Yesterday I started to configure my new wapAC and I reached a configuration which is doing what I want,
but any WLAN connection is quite slow. It is approximately 20 MBps in the 5GHZ band.
Each wired device always shows up nearly the full ISP connection rate 100 Mbit up/ 50 MBits down.
If I change my access point against a wired device it shows at any VLAN 100 MBits Up / 50 Bits down.
So I assume the router port is configured correctly.
I need some help to analyze this WLAn issue because I plan to install further access points.
Thank you very much in advance
The network structure looks like
ISP---Draytek Modem------ RB4011iGS+ ----Switch Mikrotik
-----Switch Netgear
-----Switch Netgear
-----wapAC ( only using vlan 10 and 20 )
Each trunk between router and switches/access points is identical: untagged PVID 1, Tagged vlan 10,20,60,111.
Each network device ( router, switch, access point .. ) should have an ip inside 192.168.1.0/24.
All ip services should be provided by the router ( DHCP,DNS,FW,... )
(1) Remove this, as there is no WAN or LAN
/ip dhcp-client
add disabled=no interface=vlan-bridge
(2) Ensure there is a route to the gateway of the trusted subnet add dst=0.0.0.0/0 gwy=192.168.1.1
(3) Add interface=Manage
add trusted vlan to the interface as a Vlan member
add interface Manage to neighbour discovery
add interface Manage to tools winmac server interface list entry.
(4) The wapac is missing an IP address??
(5) If neither vlan10 or vlan20 is the trusted vlan, in other words they are not described by the subnet of 192.168.1.0/24,
then you need to add the trusted vlan to the trunk traffic, and too the settings above.
THE trusted VLAN should be TAGGED to the bridge and ether1, for that particular vlan-id.
but any WLAN connection is quite slow. It is approximately 20 MBps in the 5GHZ band.
I don’t see much setting for the WLAN interfaces. So most is default setting. Not very good in many cases.
Parameters to set:
1: Regulatory domain mode, with country Germany. Out of the box I assume it is “no country set”. Those FCC frequencies are not the freq used by client devices set for Germany. This is set and OK for WLAN2.
2: Wifi Channels to be used. In a lonely and idle environment the defaults wil be OK. [ For 5GHz: 802.11a/g/n/ac , 20MHz XXXX (=80 MHz bandwidth!)]. This is OK if all is open and free. However one should check te RF environment for WLAN1 and WLAN2 (e.g. use “Snooper” to see the wifi environment. Avoid to select already used wifi channels. It may be necessary to reduce the bandwidth (like 20MHzCe or 20MHzeC), and do select the best channel frequency.
Values to check:
3. Check the registration In the registration table under wireless interface one can see the connection state and quality. Important things to notice are SIgnal strength, signal to noise, and CCQ (should be high like 97%, but passing a wall will make it 65%). Those numbers will allow the max interface rate, written as 866Mbps-80MHz/2S/SGI, the best case possible, giving ± 360Mbps user throughput. User data is around 1/2 of the interface rate for 1 direction, and 1/4 if bidirectional communication is used.
If the max WLAN speed is 20 Mbps, a 40Mbps–xxMHz/xS interface rate could be causing that. That would be a very poor connection (-86dBm signal?)
There are other reasons for only getting 20Mbps on a much higher interface rate: other channel destructive interference, co-channel waiting, wifi channel busy, …
It’s bizar. Some do show a weakenend signal, some don’t. I have been monitoring some 50 BYOD smartphones and tablets for months at night. A minority (3-4) goes very deep every ten seconds, even generating annoying disconnects because they go below the access list set threshold. Others don’t show any change in the registration, except that their “last activity” timer runs up to about 20 sec, then resets. That’s even why I extended the “allow signal out of range” in the access list to 30 sec, to avoid disconnects. (http://forum.mikrotik.com/t/battery-life-for-ios-devices-with-wap-ac/153003/1)
It’s BYOD, so I don’t know exactly what device does what, but most are iPhones.
vlan1 is a default vlan that should not be used to carry data IMHO.
So modify the subnet you think is described by vlan 1 and assign it to vlan50 for example not vlanid=1.
As for the wapac, just reviewing the config,
I do not not see the identification of the vlans which includes indicating their parent interface aka the bridge…
we should have seen five vlans identified
vlan1
vlan10
vlan20
vlan111
vlan60
Well than I have to change my central router and the switches to a new vlan=50.
I am a little bit afraid to “kill” the router. Please let me have a look first.
All five VLAN are defined at the router:
vlan1
vlan10
vlan20
vlan111
vlan60
All of them are working and managed through DHCP.
The wapAC is setup for testing with only 3 VLAN. Vlan1,Vlan10 and VLAN 20
My setup:
define separate WLAN ( xGAST and xHypnose) with no VLAN
Create Bridge
Add ether1 PVID=1 (Trunk)
Add xGast with PVID=10
Add xHypnose with PVID=20
setup bridge vlan
enable vlan-filtering
So no explicitly defined VLAN Interfaces, PVID and Bridge should do the work
Maybe this is not correct or processing is too slow ?
Meanwhile I followed the hint of @bpwl to check my channel parameters.
I changed channel width to 20/40/80MHz XXX. ( Not seen below, because export file was done before )
!! WLAN performance much better !! Full speed to ISP 100 MBit/s up and 50 MBit down from macbook pro / iPad pro and iPhone.
I hope I understood your request regarding vlans. I put my configuration away and changed configuration to:
Good, you identified the vlans on the wapac and the wifi item noted by bpwl, and it looks like you are up and running as desired.
Dont change something thats working!