We are preparing to attempt to roll out a wireless system using 100% Mikrotik client gear. We are still in the early planning stages and hope to be able to take advantage of the upcoming RouterBoard Crossover client device.
Anyways, I wanted to get a feel for what people were using out there for client setups where RouterOS runs on the client. Are you just bridging your clients ethernet ports onto your network? How’s that working out? Perhaps a sort of PPPoE setup?? What sorts of problems have you encountered? What about Nstreme??
taylorc -
That’s a pretty open question…there are as least as many answers as there options for equipment…
I use MT predominently, though we do have a chunk of another supplier for 2.4ghz. They were more cost effective and cheaper at the time. Now MT products are pretty much in line with our price break point so most everything we are doing today is MT based.
I believe that almost without exception those that are successful at the WISP game are using routed networks. There are probably a few still using bridged type networks but not many. Most of us NAT at the CPE (customer premises equipment) - helps with security of your clients. I use 192.168.5.0/24 dhcp’d on the client side ethernet, then NAT this to the WLAN IP address as it goes to the AP (Access Point). This gives the client an easy way to setup new stuff without calling me or having our folks come to set up their new computer…
There are some that to use PPoE and / or radius servers etc. I just use straight MAC authentication, encryption, hidden ssid and a few other things. This is probably more of an operators choice than a ‘fact’ based opinion…PPoE / radius / MAC athertication etc - more aimed at your comfort level with particulars…
Meshing or at least mesh-like protocol is coming to MT (No not WDS - they already have that) something a bit more robust and yet simpler in the big scheme of things. So look for that to come to fruition soon on ROS 3.0X final release. It’s call MML.
Nstreme only REALLY works if you have a system with some loading on it…if it doesn’t carry at least a 5% load then you are wasting your time using it. If you carry high loads, then Nstreme is your game… There is also interface bonding and nstreme dual just to mix things up a little. I use all of them as well as the standard AP - Station modes, depends on what I need where etc…
Ok - this is just my two cents worth - take it for what it’s worth…
First, Route between all towers, and build redundant links. if 4 towers can be linked in a loop, do it, you never know when a upstream problem can occur (power, weather, hardware failure, software failure, etc), use OSPF between towers and it will self heal around a failed tower/backhaul, usually before you or a customer ever knew it was down.
Second, Monitor EVERY device on a tower (note, that doesn’t include CPEs, but you can monitor them if you want), and track every bit of history you can. Espicially signal strengths (including CPE signals at the tower, incredibly usefull for troubleshooting when a customer calls in saying they are down). Also monitor interface states (wlan/ether is running or not, usefull in quick diagnosing/alerting of problems. We use What’s Up Professional, a little costly, but does a wonderfull job. The dude is ok, but a little lacking before I’d feel comfortable using it as my primary monitoring system.
Third, config: CPE: mikrotik 112 or 133c, nstream + polling ether1 and wlan bridged, wlan1 in station-wds mode (for 2.9) or station psudobridge mode (v3) psudobridge has less overhead and much much faster reconnects, plus gives you client seperation that station-wds doesn’t (without complex bridge filters)
AP: mikrotik 532 or 333, nstream + polling bridged from wlan1 to vlan1, mounted up on tower, plugged into switch at base of tower - also configure default ap and client tx rates, prevents cpe from trying to flood ap
Base of Tower, x86 PC: ether1 connected switch, ether2-etherN connected to backhaul(s), vlan tied to ether1 matching vlan id of AP (use different vlan for each AP) and PPPoE Server running on vlan interface. PPPoE authenticated via radius. use radius to define rate limit value for customers based on purchased package, when they authenticate mikrotik automatically created a dynamic queue for then with all bandwidth shaping values defined per the radius policy
Advantages:
NStream+polling eliminates 100% of hidden node issues, improves overall throughput, plus client A is minimally effected by load from client B on same radio, that goes for upload and download traffic (yes, that means you can allow your customers to use P2P without it killing your network). experiment with framing policy, may or may not benifit
PPPoE assigns IPs as a /32 so no wasted IPs, easy to dynamically assign public IPs to a customer (use ospf between towers, set redistribute connected as type 1 to insert pppoe addresses into routing table).
radius/pppoe allows central control of all user accounts and bandwidth packages (and makes equipment in the field standard config, no user account information ever stored on it, hardware failure/replacment is simple) Stores account information including who had what IP when, usefull when you get a court order asking for information on who on 4-13-07, 1.2.3.4 was… review logs and there it is. (note, in the USA as well as England I have heard, but not confirmed, it is required by law to track and record what IP a user has.)
Since I cant send a private message, I was wondering if you could contact me off line ForePoint, regarding some wireless tower routing questions I think you can answer?