed any specific issue when these alerts occurred.
Recommendation: Optional/situational.
You need to meet all 3 criteria below to benefit from Fast Roaming option:
- Client supporting 802.11r
- Reason for seamless roaming e.g. Wi-Fi call
- WPA Enterprise
In general, this feature is really for setup requiring as seamless roaming experience as possible. One such application is Wi-Fi phone call requiring moving from one area of home to another with roaming and unable to tolerate temporary drop of voice (one or two sentences). If you are not in such situation, this has no reason to be enabled.
If you are using WPA-Personal for security, the practical gain of 802.11r fast roaming feature is minimal. So I see no reason to turn it on.
in a network using WPA2 Personal security, shrinking the number of messages from eight to four is naturally helpful for efficient airtime utilization, but is really unimportant to the roaming process from a perceived service-quality perspective.
https://www.networkcomputing.com/wireless-infrastructure/wifi-fast-roaming-simplified
If you are using WPA-Enterprise for security and requires as seamless as possible experience, it may be worth giving a try.
Optimize for High Performance Devices
Setting > Wi-Fi > Edit Wi-Fi Network > Advanced Settings > Miscellaneous
Function
This is a “band steering”. Enabling this feature preferentially make devices to connect on to higher performance 5 GHz band over 2.4 GHz when the client device is capable.
Potential Issue
Firmware Versions:
- UniFi Dream Machine Pro (Firmware 1.7.2.2620)
- Controller Version 5.13.30
- AP & Switch version 4.3.13.11253
Issue: Selected devices unable to connect to Wi-Fi
Description: For my case, out of 40+ home network devices, B&W Formation Wi-Fi speakers will not be able to connect. Sonos speaker connects fine, on the other hand.
Symptom: Selectively severely symptomatic. As devices are not able to connect to Wi-Fi at all, this can be a major issue. B&W Formation suite is fairly new product, released in 2019, so this will be very client dependent.
Recommendation: Recommend disabled (default).
You may be lucky and all your current Wi-Fi devices may connect fine but if you purchase a new device and suddenly notice an issue with it, you would never know if it is due to the client device itself or possibly from this setting.
Enable Uplink Connectivity Monitor
Setting > Wi-Fi > Advanced
Function
This feature is required when mesh unit or wireless uplink exist in your network. By default this is enabled.
Disabling this option can improve your system speed and UniFi recommends it.
Disabling uplink connectivity monitor can improve your system speed and UniFi recommends it.
Unless your network needs to use wireless uplink or benefits from the use of this feature, we recommend you disable the Connectivity Uplink Monitor & Wireless Uplink setting.
[…]
Disabling this setting can offer some improved speed and is often suggested when network speeds with UniFi are less than ideal.
https://help.ui.com/hc/en-us/articles/115002262328-UniFi-Configuring-Wireless-Uplink
Potential Issue
Mesh or wireless uplink system will not work when this is turned off.
Recommendation: Recommend disabling this unless mesh or wiles uplink is used.
Deep Packet Inspection
Setting > Internet Security > Deep Packet Inspection
Function
DPI analyze i.e. gives type of traffic usage in your network e.g. video streaming vs. file transfer etc.
The Alpha labeled Enable Device Fingerprinting tries to automatically identify device type. For instance, by turning this on my network topology shows iPhone and iPad with correct icons. However, there are still many that did not get properly identified.
Potential Issue
DPI requires processing power and reduces system throughput though lesser extent than the IDS/IPS. So you have to take this into a consideration when turning this on.
Intrusion Detection and Prevention System
Setting > Internet Security > Threat Management
Function
IDS detects and alert when threats or malicious activity on the network. IPS automatically blocks them. Basically, this is another level of network security besides commonly talked about Firewall. This can be one of a major reason why someone is interested in purchasing UniFi system. For example, I used to get 10+ message on my Network storage device for attempted unauthorized user login. Ever since I have turned on IPS with UniFi, I get none.
Potential Issue
IDS/IPS requires processing power and reduces system throughput. So you have to take this into a consideration when turning this on.
Recommendation: For UDMP users, I recommend turning this on because even with this and DPI on, you will still get 3.5 Gbps throughput. For UDM users, I still recommend it as result is still close to full gigabit throughput.
For USG even Pro, the trade off seem significant unless your internet speed is slower than the limited throughput.
DTIM Interval
Setting > Wi-Fi > Edit Wi-Fi Network > Advanced Settings > 802.11 Rate and Beacon Controls
Function
DTIM (Delivery Traffic Indication Message) interval is an integer number (1, 2, 3…) defining the timing of when the AP sends buffered multicast frames (data).
This is part of Wi-Fi standard and think as a parameter defining the timing when devices in Power-save mode to wake up (ref). The smaller number means more frequent waking up. The small value, ‘1’ means, AP will wake up client devices every defined cycle. In contrast, ‘2’ means AP wakes up client only every other cycle. Therefore, changing DTIM from 1 to 2 can save up 50% of idle battery power.
Proper selection of DTIM interval can prolong Wi-Fi client battery life.
Potential Issue
A default setting of DTIM interval on UniFi system is 1. This means UniFi keeps its connected client constantly awake. If one set the interval too large, depending on the application you may notice the gap to be unacceptable degradation of certain application function. For instance, every 3 seconds gap on voice transmission application is unacceptable; whereas, text messages transmission may have no noticeable impact.
Recommendation: UniFi recommends setting it to ‘3’.
In a network that does not have any multicast application, this parameter has no effect; however, this is usually not under our control and it is application dependent. So it is safer to assume, your network is using it.
Ubiquiti recommends changing this to 3 in a network consisting of nearly all modern devices. This will save up to 66% of WiFi battery consumption on devices like recent iOS and Android phones (ref). In fact, with upcoming controller version, Ubiquiti appears to make ‘3’ as default rather than current ‘1’.