Hi, I've set caps and I advice devices loosing packets, I've noticed it happened cause the client continuously change the transport protocol, when it change there are loss. The client is located only 2 meters away,how can I force it keep a stable transport mode? What other parameters in cpsman may I edit? Thanks. The problem affect all devices connected. Router is 952ui 2nd running 6.49.2, bu is the same also with the latest long term.
Have please look at video, the last part is the most interesting
https://drive.google.com/file/d/1qIXe5a ... sp=sharing
Re: help with loosing packets
This is the setting I think this is the right place where to configure something different
Re: help with loosing packets
I hope somebody can help me, thanks
-
-
ConnyMercier
Forum Veteran
- Posts: 725
- Joined:
Re: help with loosing packets
Please Export and Post your Config for both Capsman and CAP
(/export hide-sensitive file=anynameyouwish)
(/export hide-sensitive file=anynameyouwish)
Re: help with loosing packets
Campsman
Code: Select all
[admin@Sklad-1piano] > export
# dec/14/2021 12:42:39 by RouterOS 6.49.2
# software id = 82QZ-0RQM
#
# model = RouterBOARD 952Ui-5ac2nD
# serial number = 71B106F6D38F
/caps-man channel
add band=2ghz-b/g/n control-channel-width=20mhz extension-channel=disabled \
frequency=2412 name=channel1 tx-power=2
add band=2ghz-g/n control-channel-width=20mhz extension-channel=disabled \
frequency=2437 name=channel6
add band=5ghz-a/n/ac frequency=5200 name="channel2(5G)"
/interface bridge
add admin-mac=6C:3B:6B:66:EE:69 auto-mac=no comment=defconf fast-forward=no \
name=bridge
/interface ethernet
set [ find default-name=ether1 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether2 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full \
auto-negotiation=no loop-protect=off name=ether2-master
set [ find default-name=ether3 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether4 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether5 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
/interface wireless
# managed by CAPsMAN
# channel: 2412/20/gn(2dBm), SSID: Italia-Staff2, CAPsMAN forwarding
set [ find default-name=wlan1 ] antenna-gain=0 country=no_country_set \
frequency-mode=manual-txpower ssid=MikroTik station-roaming=enabled
# managed by CAPsMAN
# channel: 5200/20-eCee/ac/P(20dBm), SSID: ItaliaOffice-5GHz, CAPsMAN forwarding
set [ find default-name=wlan2 ] antenna-gain=0 country=no_country_set \
frequency-mode=manual-txpower ssid=MikroTik station-roaming=enabled
/caps-man datapath
add bridge=bridge client-to-client-forwarding=yes l2mtu=1598 mtu=1500 name=\
datapath1
/caps-man security
add authentication-types=wpa-psk,wpa2-psk encryption=aes-ccm group-encryption=\
aes-ccm group-key-update=10m name="Italia sklad" passphrase=Bocconi6
add authentication-types=wpa-psk,wpa2-psk encryption=aes-ccm group-encryption=\
aes-ccm group-key-update=10m name="Italia office" passphrase=\
ItaliaUfficio012016
/caps-man configuration
add channel=channel1 country=russia datapath=datapath1 installation=indoor \
mode=ap name=Sklad-Sopra security="Italia sklad" ssid=Italia-Staff2
add channel=channel6 country=russia datapath=datapath1 installation=indoor \
mode=ap name=Sklad-Interrato security="Italia sklad" ssid=Italia-Staff2
add channel=channel1 country=russia datapath=datapath1 installation=indoor \
mode=ap name=Office2G-Sopra security="Italia office" ssid=ItaliaOffice
add channel="channel2(5G)" country=russia datapath=datapath1 installation=\
indoor mode=ap name=Office5G security="Italia office" ssid=\
ItaliaOffice-5GHz
add channel=channel6 country=russia datapath=datapath1 installation=indoor \
mode=ap name=Office2G-Interrato security="Italia office" ssid=ItaliaOffice
/caps-man interface
add configuration=Sklad-Interrato disabled=no l2mtu=1598 mac-address=\
74:4D:28:CF:9C:36 master-interface=none name=Interrato1 radio-mac=\
74:4D:28:CF:9C:36 radio-name=744D28CF9C36
add configuration=Office2G-Interrato disabled=no l2mtu=1598 mac-address=\
76:4D:28:CF:9C:36 master-interface=Interrato1 name=Interrato1-1 radio-mac=\
00:00:00:00:00:00 radio-name=764D28CF9C36
add configuration=Office5G disabled=no l2mtu=1598 mac-address=6C:3B:6B:66:EE:6D \
master-interface=none name=Sklad-Capsman-1 radio-mac=6C:3B:6B:66:EE:6D \
radio-name=6C3B6B66EE6D
add configuration=Sklad-Sopra disabled=no l2mtu=1598 mac-address=\
6C:3B:6B:66:EE:6E master-interface=none name=Sopra1 radio-mac=\
6C:3B:6B:66:EE:6E radio-name=6C3B6B66EE6E
add configuration=Office2G-Sopra disabled=no l2mtu=1598 mac-address=\
6E:3B:6B:66:EE:6E master-interface=Sopra1 name=Sopra1-1 radio-mac=\
00:00:00:00:00:00 radio-name=6E3B6B66EE6E
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk mode=\
dynamic-keys supplicant-identity=MikroTik wpa-pre-shared-key=Bocconi6 \
wpa2-pre-shared-key=Bocconi6
/ip pool
add name=default-dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=default-dhcp authoritative=after-2sec-delay interface=bridge \
name=defconf
/user group
set full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,passw\
ord,web,sniff,sensitive,api,romon,dude,tikapp"
/caps-man access-list
add action=accept allow-signal-out-of-range=3s disabled=no interface=all \
signal-range=-87..120 ssid-regexp=""
add action=reject allow-signal-out-of-range=1s disabled=no interface=all \
signal-range=-120..-88 ssid-regexp=""
/caps-man manager
set enabled=yes
/caps-man provisioning
add action=create-enabled master-configuration=Sklad-Sopra name-format=prefix \
name-prefix=Sopra radio-mac=6C:3B:6B:66:EE:6E slave-configurations=\
Office2G-Sopra
add action=create-enabled master-configuration=Sklad-Interrato name-format=\
prefix name-prefix=Interrato radio-mac=74:4D:28:CF:9C:36 \
slave-configurations=Office2G-Interrato
add action=create-enabled master-configuration=Office5G name-format=identity \
name-prefix="sopra 5GHz" radio-mac=6C:3B:6B:66:EE:6D
/interface bridge port
add bridge=bridge comment=defconf interface=ether2-master
add bridge=bridge comment=defconf interface=wlan1
add bridge=bridge comment=defconf interface=wlan2
add bridge=bridge interface=ether3
add bridge=bridge interface=ether4
add bridge=bridge interface=ether5
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/interface wireless cap
#
set bridge=bridge caps-man-addresses=127.0.0.1 discovery-interfaces=bridge \
enabled=yes interfaces=wlan1,wlan2
/ip address
add address=192.168.88.193/24 comment=defconf interface=ether2-master network=\
192.168.88.0
/ip dhcp-client
add comment=defconf disabled=no interface=ether1
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf gateway=192.168.88.194 netmask=24
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
/ip dns static
add address=192.168.88.193 name=router
/ip firewall filter
add action=accept chain=input in-interface=bridge protocol=udp src-address=\
192.168.88.194
add action=accept chain=output out-interface=bridge protocol=udp
add action=accept chain=input connection-state="" in-interface=bridge protocol=\
udp src-address=127.0.0.1
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related
add action=accept chain=forward comment="defconf: accept established,related" \
connection-state=established,related
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" disabled=yes \
out-interface=ether1
/ip route
add distance=1 gateway=192.168.88.1
/system clock
set time-zone-name=Europe/Moscow
/system identity
set name=Sklad-1piano
/system scheduler
add interval=1d name=reboot-5.30am on-event="/system reboot" policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-date=jan/17/2017 start-time=05:30:00
[admin@Sklad-1piano] >
REMOTE CAP:
admin@Sklad-Interrato] > export
# dec/14/2021 12:44:45 by RouterOS 6.49.2
# software id = C5Y0-70R5
#
# model = RB941-2nD
# serial number = A1C30A2294AA
/interface wireless
# managed by CAPsMAN
# channel: 2437/20/gn(20dBm), SSID: Italia-Staff2, CAPsMAN forwarding
set [ find default-name=wlan1 ] antenna-gain=0 band=2ghz-b/g/n channel-width=\
20/40mhz-Ce country=no_country_set distance=indoors frequency=auto \
frequency-mode=manual-txpower mode=ap-bridge ssid=MikroTik-CF9C36 \
station-roaming=enabled wireless-protocol=802.11
/interface bridge
add admin-mac=74:4D:28:CF:9C:32 auto-mac=no comment=defconf name=bridge
/interface ethernet
set [ find default-name=ether1 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether2 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether3 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether4 ] advertise=\
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=default-dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=default-dhcp interface=bridge name=defconf
/user group
set full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,passw\
ord,web,sniff,sensitive,api,romon,dude,tikapp"
/interface bridge port
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=wlan1
add bridge=bridge interface=ether1
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/interface list member
add comment=defconf interface=ether1 list=WAN
add interface=ether2 list=LAN
add interface=ether3 list=LAN
add interface=ether4 list=LAN
add interface=wlan1 list=LAN
/interface wireless cap
#
set caps-man-addresses=192.168.88.193 discovery-interfaces=ether4 enabled=yes \
interfaces=wlan1
/ip address
add address=192.168.88.194/24 comment=defconf interface=ether2 network=\
192.168.88.0
/ip dhcp-client
add comment=defconf interface=bridge
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf gateway=192.168.88.194 netmask=24
/ip dns
set allow-remote-requests=yes servers=8.8.8.8
/ip dns static
add address=192.168.88.194 name=router.lan
/ip firewall filter
add action=accept chain=input in-interface=bridge protocol=udp src-address=\
192.168.88.193
add action=accept chain=output out-interface=bridge protocol=udp
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related
add action=accept chain=forward comment=\
"defconf: accept established,related, untracked" connection-state=\
established,related,untracked
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" disabled=yes \
ipsec-policy=out,none out-interface-list=WAN
/ip route
add distance=1 gateway=192.168.88.1
/system clock
set time-zone-name=Europe/Moscow
/system identity
set name=Sklad-Interrato
/system scheduler
add interval=1d name=reboot-5.30am on-event="/system reboot" policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-date=jan/17/2017 start-time=05:30:00
[admin@Sklad-Interrato] >
Re: help with loosing packets
Hi, I would like to report what the problem was, it depended on the main router 2011UiAS-2HnD, that the capsman used only as gateway. The configuration I've sent is correct and work as expected.
The problem became after upgrading the gateway from vesion 6.37 (if I remember right, I haven't do it myself) to the latest 6.49.2. After some rconconfiguration all seems good, but on one ethernet it started to loose packets, to the wired device about 1 every minute, for the wifi devices connected on capsman mche worse, like the arp was lost and waiting to arp again. IN the gateway a strange CPU usage, with peacks of 65% for no reasons. Also DNS process went up to 25% sometimes.
As it affected randoly devices (no internet on some PC, for some time) I've decided to reset gateway and rebuild everthing from zero. A simple paste of the config seems not enough in certain cases. After it cpu went bank to 0-20%, dns with very low values and no more lost packets.
the LESSON for me was: never upgrade when the release is so different..
The problem became after upgrading the gateway from vesion 6.37 (if I remember right, I haven't do it myself) to the latest 6.49.2. After some rconconfiguration all seems good, but on one ethernet it started to loose packets, to the wired device about 1 every minute, for the wifi devices connected on capsman mche worse, like the arp was lost and waiting to arp again. IN the gateway a strange CPU usage, with peacks of 65% for no reasons. Also DNS process went up to 25% sometimes.
As it affected randoly devices (no internet on some PC, for some time) I've decided to reset gateway and rebuild everthing from zero. A simple paste of the config seems not enough in certain cases. After it cpu went bank to 0-20%, dns with very low values and no more lost packets.
the LESSON for me was: never upgrade when the release is so different..
-
-
ConnyMercier
Forum Veteran
- Posts: 725
- Joined:
Re: help with loosing packets
Good Evening,
I took a look at your config...
The Configuration of both Cap and Capsman isn't very "clean"
If the Problem persist, i would advise to go thru your
config and cleaning it up.
My main concern are:
1. DHCP-Servers
Both Cap and Capsman have active DHCP-Servers
and I assume the Main Router too...
I assume you have a small SOHO-Network,
and because of this I recommend only having
one DHCP-Server for the Network
2. Capsman Interface ether2
Why did you deactivate "auto-negotiation" on ether 2...
Why did you deactivate Loop-protection on ether 2...
Did you already have a similar Problem in the Past ?
3. Capsman interface ether1
Why do you have a DHCP-Client active on ether1
DNS and NAT is active, so this Device ist configured as a Route...
Old Config ?`
4. Capsman-Datapath
Why do you foward CAP-Traffic to the Capsman-Bridge?
Why not use Local-Fowarding ?
5. Firewall "Foward"
If i understand your config correctly ,
your Cap and Capsman aren`t used as Routers.
So all "Foward" Firewall are useless and can be removed.
I took a look at your config...
The Configuration of both Cap and Capsman isn't very "clean"
If the Problem persist, i would advise to go thru your
config and cleaning it up.
My main concern are:
1. DHCP-Servers
Both Cap and Capsman have active DHCP-Servers
and I assume the Main Router too...
I assume you have a small SOHO-Network,
and because of this I recommend only having
one DHCP-Server for the Network
2. Capsman Interface ether2
Why did you deactivate "auto-negotiation" on ether 2...
Why did you deactivate Loop-protection on ether 2...
Did you already have a similar Problem in the Past ?
3. Capsman interface ether1
Why do you have a DHCP-Client active on ether1
DNS and NAT is active, so this Device ist configured as a Route...
Old Config ?`
4. Capsman-Datapath
Why do you foward CAP-Traffic to the Capsman-Bridge?
Why not use Local-Fowarding ?
5. Firewall "Foward"
If i understand your config correctly ,
your Cap and Capsman aren`t used as Routers.
So all "Foward" Firewall are useless and can be removed.
Re: help with loosing packets
Thank you for checking the config 
As I said, the problem was not here, without touching the config all works good now after fixing the Mikrotik gateway router, where this cap is connected to only by LAN, as "access point" only. That was just strange me to believe, that while davices on the same LAN were working almost (ok, a couple of plackets lost within 5 min, caused from anomaly on gateway as I told), the devices connected to WiFi were unresponsive for different seconds. The lost of packet caused a big issues and I believed it became from capsman, that's why I've forced the ethernet speed and removed the loop, if it may somewhat caused issues. Not, now I know, I can restore them back.
Just to answer you:
1) DHCP was deactivated, as the gateway provide it already. Here aren't present other ethernet broadcasts domains.
2) Auto neg and loop for debug, as told.
3) eth1 was just ignored, as assigned by default as WAN. To reduce problems, as I need only 2 eth ports, I've used 2 and 3 ignoring 1. It can still set..
DNS is useful to the cpasman itself to download updates, NAT is default, yes old config, has no sense since WAN interface isn't connected. As well I can remove all forwards..
Thanks
As I said, the problem was not here, without touching the config all works good now after fixing the Mikrotik gateway router, where this cap is connected to only by LAN, as "access point" only. That was just strange me to believe, that while davices on the same LAN were working almost (ok, a couple of plackets lost within 5 min, caused from anomaly on gateway as I told), the devices connected to WiFi were unresponsive for different seconds. The lost of packet caused a big issues and I believed it became from capsman, that's why I've forced the ethernet speed and removed the loop, if it may somewhat caused issues. Not, now I know, I can restore them back.
Just to answer you:
1) DHCP was deactivated, as the gateway provide it already. Here aren't present other ethernet broadcasts domains.
2) Auto neg and loop for debug, as told.
3) eth1 was just ignored, as assigned by default as WAN. To reduce problems, as I need only 2 eth ports, I've used 2 and 3 ignoring 1. It can still set..
DNS is useful to the cpasman itself to download updates, NAT is default, yes old config, has no sense since WAN interface isn't connected. As well I can remove all forwards..
Thanks
Who is online
Users browsing this forum: GoogleOther [Bot] and 73 guests