I’m starting a WISP using RB532 with two SR5 for the AP and 20 RB112 with 65mW 5.8GHz Atheros transmitter.
And I’m not sure how I should configure my network…
At the AP, I’m using 3 ADSL lines and one full (expensive) DSL line.
My first choice was to configure my RBs as one big hub using WDS. But I keep
I hI’m starting a WISP using RB532 with two SR5 for the AP and 20 RB112 with 65mW 5.8GHz Atheros transmitter.
And I’m not sure how I should configure my network…
At the AP, I’m using 3 ADSL lines and one full (expensive) DSL line.
My first choice was to configure my RBs as one big hub using WDS. I connected my 4 modems to a switch, and the switch to RB532. So each client configured his PC to point to the gateway he desired. But IPs are assigned statically, and twice already I have missconfigured two PCs with the same address… and get random errors. (Besides, clients CAN change their addresses, and that’s a problem)
I decided later to route “by hand” every client, configuring RB532 as AP and RB112s as stations, with three different networks (DSL to eth1 on RB532; wlan to wlan; and eth1 to Client PC) But it’s really demanding to keep creating each route by hand.
If I were to use PPPoE or Hotspot, or something else…
How should I configure my network?
Can you point me to something a bit more friendly than Router OS manual?
In your opinion, which is the best alternative to use?
How should I configure each subnet…
Sorry, those are many questions… ANY help is better than nothing, so, if you can, please drop me your opinion!
I don’t mean to sound negative, but you don’t need “Wireless Networking” help. You need a network engineer who knows how to setup an ISP to help set it up for you. Maybe you should look for a person you can contract or hire who lives in your area. Good luck!
OK, maybe you can point me to a beginner’s HOWTO or book…
I can afford a few hours of advisement, but nothing more. I’m on my own, so if you can, please, point me in the right direction!
I don’t believe you understand just how big the task you’ve just taken on is going to be. I second the suggestion that you find a qualified network and systems admin to help you.
I’d normally recommend you go buy a hell of a lot of books about network design, but since you’re already in motion, it’s too late for that. Now you need to find somebody that can get your network working, and it may be harsh, but you pay them what they ask.
Starting a WISP is not just buying the hardware and turning it on. You either know what you’re doing to begin with, or you pay somebody who does, and it’s probably going to cost more if you hire them when you’re in trouble instead of when you’re still designing things.
Being a WISP is not simple or cheap, and you’re not going to learn everything you need to know by buying a MikroTik, running through the simple setup and then asking a few questions here in the forums.
Setup a good radius server, and set the Mikrotik towers to authenticate through your radius server.
Then you will have a centralized system for authentication, and your clients would be able to authenticate through any of your towers. Also, if you set up a lot of towers to cover everywhere in your area, you may end up providing a Non-Line-of-Sight service.
A good practice then would be to consider client units that accept multiple SSIDs. You can search for VOIP Wifi phone units that support multiple SSIDs and PPPoE. Then you will be providing a private Voice communication service within your area.
Remember to setup WDS on your backbones as I think it is better or even neccessary for Radius authentication, mostly for Mac authentication.
I only have 20 clients, and probably will have less than a hundred for the next two years, that’s plenty of time to learn how to use this stuff!
For the moment, I’m migrating from my actual ‘WDS city size hub’ to a ‘hard wired (static) routed’ configuration.
I’ve setup my central AP pointing to each modem for gateways, and assigned a static IP to each client, and I’m creating by hand each route to them. Each client has a DHCP server for the private network each user has.
And that’s it!
If I’m to have so few clients, why bother configuring anything else?
I mean, it works, it’s easy to setup, fail proof, and costs very little money.
The reason for doing this is that some clients change their IPs without my knowledge, and when they ‘step’ on somebody’s else address, the whole network goes down.
BUT, I asked because I’m really interested in knowing how to grow up, which technology should I choose, etc.
I know I can manage this way till I grow 50 or 100 clients, THEN, I WILL HAVE TO implement a better configuration.
RADIUS ? I’m not sure, I think I will still manage with plain PPPoE or HotSpot till I grow 200 clients or so, don’t you think?
I was hoping someone could point me to the right steps to follow. Rome wasn’t built in a day!
Thank you very much for all of your comments, I’m really learning!
We currently have around 340 customers on our networks. They all have static IP addresses (though generally this is built in to our wireless cpe units and password protected), we do not use pppoe/radius (though I do accept I may move across at some point), and have a routed network with static routing (I have not yet got to trust ospf etc!).
With Radius or PPPoE doesn’t Matter, you can specify static IPs for each client. The client shall not really have a choice. Also, with PPPoE you will have tha advantage of skipping crappy WEP or WPA encryption and rather use PPPoE encryption. In other words the data goes through the wireless media already encrypted - and compressed if you wish - without placing excessive load and bandwidth consumption on your client radios. Also, security wise, no one will be able to connect to your towers unless he has a PPPoE username and password. You can also set protection against Brute Force attack. That is what makes PPPoE more secure.
Also, with PPPoE you can manage client bandwidths better. When you set queues with static IPs, the data gets limited only when it reaches the Mikrotik, so the client can still launch excessive data loads, and they only fill up your Tower’s ram. Where as with PPPoE, the speed is set starting at the client’s PPPoE connection. The minimum transmission rate from the client on a normal setup is 1Mbps, even if you set a queue on the tower. With PPPoE, well you can make it example 1Kbps if you wish.
If you need more assistance please post, as everyone has the right to learn.
Yes I agree Radius is the way to go, I also battled for a long time to decide between IP based routing and PPPoE and PPPoE really is better. Especially considering that you can run IP Pools from a central database. If you’re going to pursue Radius your choices are learning FreeRadius (which can get quite complicated if you’re not familiar with Linux) or using the new and very cool User Manager package in MT which has Radius functionality. I’d start off by learning to use the User Manager package in MT and then maybe later graduate to FreeRadius.
pppoe encryption is more crapy than WEP… because it is using the same RC4 as WEP and the key is changed one in 256 packets (statefull) or for each packet (stateless). And even more, the statefull encryption isn’t working well when you have packet drop.
Best solution is to use IPsec
If you use our radius server software you can be up and running in minutes and I mean minutes, but you will need as least to be able to setup a hotspot and radius in the MikroTik First, that is not hard either.
See the following link, ou can download and run the program for free for 30days.
Each AP Hotspot can be is a gateway device in the software so your user can roam to any AP. You can add as many devices as you like.
Is there a problem leaving WEP on, just to block random users with mobile devices to connect to WiFi? (I know that every protection is brakeable, but still…) And, also, if WiFi access is left with no enc. should it have NO dhcp server on it??
for a begginer, at least its easier for me, though Im not running ISP services 