Hi everybody,
I’m currently trying to implement WiFi network with Mikrotik hardware for my future project, and I have, as I think, slow wifi speeds. My lab setup is pretty simple, I’m using following devices: 1 x RB951G-2HnD clocked to 700MHz and 1 x mAP lite all updated to current ROS v6.37, Windows and Mac hosts for testing. Assume I have 100Mbit wire speed connection, all tests using iperf with -l 1500 parameter.
RB951G ethernet ports 2-5 have port 2 as their master port and port 2 connected to a bridge as bridge port. Vlan10 connected to the same bridge.
/interface ethernet
set [ find default-name=ether2 ] name=ether2-master
set [ find default-name=ether3 ] master-port=ether2-master
set [ find default-name=ether4 ] master-port=ether2-master
set [ find default-name=ether5 ] master-port=ether2-master
/interface bridge
add name=bridge
/interface bridge port
add bridge=bridge interface=ether2-master
/interface vlan
add interface=bridge name=vlan10 vlan-id=10
Vlan10 network shares 10.0.0.0/24 address space with dhcp server configured.
Non vlan network shares 192.168.88.0/24 address space with dhcp server configured.
WiFi modules are controlled via CAPsMAN on RB951G.
First test: Mac in vlan < - > Windows - almost wire speed ~ 92 Mbit/s
WiFi traffic is tagged as vlan10. CAPsMAN providing two configs for each radio, there are only two differences between them: first uses channel1 and SSID Office, second uses channel 11 and SSID Office2, so first radio acts as Office AP, second as Office2 AP.
/caps-man datapath
add bridge=bridge name=datapath1 vlan-id=10 vlan-mode=use-tag
/caps-man security
add authentication-types=wpa2-psk encryption=aes-ccm group-encryption=aes-ccm \
name=security1 passphrase=As123456
/caps-man configuration
add channel=channel1 country=no_country_set datapath=datapath1 distance=indoors \
hw-protection-mode=rts-cts mode=ap name=cfg1 rx-chains=0,1,2 security=\
security1 ssid=Office tx-chains=0,1,2
add channel=channel11 country=no_country_set datapath=datapath1 distance=indoors \
hw-protection-mode=rts-cts mode=ap name=cfg2 rx-chains=0,1,2 security=\
security1 ssid=Office2 tx-chains=0,1,2
/caps-man interface
add arp=enabled configuration=cfg1 disabled=no l2mtu=1600 mac-address=\
4C:5E:ff:ff:ff:ff master-interface=none mtu=1500 name=cap1 radio-mac=\
4C:5E:ff:ff:ff:ff
add arp=enabled configuration=cfg2 disabled=no l2mtu=1600 mac-address=\
E4:8D:ff:ff:ff:ff master-interface=none mtu=1500 name=cap2 radio-mac=\
E4:8D:ff:ff:ff:ff
/caps-man manager
set enabled=yes
/caps-man provisioning
add action=create-enabled master-configuration=cfg2 radio-mac=\
E4:8D:ff:ff:ff:ff
add action=create-dynamic-enabled master-configuration=cfg1
/interface wireless cap
set bridge=bridge caps-man-addresses=127.0.0.1 enabled=yes interfaces=wlan1
Wifi tests:
SSID Office(mAP light) one client ↔ Mac in vlan - almost ~ 70 Mbit/s 60 Mbit/s(CAPsMAN CPU 70%)
SSID Office2(RB951G) one client ↔ Mac in vlan - almost ~ 75 Mbit/s, 60 Mbit/s(CAPsMAN CPU 100%)
Firewall rules are empty.
I managed to get ~80 Mbit/s from two radios in total, so I think this is maximum speed, CPU load on RB951G is almost 80% add here 10-15 firewall rules and load will be 100%.
May be I can improve my setup somehow?