CAPSsMAN performace issue (compared to an autonomous config on the same hardware)

karelkrobath · May 17, 2020, 11:54am

Hi,

I am troubleshooting an performance issue on a simple Capsman Setup in a LAB config.
This Setup is based on the manual https://wiki.mikrotik.com/wiki/Manual:Simple_CAPsMAN_setup

I implemented two simple configurations, both setups are on an identical hardware with the same network topology:

Conf A is an autonomous AP, connected to a simple switch.

Conf B is a caps client connected to a CAPSMAN. (here is the issue, the the performace drops to 40% of Conf A)

Any ideas, how to solve this issue?
Kind Greetings, Karel

Network Topology:

               AP - ether1      Switch - ether1
                  +-+                +-----------------+
                  | |                |                 |
                  | +----------------+                 |
                  | |    1Gbit       |               + |
                  +-+                +-----------------+        +------------------+
                                              ehter8 |          |                  |
     +----------+                                    |          | Network PC       |
     | WLAN PC  |                                    |          | Client           |
     | Client   |                                    |          |                  |
     |          |                                    +----------+                  |
     +----------+                                    1Gbit      |                  |
                                                                +------------------+

Configuration A: Access Point is autonomous 2,4 GHz and 5 GHz
Switch:

###############################################
# jan/02/1970 00:27:24 by RouterOS 6.46.6
# software id = XM14-GTID
#
# model = CRS112-8G-4S
/interface bridge
add name=bridge1
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/user group
set full policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,password,web,sniff,sensitive,api,romon,dude,tikapp
/interface bridge port
add bridge=bridge1 interface=all
/system identity
set name=switch
###############################################

AP:

###############################################
# jan/02/1970 00:33:42 by RouterOS 6.46.6
# software id = DMY8-8RI7
#
# model = RBwAPG-5HacT2HnD
/interface bridge
add name=bridge1
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
add authentication-types=wpa-psk,wpa2-psk eap-methods="" management-protection=allowed mode=dynamic-keys name=My-WLAN \
    supplicant-identity="" wpa-pre-shared-key=testingaa11 wpa2-pre-shared-key=testingaa11
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-onlyn country=austria installation=indoor mode=ap-bridge security-profile=My-WLAN ssid=\
    My-WLAN-2.4GHz wireless-protocol=802.11 wmm-support=enabled wps-mode=disabled
set [ find default-name=wlan2 ] band=5ghz-n/ac channel-width=20/40/80mhz-eCee country=austria disabled=no frequency=5520 installation=\
    indoor mode=ap-bridge security-profile=My-WLAN ssid=My-WLAN-5GHz wireless-protocol=802.11 wmm-support=enabled wps-mode=disabled
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/user group
set full policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,password,web,sniff,sensitive,api,romon,dude,tikapp
/interface bridge port
add bridge=bridge1 interface=wlan1
add bridge=bridge1 interface=wlan2
add bridge=bridge1 interface=ether1
/system identity
set name=accesspoint
###############################################

2,4 GHz performance measured with iperf3

Connecting to host 10.11.12.106, port 5201
[ 5] local 10.11.12.204 port 8116 connected to 10.11.12.106 port 5201
[ ID] Interval Transfer Bitrate
[ 5] 0.00-1.01 sec 1.62 MBytes 13.5 Mbits/sec
[ 5] 1.01-2.00 sec 5.50 MBytes 46.5 Mbits/sec
[ 5] 2.00-3.00 sec 4.62 MBytes 38.8 Mbits/sec
[ 5] 3.00-4.00 sec 4.75 MBytes 39.8 Mbits/sec
[ 5] 4.00-5.00 sec 4.50 MBytes 37.7 Mbits/sec
[ 5] 5.00-6.00 sec 4.88 MBytes 40.9 Mbits/sec
[ 5] 6.00-7.00 sec 1.75 MBytes 14.7 Mbits/sec
[ 5] 7.00-8.00 sec 3.62 MBytes 30.4 Mbits/sec
[ 5] 8.00-9.00 sec 5.62 MBytes 47.2 Mbits/sec
[ 5] 9.00-10.00 sec 5.75 MBytes 48.2 Mbits/sec

[ ID] Interval Transfer Bitrate
[ 5] 0.00-10.00 sec 42.6 MBytes 35.8 Mbits/sec sender
[ 5] 0.00-10.04 sec 40.9 MBytes 34.2 Mbits/sec receiver

iperf Done.

5 GHz performance measured with iperf3

Connecting to host 10.11.12.106, port 5201
[ 5] local 10.11.12.204 port 8989 connected to 10.11.12.106 port 5201
[ ID] Interval Transfer Bitrate
[ 5] 0.00-1.00 sec 31.5 MBytes 264 Mbits/sec
[ 5] 1.00-2.00 sec 38.9 MBytes 326 Mbits/sec
[ 5] 2.00-3.00 sec 40.8 MBytes 342 Mbits/sec
[ 5] 3.00-4.00 sec 36.8 MBytes 308 Mbits/sec
[ 5] 4.00-5.00 sec 37.8 MBytes 317 Mbits/sec
[ 5] 5.00-6.00 sec 42.4 MBytes 355 Mbits/sec
[ 5] 6.00-7.00 sec 41.9 MBytes 351 Mbits/sec
[ 5] 7.00-8.00 sec 35.4 MBytes 297 Mbits/sec
[ 5] 8.00-9.00 sec 32.2 MBytes 271 Mbits/sec
[ 5] 9.00-10.00 sec 36.8 MBytes 308 Mbits/sec

[ ID] Interval Transfer Bitrate
[ 5] 0.00-10.00 sec 374 MBytes 314 Mbits/sec sender
[ 5] 0.00-10.12 sec 373 MBytes 309 Mbits/sec receiver

iperf Done.

Configuration B: Access Point is CAPSMAN Client 2,4 GHz and 5 GHz
Switch:

###############################################
# jan/02/1970 01:16:30 by RouterOS 6.46.6
# software id = XM14-GTID
#
# model = CRS112-8G-4S
/interface bridge
add name=bridge1
/caps-man configuration
add country=austria datapath.bridge=bridge1 datapath.local-forwarding=no installation=indoor mode=ap name=My-WLAN-2.4GHz \
    security.authentication-types=wpa2-psk security.encryption=aes-ccm security.passphrase=testingaa11 ssid=My-WLAN-2.4GHz
add country=austria datapath.bridge=bridge1 installation=indoor mode=ap name=My-WLAN-5GHz security.authentication-types=wpa2-psk \
    security.encryption=aes-ccm security.passphrase=testingaa11 ssid=My-WLAN-5GHz
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/user group
set full policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,password,web,sniff,sensitive,api,romon,dude,tikapp
/caps-man manager
set enabled=yes
/caps-man provisioning
add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=My-WLAN-2.4GHz
add action=create-dynamic-enabled hw-supported-modes=an master-configuration=My-WLAN-5GHz
/interface bridge port
add bridge=bridge1 interface=ether1
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=ether5
add bridge=bridge1 interface=ether6
add bridge=bridge1 interface=ether7
add bridge=bridge1 interface=ether8
/system identity
set name=switch
###############################################

AP:

###############################################

###############################################

2,4 GHz performance measured with iperf3

Connecting to host 10.11.12.106, port 5201
[ 5] local 10.11.12.204 port 11715 connected to 10.11.12.106 port 5201
[ ID] Interval Transfer Bitrate
[ 5] 0.00-1.00 sec 1.12 MBytes 9.43 Mbits/sec
[ 5] 1.00-2.00 sec 128 KBytes 1.05 Mbits/sec
[ 5] 2.00-3.00 sec 512 KBytes 4.19 Mbits/sec
[ 5] 3.00-4.00 sec 1.00 MBytes 8.39 Mbits/sec
[ 5] 4.00-5.00 sec 896 KBytes 7.34 Mbits/sec
[ 5] 5.00-6.00 sec 768 KBytes 6.30 Mbits/sec
[ 5] 6.00-7.00 sec 1.25 MBytes 10.5 Mbits/sec
[ 5] 7.00-8.00 sec 1.12 MBytes 9.44 Mbits/sec
[ 5] 8.00-9.00 sec 1.50 MBytes 12.6 Mbits/sec
[ 5] 9.00-10.00 sec 512 KBytes 4.19 Mbits/sec

[ ID] Interval Transfer Bitrate
[ 5] 0.00-10.00 sec 8.75 MBytes 7.34 Mbits/sec sender
[ 5] 0.00-10.07 sec 8.63 MBytes 7.19 Mbits/sec receiver

iperf Done.

5 GHz performance measured with iperf3

Connecting to host 10.11.12.106, port 5201
[ 5] local 10.11.12.204 port 12342 connected to 10.11.12.106 port 5201
[ ID] Interval Transfer Bitrate
[ 5] 0.00-1.00 sec 6.62 MBytes 55.5 Mbits/sec
[ 5] 1.00-2.00 sec 8.12 MBytes 68.1 Mbits/sec
[ 5] 2.00-3.00 sec 7.62 MBytes 64.0 Mbits/sec
[ 5] 3.00-4.00 sec 7.88 MBytes 66.1 Mbits/sec
[ 5] 4.00-5.00 sec 7.75 MBytes 65.0 Mbits/sec
[ 5] 5.00-6.00 sec 6.50 MBytes 54.5 Mbits/sec
[ 5] 6.00-7.00 sec 7.38 MBytes 61.9 Mbits/sec
[ 5] 7.00-8.00 sec 7.88 MBytes 66.1 Mbits/sec
[ 5] 8.00-9.00 sec 8.00 MBytes 67.1 Mbits/sec
[ 5] 9.00-10.00 sec 7.38 MBytes 61.9 Mbits/sec

[ ID] Interval Transfer Bitrate
[ 5] 0.00-10.00 sec 75.1 MBytes 63.0 Mbits/sec sender
[ 5] 0.00-10.01 sec 74.7 MBytes 62.6 Mbits/sec receiver

iperf Done.

EDIT: Update for “local forwarding” in CAPsMAN

###############################################
# jan/02/1970 02:28:27 by RouterOS 6.46.6
# software id = XM14-GTID
#
# model = CRS112-8G-4S
# serial number = 94D90B12AE04
/caps-man configuration
add channel.control-channel-width=20mhz channel.extension-channel=disabled country=austria datapath.local-forwarding=yes installation=indoor mode=\
    ap name=My-WLAN-2.4GHz security.authentication-types=wpa2-psk security.encryption=aes-ccm security.passphrase=testingaa11 ssid=My-WLAN-2.4GHz
add country=austria datapath.local-forwarding=yes installation=indoor mode=ap name=My-WLAN-5GHz \
    security.authentication-types=wpa2-psk security.encryption=aes-ccm security.passphrase=testingaa11 ssid=My-WLAN-5GHz
/interface bridge
add name=bridge1
/caps-man interface
add disabled=no l2mtu=1600 mac-address=C4:AD:34:8E:F4:81 master-interface=none name=cap5 radio-mac=C4:AD:34:8E:F4:81 radio-name=C4AD348EF481
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/caps-man manager
set enabled=yes
/caps-man provisioning
add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=My-WLAN-2.4GHz
add action=create-dynamic-enabled disabled=yes hw-supported-modes=an master-configuration=My-WLAN-5GHz
/interface bridge port
add bridge=bridge1 interface=ether1
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=ether5
add bridge=bridge1 interface=ether6
add bridge=bridge1 interface=ether7
add bridge=bridge1 interface=ether8
/system identity
set name=switch
###############################################

2,4 GHz performance measured with iperf3

Connecting to host 10.11.12.106, port 5201
[ 5] local 10.11.12.204 port 9256 connected to 10.11.12.106 port 5201
[ ID] Interval Transfer Bitrate
[ 5] 0.00-1.00 sec 2.50 MBytes 21.0 Mbits/sec
[ 5] 1.00-2.00 sec 2.00 MBytes 16.8 Mbits/sec
[ 5] 2.00-3.00 sec 640 KBytes 5.24 Mbits/sec
[ 5] 3.00-4.00 sec 3.75 MBytes 31.5 Mbits/sec
[ 5] 4.00-5.00 sec 3.50 MBytes 29.4 Mbits/sec
[ 5] 5.00-6.00 sec 2.62 MBytes 22.0 Mbits/sec
[ 5] 6.00-7.00 sec 2.12 MBytes 17.8 Mbits/sec
[ 5] 7.00-8.00 sec 3.38 MBytes 28.3 Mbits/sec
[ 5] 8.00-9.00 sec 3.00 MBytes 25.2 Mbits/sec
[ 5] 9.00-10.00 sec 2.75 MBytes 23.1 Mbits/sec

[ ID] Interval Transfer Bitrate
[ 5] 0.00-10.00 sec 26.2 MBytes 22.0 Mbits/sec sender
[ 5] 0.00-10.01 sec 26.1 MBytes 21.9 Mbits/sec receiver

iperf Done.

5 GHz performance measured with iperf3

Connecting to host 10.11.12.106, port 5201
[ 5] local 10.11.12.204 port 10612 connected to 10.11.12.106 port 5201
[ ID] Interval Transfer Bitrate
[ 5] 0.00-1.00 sec 26.0 MBytes 218 Mbits/sec
[ 5] 1.00-2.00 sec 33.1 MBytes 278 Mbits/sec
[ 5] 2.00-3.00 sec 27.8 MBytes 233 Mbits/sec
[ 5] 3.00-4.00 sec 35.1 MBytes 295 Mbits/sec
[ 5] 4.00-5.00 sec 32.9 MBytes 276 Mbits/sec
[ 5] 5.00-6.00 sec 33.9 MBytes 284 Mbits/sec
[ 5] 6.00-7.00 sec 19.9 MBytes 167 Mbits/sec
[ 5] 7.00-8.00 sec 30.0 MBytes 252 Mbits/sec
[ 5] 8.00-9.00 sec 32.6 MBytes 274 Mbits/sec
[ 5] 9.00-10.00 sec 32.5 MBytes 273 Mbits/sec

[ ID] Interval Transfer Bitrate
[ 5] 0.00-10.00 sec 304 MBytes 255 Mbits/sec sender
[ 5] 0.00-10.01 sec 302 MBytes 253 Mbits/sec receiver

iperf Done.

whatever · May 17, 2020, 12:23pm

The CPU of your switch is too slow for capsman tunnel traffic. Try to enable local forwarding in datapath.

gotsprings · May 17, 2020, 12:52pm

Local forwarding will improve performance. However the radios themselves are “performance limited” compared to other manufactures.

karelkrobath · May 17, 2020, 3:53pm

I have updated the first post with the local forwarding config…

If the AP is doing all the traffic related work, why is there still such a significant drop in performance?

heidarren · May 17, 2020, 4:33pm

No idea why, but why do you need CAPsMAN? How many CAPs you need to manage?

karelkrobath · May 17, 2020, 5:16pm

I noticed this issue in a clients network.
There are 50 APs.

heidarren · May 17, 2020, 6:27pm

The only way I can reproduce the same speed drop in ap bridge mode is set AMSDU to 2048, which is far lower than standard, not sure if CAPsMAN is using this value as default.