Community discussions

MikroTik App
  4. RouterOS
  5. Beginner Basics

Wifi performance issues with TV, VOIP, Remote Desktop

Post Reply
 
timurka
just joined
Topic Author
Posts: 2
Joined: Fri Apr 05, 2019 11:12 pm

Wifi performance issues with TV, VOIP, Remote Desktop

Wed Jun 10, 2020 12:16 am

Hello,

I was wondering if you can help me identify any obvious issues with my configuration (see the copy of the config file below). I'm using RB760iGS as my router and 2 Cap AC connected to it via lan, one on each floor. My initial idea was to have a single SSID for both bands and let devices decide what to use. I've noticed that my TV wouldn't stream 1080p/4k content and just starts to constantly buffer.
VOIP calls from my laptop (WebEx) or phone (Viber) would come out choppy. I would also experience slowness in remote desktop application, and my corporate vpn would often disconnect.
Ping test from a laptop showed 0.7% loss to 1.1.1.1 (over 2hrs of running it) and no loss to my router.

I then added a dedicated SSID for 5ghz only to test my laptop connection. VPN stopped disconnecting, but I didn't see any improvement in VOIP or remote desktop apps.

Below is my configuration.
Thank you.
Code: Select all
# jun/09/2020 11:42:37 by RouterOS 6.47
# software id = ZWB7-TAK4
#
# model = RB760iGS
# serial number = 
/caps-man channel
add band=2ghz-g/n control-channel-width=20mhz extension-channel=disabled name=2G
add band=5ghz-onlyac control-channel-width=20mhz extension-channel=Ceee name=5G skip-dfs-channels=yes
/interface bridge
add admin-mac=<admin_mac_address> auto-mac=no comment=defconf name=bridge
/caps-man datapath
add bridge=bridge client-to-client-forwarding=yes local-forwarding=yes name=wifi_datapath
/caps-man security
add authentication-types=wpa2-psk encryption=aes-ccm group-encryption=aes-ccm group-key-update=1h name=wifi_security
/caps-man configuration
add channel=2G country="united states3" datapath=wifi_datapath installation=any mode=ap name=cfg2G security=wifi_security ssid=<SSID1>
add channel=5G country="united states3" datapath=wifi_datapath installation=any mode=ap name=cfg5G security=wifi_security ssid=<SSID1>
add channel=5G country="united states3" datapath=wifi_datapath installation=any mode=ap name=cfg5g2 security=wifi_security ssid=<SSID2>
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip kid-control
add name=<kid>
/ip pool
add name=default-dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=default-dhcp disabled=no interface=bridge name=defconf
/user group
set full policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,password,web,sniff,sensitive,api,romon,dude,tikapp
/caps-man access-list
add action=accept allow-signal-out-of-range=10s disabled=no signal-range=-80..120 ssid-regexp=""
add action=reject allow-signal-out-of-range=10s disabled=no ssid-regexp=""
/caps-man manager
set ca-certificate=auto certificate=auto enabled=yes upgrade-policy=suggest-same-version
/caps-man manager interface
set [ find default=yes ] forbid=yes
add disabled=no interface=bridge
/caps-man provisioning
add action=create-dynamic-enabled hw-supported-modes=gn master-configuration=cfg2G name-format=prefix-identity name-prefix=2.4g
add action=create-dynamic-enabled hw-supported-modes=ac master-configuration=cfg5G name-format=prefix-identity name-prefix=5g slave-configurations=cfg5g2
/interface bridge port
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
add bridge=bridge comment=defconf interface=sfp1
/ip neighbor discovery-settings
set discover-interface-list=none
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether1 list=WAN
/ip address
add address=192.168.88.1/24 comment=defconf interface=bridge network=192.168.88.0
/ip cloud
set ddns-enabled=yes
/ip dhcp-client
add comment=defconf disabled=no interface=ether1
/ip dhcp-server lease
add address=192.168.88.x client-id=x_client_id mac-address=x_mac server=defconf
add address=192.168.88.y client-id=1:y_mac mac-address=y_mac server=defconf
add address=192.168.88.z client-id=1:z_mac mac-address=z_mac server=defconf
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf dns-server=8.8.8.8,8.8.4.4 gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
/ip dns static
add address=192.168.88.1 name=router.lan type=A
/ip firewall filter
add action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=drop chain=input comment="defconf: drop all not coming from LAN" in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related
add action=accept chain=forward comment="defconf: accept established,related, untracked" connection-state=established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
add action=drop chain=forward comment="defconf:  drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=out,none out-interface-list=WAN
add action=masquerade chain=srcnat comment="Default masq" out-interface=ether1
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh port=2200
set api disabled=yes
set winbox address=192.168.88.0/24
set api-ssl disabled=yes
/ip ssh
set forwarding-enabled=remote strong-crypto=yes
/system clock
set time-zone-name=America/Toronto
/system logging
add topics=wireless,debug
/tool mac-server
set allowed-interface-list=none
/tool mac-server mac-winbox
set allowed-interface-list=none
/tool mac-server ping
set enabled=no
Top
 
User avatar
bpwl
Forum Guru
Forum Guru
Posts: 2993
Joined: Mon Apr 08, 2019 1:16 am

Re: Wifi performance issues with TV, VOIP, Remote Desktop

Wed Jun 10, 2020 11:46 am

Maybe you need some mangle rules to make WMM work as expected.
(CAPsMAN users say WMM is always enabled with CAPsMAN)

viewtopic.php?f=7&t=161295#p795361
Top
 
WeWiNet
Long time Member
Long time Member
Posts: 597
Joined: Thu Sep 27, 2018 4:11 pm

Re: Wifi performance issues with TV, VOIP, Remote Desktop

Wed Jun 10, 2020 12:09 pm

You should use inside "Wireless" / "Access Rules" rules per device and interface.
I don't know how it works via Capsman, but assume it is possible as well.

The idea is to limit the connection to good connection for 5G (allow access if signal strength ~ -80 to + 120)
and for 2.4G "bad connection" (-120 to -65 +/-). And increase the singal out of range time to maybe 15 or 30 seconds.

Unfortuantly you will need to do this for each of your client and check the signal levels and adjust to them.
Its simple for "fixed" devices like a TV, but is more tricky for phones/tablets that move
around the place...

But this is the best you can do. There is no "band steering" inside Mikrotik Wifi for now which would do automatically.
Top
 
timurka
just joined
Topic Author
Posts: 2
Joined: Fri Apr 05, 2019 11:12 pm

Re: Wifi performance issues with TV, VOIP, Remote Desktop

Wed Jun 10, 2020 9:20 pm

bpwl@, WeWiNet@ thank you for these suggestions.

From the linked posts it looks like in CAPsMAN WMM is enabled by default. Just to be safe, I removed my APs from Cap and enabled this feature for each wireless interface. I then re-added them to Cap. According to viewtopic.php?f=2&t=125152 I also need to have this rule implemented on each AP:
Code: Select all
/ip firewall mangle add action=set-priority chain=postrouting comment="Set priority for WMM" new-priority=from-dscp-high-3-bits passthrough=yes
Can I apply it via CAPsMAN or have to manually apply for each AP?

I also updated my access-list rules and included details for reject action and increased the timeout to 30s:
Code: Select all
/caps-man access-list
add action=accept interface=all signal-range=-80..120
add action=reject interface=all signal-range=-120..-81
Top
Post Reply

Who is online

Users browsing this forum: Amazon [Bot], Bing [Bot] and 39 guests
  4. RouterOS
  5. Beginner Basics