Regarding your overall layout:
Unless I’m missing something, no point running your router into your 10G switch. I’d suggest the following, regardless of which brand or models you choose:
router
- 24 port 1Gb PoE switch
- wifi access points
- other small switches (where needed)
- 10G switch
Regarding cost of Unifi:
The 5 port Unifi Flex Mini switch is definitely a bargain at $29 USD. I didn’t notice any specific indication of how many 10G ports you need, but if you only need a few, the 8 port Unifi 10G Aggregation switch is a lot less at $270. But it doesn’t have an uplink port so you only actually have room for seven 10G devices.
Skip the AC Pro access points. Get the AC/LR. Cheaper and longer range. IIRC, maximum throughput is less, but maximum speed for each device is the same? Anyway, for a home system, if the AC/LR can’t handle it, then it should be hardwired anyway.
The only PoE problem I’m aware of with Ubiquiti was that their early access points used 24 volt passive PoE whereas the standard was 48 volt active. Active PoE auto negotiates the PoE power necessary, if at all. With passive, you turn on PoE in the switch and then the switch outputs 24 volts on that port whether the connected device can handle it or not. That’s why I only use red Ethernet cables plugged into my passive PoE port as a warning to myself.
More recent access points added standard 48 volt active, and I think the newest may have dropped the 24 volt passive altogether. Or maybe that last part is just wishful thinking on my part.
If there have been other Ubiquiti PoE problems, I’m not aware of them.
I would definitely go with pfSense or OPNsense (a fork of psSense) as your router/firewall.
Regarding Microtok vs Unifi:
Do you want networking to be a hobby or do you just want a functioning network. For me, it’s a hobby, so I deliberately avoided going all Unifi so I can’t rely on its integration and ease of use.
If you don’t want it to be a hobby, I’d go pfSense over OPNsense just because you’ll find a lot more tutorials for pfSense. And I’d go with Unifi for switches and access points. You’ll have enough “learning” connecting your VLANS in pfSense to the LANS in the Unifi controller software to last you a lifetime.
If you just love to get your virtual fingers dirty, sure, save some money and buy Microtik switches.
But here’s my sit-on-the-fence approach:
Step 1
- setup pfSense
- buy a $29 5 port Flex Mini switch
- buy an AC/LR access point
- setup your VLANS
Step 2
Now, if you thought that experience was fun but you want a bigger challenge/learning experience, add Microtik switches.
But if you thought it was a PITA, buy Unifi switches.
The best thing about this approach is that everything you buy or do in Step 1 applies to Step 2, no matter which way you go.
Amateur tip:
While you’re setting it all up, you can plug your pfSense box into your existing LAN and run it double NAT so your existing network stays running until you sort it all out. There are issues with some protocols when running double NAT, but that’s why you only do it for initial setup of VLANS, etc.