Wireless features

Hi,

I’m currently evaluating Mikrotik for deployment in
our city-wide wireless network. We’re currently using
Nomadix systems, so I’m especially comparing Mikrotik
to some of the features we’re using now with Nomadix.

\

1. Hotspot-Gateway / Walled-Garden

I gather from the manual that Mikrotik can do this, however, I am not
sure about some details.

1a) With Nomadix we can limit the per-subscriber
bandwidth (up- and downstream) by special radius reply values,
so we can offer different speeds depending on
subscriber login / type of contract. Can Mikrotik do this?

1b) Nomadix has implemented some rather wicked proxy-arp functionality
which allows wireless clients to work with arbitrary fixed IP and
gateway settings on the clients, without the need to use DHCP. This
is implemented by the Nomadix box proxy-arping for and thereby
claiming to be whatever gateway IP address the client seems to
want to see. I find this ill-conceived from a network engineers point
of view, however, our management and marketing people like it.
So… can Mikrotik do it?


2) Access Point functionality

The Mikrotik manual describes “virtual AP” (VAP). This sounds
very interesting. Does that mean that an interface that is created
by / bound to a VAP can be used just like an independent physical
WLAN interface regarding DHCP, firewalls, traffic-shaping etc?
Can I run a different DHCP pool on every VAP, and treat traffic
coming from clients associated to a particular VAP differently in
firewall and QoS rules, for example?

Also, from the VAP config example given in
http://www.mikrotik.com/docs/ros/2.8/interface/wireless
I see that the VAP inherits the MAC address from the physical
wireless interface card. I believe this can bring up some issues
with some WLAN clients seeing multiple SSID coming from one MAC,
some clients can’t handle this. So will there be an option to
“virtualize” a MAC per VAP on the access-point side?


3) Radius

Are there any Mikrotik vendor attributes for radius? If so, where
may I get a definition of them so that I can add them to my dictionary?


Thanks,

-Tom

before i say anything … have you seen this place? http://www.mikrotik.com/docs/ros/2.8/ please take a look, a lot of questions will be answered there.

As Normunds wrote, the manual is quite extensive here… But to give you a head start…

1a) With Nomadix we can limit the per-subscriber
bandwidth (up- and downstream) by special radius reply values,
so we can offer different speeds depending on
subscriber login / type of contract. Can Mikrotik do this?

Yes.

1b) Nomadix has implemented some rather wicked proxy-arp functionality
(…) So… can Mikrotik do it?

Yes.

The Mikrotik manual describes “virtual AP” (VAP). This sounds
very interesting. Does that mean that an interface that is created
by / bound to a VAP can be used just like an independent physical
WLAN interface regarding DHCP, firewalls, traffic-shaping etc?
Can I run a different DHCP pool on every VAP, and treat traffic
coming from clients associated to a particular VAP differently in
firewall and QoS rules, for example?

Yes.

Also, from the VAP config example given in
http://www.mikrotik.com/docs/ros/2.8/interface/wireless
I see that the VAP inherits the MAC address from the physical
wireless interface card. I believe this can bring up some issues
with some WLAN clients seeing multiple SSID coming from one MAC,
some clients can’t handle this. So will there be an option to
“virtualize” a MAC per VAP on the access-point side?

This question was already asked here:http://forum.mikrotik.com//viewtopic.php?t=1448&highlight=virtual+change+mac. There was no answer until now, but you can change the MAC of a virtual AP in version 2.9 - just checked it…

Are there any Mikrotik vendor attributes for radius? If so, where
may I get a definition of them so that I can add them to my dictionary?

Yes. See the docs: http://www.mikrotik.com/docs/ros/2.8/guide/aaa#13.4.16

PS: In which country are you located?

Thanks, appreciated.

Excellent.

Germany (Ruhrgebiet)


Thanks,

-Tom

Wanna drop me a mail? (info at cmit.de)