I’m struggling with a new mAP Lite (RBmAPL-2nD) problem.
Once I connect the AP to the LAN, the wireless response time increases from 1-2 ms to 200 ms - 1000 ms.
An unstable network follows. It doesn’t matter the distance from the AP.
I want to use it as portable AP. (Diffretent places, different networks)
Could you please check attached settings, where could by the problem.
DHCP client can not run on slave or passthrough interface!
add interface=ether1
because ether1 is a slave interface to the bridge, you should disable the dhcp client (and/or change the interface to bridge1, if the dhcp client is actually needed/wanted).
Everywhere else I connect, mAP Lite behaves correctly (2 ms to 4 ms). But in one particular network, the previously described behavior is occurring.
This is on a foreign network whose network elements I do not have access to.
I work as a PLC developer, I want to replace my 10 m Ethernet cable with this AP. Usually I connect to a device that I bring myself, commission
and plug into an already existing network always without internet.
Do you have any idea how to set up the AP so that these conflicts will not happen?
The ideal idea was that the AP itself would detect the network IP range I connect to and set up a DHCP server accordingly, which would assign a free IP address to my computer.
Networks usually using static IP addresses.
Maybe the place has rogue AP neutralization equipment. Ruckus allows one to attack rogue APs by sending deauth packets to their clients.
Maybe the other network is using the same segment as yours and you have an IP conflict somewhere.
Maybe there is a lot of broadcast on that network (broadcast and multicast traffic is transmitted at a very low speed by access points) slowing down your connection considerably and you can check this with wireshark.
Also it looks like you are adding a rogue DHCP server to your customer’s network when you connect your mAP. Disable DHCP on the mAP and set everything manually on the client. In your config you bridged wlan1 and ether1 so theoretically your mAP does not even need an IP. To control it you can use Winbox and it will use its mac address instead of the IP. Winbox will also auto-discover the mAP thanks to the CDP protocol.
Yes, in the current config everything seems L2 bridging, so no ip address should be needed for the map.
Essentially it is a dumb switch with two ports, one wired and one wireless, but can the wireless get connection with the laptop with the wi-fi interface without an IP and without assigning one to the laptop?
On the complete opposite: Only thinking aloud, but maybe it is the whole bridge approach that can be changed, and you could try using the map as a router between a “private” LAN (that you access through the wi-fi interface) and the local wired LAN (that will be seen by the map as WAN).
So, no bridge, wi-fi as LAN and ether1 as WAN.
You can have your laptop with enabled DHCP and it will get an IP address from the map dhcp server, this way you will be able to access the map.
But then how would you determine what happens on the WAN side?
Setting ether1 as gateway and a masquerade nat rule should be static and need not any change, but it has to be seen.
Then maybe an ip scan on the ether1 interface: https://help.mikrotik.com/docs/display/ROS/IP+Scan
or - more likely - an ip neighbor discovery: https://help.mikrotik.com/docs/display/ROS/Neighbor+discovery
could provide info on the IP’s the local wired network is using.
Then a script would be needed to assign the “right” ip address to ether1, and then re-assign/renew the DHCP lease so that the laptop gets the correct gateway.
Much more complex and with no guarantee whatever that it can work, if the bridge approach can work (possibly without ip assigned and dhcp running) it is much better.
Yes. WiFi works mostly at L1 and L2. The only time it processes L3 is if you use IGMP snooping, and even then I’m not sure if it’s done by the interface or the CPU.
He said his customers don’t have DHCP servers so he’ll need to configure the WAN manually. May as well just configure the client. Since an interface can have multiple IP addresses, one could just assign all the addresses of all the customers to the WiFi client interface and it’ll work everywhere. For example, if a customer uses 192.168.0.0/24 and another uses 192.168.1.0/24, he could assign 192.168.0.254/24 and 192.168.1.254/24 to the same interface, and then when he tries to reach a computer when connected to either subnet, it’ll work.
Also, if he sets it as a router, he won’t be able to access L2-only devices/services on the WAN side and won’t be able to auto-discover many devices. The mAP will have to do routing and masquerading, re-writing every packet using CPU which is limited which will limit his throughput and add latency. Multicast will probably break. Many things break if you change source IP address. He’d need networking knowledge to understand routing and masquerading. This guy is a PLC developer. Probably doesn’t even know what L2 means or how a switch works, let alone a router, NAT, PAT, etc.
TL;DR On the mAP, remove all IP addresses and disable DHCP. On the client’s wifi interface, configure all IP addresses that you’ll ever need. See this for doing that : https://academy.showcockpit.com/tutorials/networking/multiple-ip-addresses-on-a-nic
Since there is no internet, leave gateway empty. All you need to set are IP address and subnet mask sets. Probably 255.255.255.0 subnet mask for all networks as it’s easy to work with and doesn’t require subnetting knowledge.
Also, enable “multicast enhance” which basically transform broadcast and multicast into unicast, so the AP will transmit them at the maximum possible speed, and not at the minimum possible speed. An alternative is to disable lower WiFi rates to increase non-unicast speed.
If problem still persists, try changing IP address a few times as there may be conflicts. If there are critical devices and taking them offline may result in disaster, check this guide : Checking if an IP is free, without having an IP address [MS Windows] - Useful user articles - MikroTik community forum
There are commercial and freeware tools for Windows (a few also 10/11 compatible) that allow to change among different network profiles (i.e. also IP address and netmask).
Adding many IP addresses is a nice idea , but there is a risk of possible collisions, two customers with the same network 192.168.1.0/24, on the first you can use 192.168.1.254, on the second 192.168.1.254 is already taken by another device and creates a conflict.
Rare case, but possible in theory, in practice choosing an ip address unused on both network should be feasible.
Yes, I just added a guide on how to check for an IP address without having one to begin with : Checking if an IP is free, without having an IP address [MS Windows]
If you take an IP address, I think the network administrator should be notified. If there is no such person, a sticker should be put somewhere to inform people that you use that IP and to not assign it to other stuff ever.
Nice guide.
Still, it should be possible to use Mikrotik’s own ip scan or neighbor discovery (or some other command) to obtain the same result, the tricky part (though I believe possible) would be to automate it with a script
There are as well commercial and freeware tools for ip scanning, only as an example angryipscanner should run on windows, linux and mac.
This is so infuriating. There’s no way you configured both the same and obtained different results.
Yes, you got plenty of advice. Read past posts, stop wasting our time. Did you come here to shit on mikrotik or something? You are not following the advice given and you are spewing blatant lies.
Not really, I never tested with an APIPA address set in windows, but from a Windows with set IP to (say) 10.1.1.12 I can tell the program to scan (still say) 192.168.1.1-192.168.1.254 or any other range, of course the smaller the range the faster the program works, the program I normally use (but on a much older Windows version) is Netscan (SoftPerfect Network Scanner) in a now obsolete version from the time when it was freeware (BTW besides making it trial/commercial the good guys at Softperfect added little by little so many options/features/complications that it has now become - IMHO - an almost unusable bloatware, probably useful for some advanced use but overkill for just checking the used IP’s on a network).
:
, but there is a risk of possible collisions, two customers with the same network 192.168.1.0/24, on the first you can use 192.168.1.254, on the second 192.168.1.254 is already taken by another device and creates a conflict.