MAP / CAPSMAN SETUP

RouterOS Wireless Networking
1

Hi Everyone,

I need some assistance please with a Capsman setup.

My setup
Mikrotik Router with Capsman
Ethernet #3 to Switch (Local Network)
Ethernet #5 to Fiber (Public)

I have 13 MAP’s controlled by Capsman
Each has its own Bridge
Each has its own DHCP server i.e
Bridge 1 - 10.10.1.1-10.10.1.199 - DNS 8.8.8.8 - Gateway 10.10.1.254
Bridge 2 - 10.10.2.1-10.10.2.199 - DNS 8.8.8.8 - Gateway 10.10.2.254
and so on.

With this I was able to set up mangle rules to mark each bridge and a Queue tree to enable QOS via PCQ on each bridge.
This works perfectly and exactly as I intended.
The DHCP is set up on the capsman and hands out addresses to each device connecting to a MAP through the wireless Interface
Untitled.jpg
The problem that I have is with the MAP

1. If multiple devices are connected to the same MAP they cannot see each other or ping each other, would enabling Client to Client Forwarding solve this? And if so would that only allow the devices connected to that MAP (i.e Bridge) to see each other, in other words Bridge 1 and bridge 2 would still not be able to communicate?

2. I would like the DHCP to extend to the second Ethernet interface on the MAP, i.e if I connect a Desktop or soothing the Ethernet #2 that it is also allocated an address via the Capsman DHCP and works as if it was connected wireless.

Any Advice.

Regards

2

I am sorry if I made a mistake.

1, as long as the connection parameter client-to-client-forwarding is enabled in capsman 's access-list, clients connected to the same MAP should be able to communicate with each other.

https://wiki.mikrotik.com/wiki/Manual:CAPsMAN#Access_List

  1. I think that you can satisfy your request by having MAP’s Wireless interface and Ethernet interface belong to the same bridge.
3

Thank you,

Point 1 seems to work. Have you ever found a situation where you have connection issues after turning on client to client forwarding? In other words, I am connected to the WiFi but have trouble doing a speed test, often just the upload test part?

I will doe point 2 and revert back.

Thank You

4

Even in my environment, I have enabled “client-to-client-forwarding” in access-list and measured it, but problems such as extremely slow has not occurred.

Another parameter can be set.
Since datapath also has the setting “client-to-client-forwarding”, enabling this may not cause problems.

/caps-man datapath
https://wiki.mikrotik.com/wiki/Manual:CAPsMAN#Datapath_Configuration

client-to-client-forwarding – controls if client-to-client forwarding between wireless clients connected to interface should be allowed, in local forwarding mode this function is performed by CAP, otherwise it is performed by CAPsMAN.

5

Thank you for the feedback.

Adding Ethernet 2 and Wlan1 to a bridge does not solve the problem.

Capsman is managing wlan1 and provides DHCP address to each client connecting to the WIFI but does not provide any DHCP to Ethernet 2.

6

For the time being we can consider about the following two points.

  1. Configure the VLAN and decide whether to deliver the DHCP by a logical route.

  2. Set filter for payout from DHCP to bridge interface.
    Ex)

/interface bridge filter> add action=drop dst-port=67,68 src-port=67,68 in-bridge=bridge1

However, if “client-to-client forwarding” does not work as described, it is better to contact MT support.

7

did u manage to resolve your second question?

i am trying to achieve the same thing with hap lites as caps. is it possible devices connected to ethernet interfaces of hap lite like laptop or pc, to get ip address from capsman dhcp?