QOS in the new Ubiquiti firmware

[HCHTech]

Can someone tell me where to find the equivalent of what used to be called "Basic Queues" in the old Ubiquiti firmware? I'm tweaking the settings of the new install I've been working on, and I'd like to add an overall bandwidth limit for the guest wireless.

There are technotes and youtube videos talking about how to do this on old firmware with an Edgerouter, but everything is moved around in the new firmware for the USG Pro and I can't seem to find it.

I have created a 'Guest' user group that limits the bandwidth available to any one guest user, but in addition to that, I'd like to put an overall limit for the Guest wifi. Unless they have changed, I don't want to use a Smartqueue for this.

I'm trying to do a live chat, but they are busy today, I'm 22nd in queue - haha.

 

[YeOldeStonecat]

When you create a "user group"..that is applied to each client within that group.
To the best of my knowledge I have not seen a rate limit for a whole group....like..give 20 megs to all members on the guest wifi...so if it's just 1x user at that moment they get all 20 megs..but if it gets to 20 users in the afternoon each user gets just 1 meg. Nope..have not seen that.
I would still run through the overall smartqueue setup so the USG has a baseline to work with.

 

[HCHTech]

Thanks, YOSC. In the old Edgerouter, in addition to the SmartQueues, you could configure a "Basic Queue". This does what I'm after, but I cannot find it in the current firmware. Maybe they removed it. I found this youtube video explaining it and it is exactly what I was looking for. "Was" being the key word, here.

 

[YeOldeStonecat]

One day they may add that to the Unifi line. I'm not aware of anything similar to that in Unifi. It is still in the Edgerouter line.
Unifi started on the principle of being simple...more advanced features have been added over the past <2 years, hopefully we'll see something that allows a "total cap" to a network or IP(s). But for now, on Unifi, to limit traffic for a guest network...you just have the option of doing a user group where you apply a max rate "per client". So careful on the math, and ensure smart queues has been setup properly.

 

[Sky-Knight]

That thinking is fundamentally flawed. You never want a hard cap on bandwidth, or any fixed reservations. That actually wastes bandwidth. Modern QoS systems are designed around priority lists. Because at the end of the day, the purpose isn't to halt traffic, it's to ensure important stuff makes it through first. From a network perspective, we shouldn't care that the kid down the hall downloaded 20gb of porn last night. We cared that his porn habit didn't interfere with the VoIP PBX online over the same wires during that time. Stopping him from getting that material is the function of content control, not some bad wireless ISP punishment box because they crossed an imaginary line using an unlimited resource.

 

[HCHTech]

I think this is probably right. I have been using bad terminology in practice by describing QOS as "carving out" a portion of the bandwidth to guarantee that X amount is always available for the priority traffic. I know that this isn't really how it works, but it has led me to approaching my current problem from the wrong direction, I think. Instead of trying to guarantee X% of the available bandwidth for the private wifi by limiting the guest wifi to 1-X%, I need to just make sure that the private wifi has a higher priority than the guest wifi.

In the sonicwall world, you can assign priority to any traffic you can identify (for VOIP, it is ID-ed by it's VLAN tag). In the Unifi world, it doesn't work this way. The "Smart Queue" thing apparently does it's own priority assignment, but there must be a way to manually assign priority to traffic from a particular subnet - that's the problem I need to solve. I'm off to do some more reading.

 

[HCHTech]

Well, according to the nice lady on the tech chat, I need to make these settings using the command line. Not what I was hoping for, and of course the articles cover every scenario but mine. Before I go down that rabbit hole, let me back up and just ask the larger question to the Unifi folks here. This seems like it would be a common setup for, say restaurants, churches, meeting space rentals, etc. An unpredictable amount of guest traffic.

Assuming you're stuck in the Unifi world, how would you set this up?

 

[YeOldeStonecat]

On Unifi setups, go to settings....and in the menu, UserGroups.
Create a new one. Example in screenie below.
Once you have created one, you need to assign that usergroup to your wireless SSID for the guests.
This one is just for cell phones, tablets. Depending on intended use...might give a little more juice per client.
On a VLAN, separate IP range.
For larger and/or more complex setups, we use EdgeSwitches, and typically have Untangle at the edge. Untangle is where I prefer to define traffic for an interface, such as I'd have a dedicated interface just for a wifi guest network such as the client site I'm at right now.

 

[HCHTech]

Thanks - I did setup a user group and apply bandwidth limits there once it was assigned to the guest SSID. However, this appears to be a per-user limit, so it's not obvious how to configure it. If it *is* per-user, and I have a 75Mbps connection, and set a bandwidth limit of 1Mbps down and 1Mbps up in the user group, then what is the effect if I have 100 users on the guest SSID? Can they still potentally take all of the bandwidth at the expense of the folks on the private SSID (100 users x 1Mpbs > 75Mbps)? It doesn't look like assigned priorities are a thing in the Unifi OS.

I will proceed with the CLI configuration if I can figure it out. I read in one of the notes that changes made through the CLI don't survive a reboot, so that sounds awesome. For this job, I'm stuck with the hardware now, so I'll have to make the best of it. In all likelihood, even if we get 200 logons during service on a Sunday, they won't be taking a lot of traffic - just what their phones do in the background. I hope - haha.