Wifi disappointment: Ubiquiti’s AC-Lite access point

My broadband provider’s (free.fr) built-in wifi is pretty dismal – despite having a reasonably solid 26Mbit VDSL connection, my iPhone will often time out even when in the same room, and streaming video from another computer through 1 plasterboard wall often glitches, while an Ethernet connection works fine. Free’s admin software has a neat little channel scanner, and I can see that my network is the only one using these channels, so it’s not an interference problem, and my phone has no speed problems on other wifi networks I use. So I decided to spring for a new access point that would support 5GHz bands, to see if that would work better, and chose the AC-Lite model from the highly recommended Ubiquiti Networks.

I wasn’t sure if my router supported PoE, so I plugged in the AC-lite to see if would show any signs of life, but no lights came on – but none did. So I plugged in the PoE injector and plugged it in again – but still no signs of life! I replugged the PoE injector and checked the docs to ensure I had the ports connected the right way round, but still nothing. Leaving it plugged in, I started searching Ubiquiti’s support docs, but after a few minutes noticed that the lights had come on on the access point. A further test reveals that it takes quite a long time for anything to show up – it’s just slow.

While doing that, I needed to sign up for Ubiquiti’s support site at help.ubnt.com, so I did the whole email sign-up dance. I also gathered form the “Quick Start” guide that I needed to install a local copy of their management application, UniFi. So I grabbed the latest macOS version (5.6.22, at the time) and installed that. On running it, it complained it couldn’t run because “Port 8080 is used by other programs”. That is true – I run nginx on port 8080 with a port mapping from port 80 so I can run it unprivileged. After some rummaging through the help site, it tells me I need to edit the “system.properties” file and change the default port. I then need to find the system properties file. Eventually I find a reference that says it’s inside the UniFi app bundle, in UniFi.app/Contents/Resources/data, however, it’s not there. Later on I find a comment on someone else’s identical question revealing that this file is only created after you’ve run it successfully for the first time – so we have a stupid chicken & egg situation – you can only avoid a port clash by not having a port clash. So I stop nginx, relaunch UniFi, and sure enough, the system.properties file appears, so I can then quit, edit the settings and relaunch. This can’t be that unusual (given the numerous support questions asking it), and being able to set ports from the launcher would seem a basic thing to allow.

Now it lets me click the “Launch a browser to manage the network” button, which takes me to a browser page filled with warnings about invalid security settings – browsers are now much pickier about such things – and after clicking through all the warnings, it ultimately requires me to provide an admin override to allow the use of a self-signed certificate. Not pretty. It then tells me Safari isn’t supported. Sigh. So I switch to Chrome, and go through the whole set of security warnings again. None of this is mentioned in the quick start guide. I know what all this means – but I suspect many would not.

“At last”, I think, “I can get on with configuring this thing”. Fat chance. It takes me through a config wizard. As part of this it asks me to enter my login details for the Ubiquiti support site for its “cloud integration”. However, the login that I created earlier doesn’t work – after much retrying and checking, it turns out that I have to create a new account, because, obviously, help.ubnt.com and account.ubnt.com are completely different and unrelated sites 🙄. I noticed that the site supports 2FA, so I enabled that, though I also noticed that it does not provide any backup keys, so if you lose your authenticator (e.g. in the way that google authenticator does occasionally), you’re screwed.

Finally I get to log in, where I’m greeted with lots of greyed out areas and warnings saying “UniFi Security Gateway Required”, and “DPI data is missing”. Just what I wanted to see on my first login to this shiny new product. Requiring some other device is fine, but it doesn’t need to be so prominent that it looks like there’s something wrong.

After all that, I got everything connected. My iPhone connects over 5G, and so far it seems to be free of the network issues that led me in this direction to start with, so it worked out in the end – but it could so easily have been so much better.

Setting up a rear derailleur

I needed to set up my rear derailleur from scratch yesterday and thought up a nice simple mechanism for doing it that I’ve not seen described before. This is for a ‘normal’, not reverse-pull derailleur, where increased gear cable tension makes it change down.

  1. Put the bike in middle ring at the front, set the rear shifter to top gear.
  2. Adjust the limit screws.
    I find this is especially easy if you disconnect the gear cable completely – it prevents cable issues interfering and means you don’t need to fiddle with the shifter.

    • Adjust the bottom limit screw so that the bike pedals smoothly in top gear with no clicking or rubbing.
    • Push the derailleur with your fingers so that it shifts into bottom gear and adjust the top limit screw so that the bike pedals smoothly in bottom gear with no clicking or rubbing and without falling into the spokes.
  3. Screw in the barrel adjuster on the derailleur (and the shifter) as far as it will go.
  4. Pull the gear cable tight with your fingers (you don’t need much tension, just take up the slack) and tighten the retaining bolt.
  5. On the shifter, change down ONE gear (e.g. 8th if you have a 9-speed cassette).
  6. While turning the pedals, turn the barrel adjuster until it shifts into the selected gear.
  7. Adjust so it’s not rubbing and that the top jockey wheel aligns nicely.
  8. Check that it changes into all the gears smoothly when changing both up and down.
  9. Job done!

This whole procedure can be done in a couple of minutes. You may need to fine-tune the barrel adjuster slightly in some lower gears, but this procedure will get you to the right ballpark with minimal effort. It’s much easier if you have a workshop stand or similar means of holding the back wheel off the ground.

MS has a big spanner

Microsoft are, yet again, releasing a feature that’s probably going to be pushed as some kind of improvement, but will be to the detriment of 99% of its users: In Outlook 2007 they are removing the IE-based HTML renderer and substituting Word’s HTML renderer instead, you know, the one that makes Netscape 2 look good. Admittedly, IE in Outlook has historically been the vector for the vast majority of viruses (hence the ‘Outbreak’ nickname), but that’s mostly untrue in recent versions. Microsoft are touting IE7 as the most secure version ever, yet it seems to be too insecure for Outlook? They might come up with some kind of lame antitrust-compliance excuse, but they could instead simply open their internal protocols and use pluggable renderers, just like Linux and OS X do. I suspect it will have zero effect on spammers, most of whom don’t use HTML significantly any more, and they don’t care anyway. Erstwhile competitor CampaignMonitor has an excellent take on the situation.

So what does this mean? Probably the end of HTML email marketing as we know it. It will cost the industry millions in lost revenue – not that MS costing industries millions is anything new. OTOH, it might just usher in a new age where marketeers have to remember how to write decent copy.

If they wanted to make a real difference, they could perhaps fix their SenderID spec to talk to SPF correctly, or perhaps get Exchange to send bounce messages that actually contain useful information, like (and I don’t think I’m asking too much) the address the message was originally sent to.