So been looking at this guy for a solid minute: https://youtu.be/mFcPPWui-DI
It actually meets all of my home lab needs and future expansions for the foreseeable future, and it will be more power efficient than anything I can build with the same form factor. It’s been a while since I’ve given a thought of going full Ubiquiti. What are the concerns of jumping into Unifi altogether? (beyond being locked to their proprietary solution and EOL cadence)
So only because i have never built my own router, but this the Rasberry PI 5 has a 6core arm processor, can it not keep up with the quad core in the Fibrer, or even the quad core in the UDM PRO. Most home routerss use either dual or quad core arm chips. So why do home lab routers always endup as high power desktop parts?
Not high end desktop parts, just desktop parts that are available. It’s mostly because you need a cpu+motherboard combo that allows you to move 10gbps (if you’re into that) and has fiber ports (if you’re also into that). More often than not you start looking into “hey! I need a motherboard with PCI slots to get those network ports in there”.
More often than not they’re truly over-specced because that’s what there was available!
Hmm, out of curiosity had to go looking for a sbc that could possibly compete with the Fiber.
This is the closest i have found is the ODROID-H3+, and i don’t think it can hold up to the fiber, in terms of price or performance. Point is it has a pcie3 x4 m.2 you could shove a 10gbe network card in. Along with dual 1gbe built in
Ok! buy it! you still need to buy the 10gbe card, and now you have to maintain the install with OpnSense, pfSense or whatever
But in all true sense, I am asking for what were the challenges with UniFi in particular, rather than go into a debate on why build your own router. Let’s stay on topic 
Ok not my intent to be off topic, rather you seemed to imply there was not an alternative, so i was seeing if there was one.
However to answer your question at the end as a UDM PRO owner:
Telemetry and api secruity, and how much and/or good each of these are i dont know. But im aware via pi hole that blocks many Ubiquiti tracking related dns requests. Also how exposed the UDM PRO seems to be to the internet, by default it has 4 ports exposed, where i would expect none, for access to it.
P.S. In hind sight while the UDM PRO was probably the right choice for me at the time for my home lab journey, i kinda wish i went the other way. Which is why i guess i was looking at the alternatives. Don’t get me wrong the UDM PRO is great for the most part(let me just ignore those two times it failed to auto update and i spent an hour restoring it from back up after resetting it.). It defiantly has a flashy vibe, just wish they spent less time updating the eyecandy and more time on other things. The home dashboard has changed every 6 months like clockwork without really changing whats on it.
I was looking into this because I want to run the Ubiquiti NVR stuff at some point in the future, and this would fit the bill nicely, plus being more power efficient.
I built my own out of a Lenovo M70q Gen 3 that was reasonable and added my own 10Gbps NIC. Need to have a small footprint and I never cared for big rack networking gear. I just need to get a device that gets things done. The Lenovo is a similar form factor from this Gateway, but much more power hungry. I have no concerns over OpnSense and it’s reliable as it gets. Does everything I need it to and doesn’t complain about anything! My only worry was with the NVR capabilities (no longer a standalone install) and the fact that my setup is more power hungry.
However, the fact that the ports are exposed is a bit of a concern for me. Can you elaborate on that a bit further? I think just grabbing a random Cloud key with NVR would do the trick, but increase the power consumption 
Also another thing that bugs me is that I do have full control over the telemetry with OpnSense as I can block that traffic from orbit, I wonder what it’ll look like once I move to UniFi if I do.
Most of the time the routers and gateways have hardware acceleration blocks in their SoC that accelerates certain traffic types. Doing it all on a basic CPU means the entire thing is done in software and is vastly slower and more power hungry than hardware dedicated to a specific task.
This is why when for instance if you build a pfsense router and put a bunch of NICs in it and then bridge them all together to act like a switch you can get 10gb switching performance but it takes 50 watts or whatever and a decent percentage of CPU usage, compared to a 10gb switch using 5 watts of power and having even lower latency.
Historically, UniFi user interface left out some features that some of the more advanced people needed/wanted for home lab stuff. Mostly dealing with NATing and specific routing requirements. However, all of that is now in the UniFi UI is there isnt really anything it lacks for any home user no matter how advanced. The very few things left that it still lacks in relates more to enterprise level multi-site routing and high availability, and even that is progressing more and more.
IMO, UniFi is the absolute best you can do for any home, small, or medium business environment now days. Its main issue is the pricing and hardware availability. For home, it has a high price level of entry to really get a system going. For business, it is relatively cheap on pricing though, so depends on your segment. Hardware availability wise though they still have far too high demand for their supply. When something really good releases, like the Cloud gateway Fiber, you have to be lucky to find it in stock and likely can take 6-9 months before supply has matched demand.
You can certainly get all the same features that UniFi has with pfsense or OPNsense and things like that, but I really dont see the point anymore when you are likely going to be spending just as much or more as with UniFi, and then you have to go through all the hoops of installing all the software and plugins and tweaking everything yourself and fine tuning filtering rules and policies. It is far more work than just using something that already has it all there in a nice polished user interface while using less power.
Cloud Key is a hardware controller, and it can run the entire UniFi application stack. The way UniFi works is that each product subset is an application. So the Network app controls your gateway, switches, wireless access points, and wireless device bridges. Protect is the security/camera app that controls your cameras and home sensors (a product line soon to be expanded upon greatly). Connect app controls digital signage, Access app controls door access (business stuff, not home smart locks), and Talk app controls VoIP phones and all your phone lines and menu systems for VoIP. Oh and lastly they now have the Drive app which controls your UniFi NAS hardware.
So the NVR stuff falls under Protect. Anything that can run Protect can be used as the controller for the cameras, and this is basically any product with a controller that UniFi has that can mount storage. The Cloud Gateway Fiber has an m.2 slot so it can run Protect. Cloud Key Gen2+ has a sata port for a HDD or SSD (I greatly recommend SSD) so it can run Protect as well, and obviously the UNVR has storage so it can be your Protect controller. You don’t need a Cloud Key and a UNVR for the cameras, you either use the Cloud Key to manage your network and cameras, or the UNVR to manage the cameras. So since the Cloud Key Gen2+ can support up to eight 4k cameras (and more lower res ones) you dont need an NVR if you have a Cloud Key Gen2+ or Gateway Fiber unless you specifically want more storage capacity for keeping video longer or have more cameras than the other devices can manage. The limitations on how many cameras it can manage is there for performance reasons.
As another note, the Protect line does have webhook support as well which is of great interest to home lab usually. So you can use camera triggers to send commands to Home Assistant for instance. Many people use this with a G4 Doorbell Pro to use the fingerprint reader to send a webhook to HA to unlock their door’s smart lock that is also connected to HA. This way you can do keyless entry based on fingerprint and manage access by who is enrolled with prints. Some people have used the AI cameras to detect faces and on a specific face to send a webhook to HA to unlock the door, giving you automatic unlock as you or anyone you program walk up to the door. Be aware though that the facial recognition system isnt very robust and isnt intended for security access, though people use use it for this. So just like when the iPhone first came out with face unlock, people could print out a picture of your face, wear it as a mask, and walk up to the door and make it unlock. Extremely unlikely scenario for a burglar, but technically a possibility because it doesnt use full 3D analysis for facial recognition.
If you plan on using UniFi NVR or Protect, then I think the UDM pro makes a ton of sense. It kills 2 to 3 birds with one stone and the price to feature set is unmatched in the market at this moment, especially with Synology taking steps to lockdown their ecosystem further than is.
Only complaint I have with protect is you have to use ubiquity cameras and cannot use other brands. And some of the cameras feel overpriced for what they are. This is probably a supply and demand thing.
The UDM Pro is now obsolete. The Cloud Gateway Fiber is higher performing, cheaper, a bit less power, and has storage for Protect, and can run the whole UniFi application stack. This is because the Gateway Fiber is the first gateway type UniFi product that uses a newer generation CPU design. The UDM Pro Max is the only one that meets the same performance specs as the Gateway Fiber using the older gen SoC that is overclocked. Its advantage though is that it comes with 2 drive bays for Protect which is nice, but is more than 2x the cost and power draw for technically the same performance as the Fiber.
@zmezoo
Recently UniFi Protect gained the ability to use 3rd party cameras. It doesnt always work the best, but many HikVision, Axis, etc cameras work well with the system. It does have limitations, like you cannot use any of the special features like facial rec, etc of the 3rd party cameras you buy and only get basic recording with them. It is more meant to be a serviceable way to use Protect and its software with existing cameras you have, eventually replacing those old ones with UniFi models that have better features and more integration. Not really meant for buying new 3rd party cameras to add in to Protect. So yes it is somewhat valid to say it is still really only meant for use with Ubiquiti only cameras.