Unifi Network 7.4.156 - Warning

I recently upgraded to version 7.4.156 and I need to draw people to a really annoying change they’ve made.

When going into port manager and changing any port to access just a single VLAN, they’ve changed the terminology from Native and Tagged VLANs to “Primary Network” and “Traffic Restriction” and by default the “Traffic Restriction” is off. Thus you think you’ve set a port to access a specific VLAN, but in fact what you’ve done is setup a trunk port and only set the native vlan on that port.

This caused me some issues this week as I didn’t notice the traffic restriction option was turned off, and in fact I assumed this was some weird layer 3 type traffic control so ignored it. This inadvertently turned my access port into a trunk port, which then tried to trunk all my traffic up to a Cisco switch which I only wanted on 1 specific VLAN. Annoyingly what happened next was catastrophic. Because I had 2 ports setup from 2 different switches into that Cisco switch, and because both of those ports didn’t have the traffic restriction option turned on, it then tried to utilize that link as a trunk between the 2 unifi switches, and RSTP disabled to true trunk I had in place, thus severing one portion of our network from the other.

I wanted to draw people to this change before someone else falls victim of this.

Why they’ve strayed away from an industry standard terminology of “Tagged” and “Untagged/Native” VLAN’s and opted for this weird naming convention, I have no idea.

Other annoying changes:
Port profiles are now Ethernet Profiles, and there’s no longer an “All” or per VLAN options anymore.
If you want to use “All” you have to select a VLAN for the primary network and turn off the Traffic Restriction option.
This also means that the number of port profiles (Ethernet Profiles) you now have will have reduced.

One good change is that you can now disable a port easily without changing it’s port profile.

Full list of changes are on their releases page:
https://community.ui.com/releases/UniFi-Network-Application-7-4-156/15ac6260-9cd1-4ac3-a91c-4880c1c87882

Yeah, I have notes about this for my upcoming video. I have no idea why they would change what was a an easy to understand system.

I have no Ubiquiti switches, (UniFi, EdgeMAX or UISP), but this “dumbing down” of standard terminology is an unwise move in my opinion.

Just to be 100% sure I understand, are you saying that “Primary Network” means PVID and “Traffic Restriction” means accept only untagged or priority only tagged traffic?

New port profile management:
Mactelecom - Unifi New Port profiles and Traffic management - YouTube
Willie Howe - UniFi 7.4 Switchport Profiles - YouTube

I saw Tom’s video is up too. Reviewing UniFi 7.4.156: OpenVPN Server, Big VLAN Port Management Changes, and Other New Features! - YouTube

Correct, Yes. Primary network = native vlan. Aka untagged vlan/pvid and the traffic restriction basically means the other tagged vlans if you use the “allow” instead of “block” option.
Personally i think putting in the block option makes it more complicated too since you have to get your head around what vlans are then allowed over that port.

They’ve basically just done this:
Rename “native vlan” to “primary network”
Rename “tagged vlans” to “allowed vlans”
Added an option to invert “allowed vlans” to “blocked vlans”

Also removed the need to do this via a port profile (now called Ethernet profile) and instead do it at the switch port level instead.