Wireless issues with a CAPsMAN and two hap ac^2 setup

asterslash · September 29, 2021, 8:48pm

Hello!

I’ve a setup consisting of two hap ac^2. One of them is a CAPsMAN controller and router and the other is a CAP + managed switch.

After some work I was able to get it all working, VLANs included (I was new to Mikrotik and mostly new to networking). But I never managed to configure wireless correctly as I have some issues, as follows:

I can’t saturate my internet connection bandwidth, while my ISP gear can (around 500Mbps), when testing with speedtest
My devices seem to be disconnecting every now and then (not sure if all but at least two of them, one macOS based and another Windows 10)
And I’m somewhat frequently hit with huge latency in applications (in games, for example)

I’ve kept most of the wireless settings default as I’m not knowledgeable enough to not make it worse but was wondering if you could help me review my configuration.

/interface wireless
# managed by CAPsMAN
# channel: 2457/20/gn(17dBm), SSID: <ssid>, CAPsMAN forwarding
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-XX distance=indoors frequency=auto installation=indoor mode=ap-bridge ssid=MikroTik wireless-protocol=802.11
# managed by CAPsMAN
# channel: 5240/20-eeeC/ac/P(20dBm), SSID: <ssid>, CAPsMAN forwarding
set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=20/40/80mhz-XXXX distance=indoors frequency=auto installation=indoor mode=ap-bridge ssid=MikroTik wireless-protocol=802.11

/caps-man configuration
add channel.band=2ghz-g/n \
    channel.control-channel-width=20mhz \
    channel.extension-channel=disabled \
    country=<country> \
    datapath.bridge=bridge \
    datapath.vlan-id=1 \
    datapath.vlan-mode=use-tag \
    installation=any \
    name=2GHz \
    security.authentication-types=wpa2-psk \
    security.encryption=aes-ccm \
    ssid=<ssid-1>
add channel.band=5ghz-a/n/ac \
    channel.control-channel-width=20mhz \
    country=<country> \
    datapath.bridge=bridge \
    datapath.vlan-id=1 \
    datapath.vlan-mode=use-tag \
    installation=any \
    name=5GHz \
    security.authentication-types=wpa2-psk \
    security.encryption=aes-ccm \
    ssid=<ssid-1>
add datapath.bridge=bridge \
    datapath.vlan-id=2 \
    datapath.vlan-mode=use-tag \
    name=<name-2> \
    security.authentication-types=wpa2-psk \
    security.encryption=aes-ccm \
    ssid=<name-2>
add datapath.bridge=bridge \
    datapath.vlan-id=3 \
    datapath.vlan-mode=use-tag \
    name=<name-3> \
    security.authentication-types=wpa2-psk \
    security.encryption=aes-ccm \
    ssid=<ssid-3>

/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk mode=dynamic-keys supplicant-identity=MikroTik

/caps-man manager
set enabled=yes

/caps-man provisioning
add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=2GHz slave-configurations=<name-2>,<name-3>
add action=create-dynamic-enabled hw-supported-modes=ac master-configuration=5GHz slave-configurations=<name-2>,<name-3>

/interface wireless cap
set bridge=bridge caps-man-addresses=127.0.0.1 enabled=yes interfaces=wlan1,wlan2

It should contain most of the relevant configurations, exporting with hide-sensitive (and I further replaces some other private details).

Would appreciate some feedback and feel free to ask for more info if necessary.

asterslash · October 7, 2021, 8:07pm

Bump.

Took a long time for this post to be approved and as a consequence it got way down the list. Just wanted to ensure some visibility.

nellson · October 8, 2021, 9:00am

Remove the wireless interfaces wlan1 and wlan 2 from the bridge under menu “bridge->ports”, capsman does the bridging for your wireless interfaces now.

asterslash · October 11, 2021, 6:34pm

Thank you for the feedback! Just did it, makes sense.

Anyone has any other ideas? Still can’t get more than 200Mbps on wireless, which doesn’t seem right at all.

gotsprings · October 12, 2021, 11:04am

Wifi ACv1 drivers.

https://en.wikipedia.org/wiki/IEEE_802.11ac-2013

Mikrotik has ACv2 in the beta / development branch for a few devices… In 2021.

DJGlooM · October 12, 2021, 5:15pm

200 mbps in wireless is good enough. Don’t trust the marketing which sells you rate speed as real speed. You can get 1 gbps rate in 3 chain 5 ghz environment, doesnt mean that you can get throughput like 100 Mb\sec. You wont get 500 mbit or even 300 mbit for sure from hap ac2. Especially if you have neighbors interference.

nellson · October 12, 2021, 5:48pm

Could you send us a screenshot the registration table with “rate sets” visible and also a screenshot of snooper from the wireless interface sorted by channel usage.

asterslash · October 12, 2021, 6:58pm

Does this mean that there’s a limitation in terms of the RouterOS sofware that won’t allow for more than kind of throughput?

I’ve switched to Mikrotik from my ISP’s gear which saturated my internet connection on wireless (~500Mbps), so it shouldn’t be interferance from neighbours (unless there’s a problem in the configuration). Also this proves that it is easily achievable. The hap ac^2 product page clearly states the max supported throughput over 5GHz is 867 Mbit/s so it should be possible, although I’m not counting at maxing it out.

Do you mean this?

Tx Rate		400Mbps-40MHz/2S/SGI
Rx Rate		360Mbps-40MHz/2S
Tx Rate Set	OFDM:6-54 BW:1x-2x SGI:1x-2x HT:0-15 VHTMCS:SS1=0-9,SS2=0-9

That’s for my test device on CAPsMAN > Registration Table.

For some reason it fails to run the snooper (says another tool’s running) but I tested the other day and I think the Access Points were using unoccupied channels, by a significant margin.

gotsprings · October 12, 2021, 7:08pm

Asterslash
It’s not going to hit 500M over wireless. Add in a few clients on the same channel, and it will get even slower.