CAPsMAN - Slow wifi, devices disconnecting

DeftyONE · Mon Mar 07, 2022 11:25 am

Hey,
We have a CAPsMAN system with 5 active cap and a capsmanager (ccr1009-7G-1C). There are many windows and iOS clients who disconnecting after 10-15 mins. Sometimes SSID not listed or the clients can not connect..
I am out of ideas what could cause the problem.. I'll paste my code below. And they can't measure more then 30Mb/s on WiFi.
It's pretty scuffed, but can not take out the device from prod and the previous sysadmin doesn't realy cared about the system..

# mar/07/2022 10:13:32 by RouterOS 6.48.3
# software id = F9VM-XBST
#
# model = CCR1009-7G-1C
# serial number = 84A107B1CF12
/interface bridge
add dhcp-snooping=yes name=br_dev
add name=br_office
add arp=proxy-arp name=bridge1
add name=bridge_guest protocol-mode=none
/interface ethernet
set [ find default-name=ether1 ] speed=100Mbps
set [ find default-name=ether2 ] speed=100Mbps
set [ find default-name=ether3 ] speed=100Mbps
set [ find default-name=ether4 ] speed=100Mbps
set [ find default-name=ether5 ] speed=100Mbps
set [ find default-name=ether6 ] speed=100Mbps
set [ find default-name=ether7 ] speed=100Mbps
/caps-man datapath
add bridge=bridge1 local-forwarding=yes name=dp-1
add bridge=bridge_guest local-forwarding=no name=dp-guest
add bridge=br_dev local-forwarding=no name=dp_dev
add bridge=br_office local-forwarding=no name=dp_office
/caps-man configuration
add channel.band=2ghz-g/n channel.control-channel-width=20mhz \
    channel.extension-channel=disabled channel.frequency=2412,2437,2462 \
    country="new zealand" datapath=dp_office mode=ap name=\
    "Config - 1 - 6 -11" rates.ht-basic-mcs=mcs-0 \
    security.authentication-types=wpa-psk,wpa2-psk security.encryption=\
    aes-ccm security.group-encryption=aes-ccm ssid=...
/caps-man rates
add basic=6Mbps name=baisc6 supported=\
    6Mbps,9Mbps,12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps
/caps-man security
add authentication-types=wpa-psk,wpa2-psk encryption=aes-ccm \
    group-encryption=aes-ccm name=metri_sec
add authentication-types=wpa-psk,wpa2-psk encryption=aes-ccm \
    group-encryption=aes-ccm name=sec-guest
/caps-man configuration
add channel.band=2ghz-b/g/n channel.control-channel-width=20mhz \
    channel.frequency=2412,2437,2462 country=hungary datapath=dp-guest mode=\
    ap name=MetriVendeg security=sec-guest ssid="... - Vendeg"
add channel.band=2ghz-g/n channel.control-channel-width=20mhz \
    channel.extension-channel=disabled channel.frequency=2412,2437,2462 \
    country="new zealand" datapath=dp_dev mode=ap name=metri_dev rates=baisc6 \
    security=metri_sec ssid="... - DEV"
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
add dns-name=vendeg.....hu hotspot-address=192.168.5.1 name=hsprof1
/ip pool
add name=vpn ranges=10.0.0.2-10.0.0.100
add name=questwifi ranges=192.168.5.100-192.168.5.200
add name=dhcp ranges=192.168.0.100-192.168.0.140
add name=l2tp-pool ranges=192.168.10.10-192.168.10.20
add name=dhcp_pool5 ranges=192.168.6.200-192.168.6.250
add name=dhcp_pool6 ranges=192.168.7.10-192.168.7.200
/ip dhcp-server
add address-pool=questwifi disabled=no interface=bridge_guest lease-time=1h \
    name=guest_dhcp
add address-pool=dhcp_pool5 disabled=no interface=br_dev lease-time=6h name=\
    dhcp_office
add address-pool=dhcp_pool6 disabled=no interface=br_office lease-time=6h \
    name=dhcp2
/ip hotspot
add address-pool=questwifi interface=bridge_guest name=hotspot1 profile=\
    hsprof1
/ppp profile
add bridge=bridge1 local-address=vpn name=openvpn remote-address=dhcp
add bridge=bridge1 change-tcp-mss=yes dns-server=1.1.1.1,8.8.8.8 \
    local-address=dhcp name=l2tp-profile remote-address=dhcp
add bridge=bridge1 change-tcp-mss=yes dns-server=1.1.1.1,8.8.8.8 \
    local-address=dhcp name=pptp-profile remote-address=dhcp
/queue type
add kind=pcq name=pcq-upload-5M pcq-classifier=src-address pcq-rate=6M
add kind=pcq name=pcq-download-5M pcq-classifier=dst-address pcq-rate=6M
/queue simple
add disabled=yes name=VendegKorlatPerIP queue=pcq-upload-5M/pcq-download-5M \
    target=192.168.5.0/24
/system logging action
add name=syslogserver remote=192.168.0.214 src-address=192.168.0.200 target=\
    remote
/user group
set full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,pas\
    sword,web,sniff,sensitive,api,romon,dude,tikapp"
/caps-man access-list
add action=accept allow-signal-out-of-range=10s disabled=no mac-address=\
    16:DE:AB:19:AC:19 ssid-regexp=""
add action=accept allow-signal-out-of-range=10s disabled=no interface=all \
    signal-range=-80..120 ssid-regexp=""
add action=reject allow-signal-out-of-range=10s disabled=no interface=all \
    signal-range=-120..-81 ssid-regexp=""
add action=accept allow-signal-out-of-range=10s disabled=no mac-address=\
    40:D6:3C:71:64:FA ssid-regexp=""
add action=accept allow-signal-out-of-range=1m comment=smarton disabled=no \
    mac-address=14:18:C3:3B:9E:9E ssid-regexp=""
add action=accept allow-signal-out-of-range=10s comment=smarton disabled=no \
    mac-address=14:18:C3:3B:9E:9E ssid-regexp=""
add action=accept allow-signal-out-of-range=10s comment=nnimrod disabled=no \
    mac-address=70:66:55:9E:C0:F9 ssid-regexp=""
add allow-signal-out-of-range=10s comment=cza disabled=no mac-address=\
    00:28:F8:CE:EE:EC ssid-regexp=""
add allow-signal-out-of-range=10s comment=csa disabled=no mac-address=\
    5C:51:4F:8D:86:8C ssid-regexp=""
add allow-signal-out-of-range=10s comment=nm disabled=no mac-address=\
    70:66:55:9E:C0:F9 ssid-regexp=""
/caps-man manager
set ca-certificate=auto certificate=auto enabled=yes
/caps-man provisioning
add action=create-dynamic-enabled disabled=yes
add action=create-dynamic-enabled master-configuration=MetriVendeg \
    name-format=prefix-identity name-prefix=cap_ slave-configurations=\
    "Config - 1 - 6 -11,metri_dev"
add action=create-dynamic-enabled disabled=yes
add action=create-dynamic-enabled disabled=yes
/interface bridge port
add bridge=bridge1 hw=no interface=ether1
add bridge=bridge1 hw=no interface=ether2
add bridge=bridge1 hw=no interface=ether3
add bridge=bridge1 hw=no interface=ether4
add bridge=bridge1 hw=no interface=ether5
add bridge=bridge1 hw=no interface=ether6
add bridge=bridge1 hw=no interface=ether7
add bridge=bridge1 hw=no interface=combo1
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/interface l2tp-server server
set default-profile=l2tp-profile enabled=yes use-ipsec=yes
/interface list member
add interface=ether1 list=WAN
add interface=ether2 list=LAN
add interface=ether3 list=LAN
add interface=ether4 list=LAN
add interface=ether5 list=LAN
add interface=ether6 list=LAN
add interface=ether7 list=LAN
add interface=combo1 list=LAN
/interface ovpn-server server
set certificate=...VPNCA enabled=yes mode=ethernet \
    require-client-certificate=yes
/interface pptp-server server
set authentication=pap,chap,mschap1,mschap2 default-profile=pptp-profile \
    enabled=yes
/ip address
add address=192.168.0.201/24 comment=defconf interface=ether2 network=\
    192.168.0.0
add address=185.63.46.107/24 disabled=yes interface=ether1 network=\
    185.63.46.0
add address=192.168.5.1/24 interface=bridge_guest network=192.168.5.0
add address=192.168.0.200/24 disabled=yes interface=ether2 network=\
    192.168.0.0
add address=192.168.6.254/24 interface=br_dev network=192.168.6.0
add address=192.168.7.254/24 interface=br_office network=192.168.7.0
/ip cloud
set ddns-enabled=yes
/ip dhcp-client
add interface=bridge1
/ip dhcp-server lease
add address=192.168.0.103 client-id=1:f4:8c:eb:ef:a5:17 mac-address=\
    F4:8C:EB:EF:A5:17
/ip dhcp-server network
add address=192.168.5.0/24 dns-server=1.1.1.1,8.8.8.8 domain=...vendeg \
    gateway=192.168.5.1 netmask=24
add address=192.168.6.0/24 dns-server=1.1.1.1,8.8.8.8 gateway=192.168.6.254
add address=192.168.7.0/24 gateway=192.168.7.254
/ip dns
set allow-remote-requests=yes servers=192.168.0.200,8.8.8.8,1.1.1.1
/ip dns static
add address=192.168.0.219 name=mail.....hu
/ip firewall address-list
add address=192.168.5.2-192.168.5.254 list=guest_iplist
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=\
    "place hotspot rules here" disabled=yes
add action=drop chain=input comment="Drop Invalid connections" \
    connection-state=invalid
add action=accept chain=input dst-port=53 protocol=tcp src-address=\
    192.168.0.0/24
add action=accept chain=forward comment=metri_dev_accept dst-address=\
    192.168.0.0/24 src-address=192.168.6.0/24
add action=accept chain=forward comment=metri_office_accept dst-address=\
    192.168.0.0/16 src-address=192.168.7.0/24
add action=accept chain=forward comment=metri_office_accept dst-address=\
    192.168.7.0/24 src-address=192.168.0.0/16
add action=accept chain=forward comment=metri_dev_accept dst-address=\
    192.168.61.0/24 src-address=192.168.6.0/24
add action=accept chain=forward comment=metri_dev_accept dst-address=\
    192.168.6.0/24 src-address=192.168.61.0/24
add action=accept chain=forward src-address=192.168.5.0/24
add action=accept chain=forward comment=\
    "allow already established connections" connection-state=established
add action=accept chain=forward src-address=192.168.6.0/24
add action=accept chain=forward dst-address=192.168.88.0/24 src-address=\
    192.168.0.0/24
add action=accept chain=input dst-port=8291 protocol=tcp
add action=accept chain=input dst-port=1194 protocol=tcp
add action=accept chain=input dst-port=500 protocol=udp
add action=accept chain=input dst-port=4500 protocol=udp
add action=accept chain=input dst-port=1723 protocol=udp
add action=accept chain=input dst-port=1701 protocol=udp
add action=accept chain=input protocol=ipsec-esp
add action=accept chain=input protocol=gre
add action=drop chain=forward dst-address=192.168.5.0/24 src-address=\
    192.168.0.0/24
add action=accept chain=forward comment=metri_dev_accept dst-address=\
    192.168.6.0/24 src-address=192.168.0.0/24
add action=drop chain=forward dst-address=192.168.0.0/24 src-address=\
    192.168.5.0/24
add action=accept chain=input comment="Allow Established connections" \
    connection-state=established
add action=accept chain=input comment="Allow ICMP" protocol=icmp
# in/out-interface matcher not possible when interface (ether1) is slave - use master instead (bridge1)
add action=accept chain=input in-interface=!ether1 src-address=192.168.0.0/24
# in/out-interface matcher not possible when interface (ether1) is slave - use master instead (bridge1)
add action=accept chain=input in-interface=!ether1 src-address=192.168.5.0/24
# in/out-interface matcher not possible when interface (ether1) is slave - use master instead (bridge1)
add action=accept chain=input in-interface=!ether1 src-address=\
    192.168.88.0/24
add action=drop chain=input comment="Drop everything else"
add action=drop chain=forward comment="drop invalid connections" \
    connection-state=invalid protocol=tcp
add action=accept chain=forward comment="allow related connections" \
    connection-state=related
add action=drop chain=forward src-address=0.0.0.0/8
add action=drop chain=forward dst-address=0.0.0.0/8
add action=drop chain=forward src-address=127.0.0.0/8
add action=drop chain=forward dst-address=127.0.0.0/8
add action=drop chain=forward src-address=224.0.0.0/3
add action=drop chain=forward dst-address=224.0.0.0/3
add action=jump chain=forward jump-target=tcp protocol=tcp
add action=jump chain=forward jump-target=udp protocol=udp
add action=jump chain=forward jump-target=icmp protocol=icmp
add action=drop chain=tcp comment="deny TFTP" dst-port=69 protocol=tcp
add action=drop chain=tcp comment="deny RPC portmapper" dst-port=111 \
    protocol=tcp
add action=drop chain=tcp comment="deny RPC portmapper" dst-port=135 \
    protocol=tcp
add action=drop chain=tcp comment="deny NBT" dst-port=137-139 protocol=tcp
add action=drop chain=tcp comment="deny cifs" dst-port=445 protocol=tcp
add action=drop chain=tcp comment="deny NFS" dst-port=2049 protocol=tcp
add action=drop chain=tcp comment="deny NetBus" dst-port=12345-12346 \
    protocol=tcp
add action=drop chain=tcp comment="deny NetBus" dst-port=20034 protocol=tcp
add action=drop chain=tcp comment="deny BackOriffice" dst-port=3133 protocol=\
    tcp
add action=drop chain=tcp comment="deny DHCP" dst-port=67-68 protocol=tcp
add action=drop chain=udp comment="deny TFTP" dst-port=69 protocol=udp
add action=drop chain=udp comment="deny PRC portmapper" dst-port=111 \
    protocol=udp
add action=drop chain=udp comment="deny PRC portmapper" dst-port=135 \
    protocol=udp
add action=drop chain=udp comment="deny NBT" dst-port=137-139 protocol=udp
add action=drop chain=udp comment="deny NFS" dst-port=2049 protocol=udp
add action=drop chain=udp comment="deny BackOriffice" dst-port=3133 protocol=\
    udp
add action=accept chain=icmp comment="echo reply" icmp-options=0:0 protocol=\
    icmp
add action=accept chain=icmp comment="net unreachable" icmp-options=3:0 \
    protocol=icmp
add action=accept chain=icmp comment="host unreachable" icmp-options=3:1 \
    protocol=icmp
add action=accept chain=icmp comment=\
    "host unreachable fragmentation required" icmp-options=3:4 protocol=icmp
add action=accept chain=icmp comment="allow source quench" icmp-options=4:0 \
    protocol=icmp
add action=accept chain=icmp comment="allow echo request" icmp-options=8:0 \
    protocol=icmp
add action=accept chain=icmp comment="allow time exceed" icmp-options=11:0 \
    protocol=icmp
add action=accept chain=icmp comment="allow parameter bad" icmp-options=12:0 \
    protocol=icmp
add action=drop chain=icmp comment="deny all other types"
add action=drop chain=input comment="drop ftp brute forcers" dst-port=21 \
    protocol=tcp src-address-list=ftp_blacklist
add action=accept chain=output content="530 Login incorrect" dst-limit=\
    1/1m,9,dst-address/1m protocol=tcp
add action=add-dst-to-address-list address-list=ftp_blacklist \
    address-list-timeout=3h chain=output content="530 Login incorrect" \
    protocol=tcp
add action=drop chain=input comment="drop ssh brute forcers" dst-port=22 \
    protocol=tcp src-address-list=ssh_blacklist
add action=add-src-to-address-list address-list=ssh_blacklist \
    address-list-timeout=1w3d chain=input connection-state=new dst-port=22 \
    protocol=tcp src-address-list=ssh_stage3
add action=add-src-to-address-list address-list=ssh_stage3 \
    address-list-timeout=1m chain=input connection-state=new dst-port=22 \
    protocol=tcp src-address-list=ssh_stage2
add action=add-src-to-address-list address-list=ssh_stage2 \
    address-list-timeout=1m chain=input connection-state=new dst-port=22 \
    protocol=tcp src-address-list=ssh_stage1
add action=add-src-to-address-list address-list=ssh_stage1 \
    address-list-timeout=1m chain=input connection-state=new dst-port=22 \
    protocol=tcp
add action=drop chain=forward comment="drop ssh brute downstream" dst-port=22 \
    protocol=tcp src-address-list=ssh_blacklist
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=\
    "place hotspot rules here" disabled=yes
add action=masquerade chain=srcnat out-interface-list=WAN src-address=\
    0.0.0.0/0
add action=masquerade chain=srcnat comment=metrivendeg dst-address=0.0.0.0/0 \
    src-address=192.168.5.0/24
add action=masquerade chain=srcnat comment=metri_dev dst-address=0.0.0.0/0 \
    src-address=192.168.6.0/24
add action=masquerade chain=srcnat comment=metri_office dst-address=0.0.0.0/0 \
    src-address=192.168.7.0/24
# in/out-interface matcher not possible when interface (ether1) is slave - use master instead (bridge1)
add action=dst-nat chain=dstnat dst-port=37777 in-interface=ether1 protocol=\
    tcp to-addresses=192.168.0.215 to-ports=37777
# in/out-interface matcher not possible when interface (ether1) is slave - use master instead (bridge1)
add action=dst-nat chain=dstnat dst-port=8888 in-interface=ether1 protocol=\
    tcp to-addresses=192.168.0.215 to-ports=80
# in/out-interface matcher not possible when interface (ether1) is slave - use master instead (bridge1)
add action=dst-nat chain=dstnat dst-port=37778 in-interface=ether1 protocol=\
    udp to-addresses=192.168.0.215 to-ports=37778
# in/out-interface matcher not possible when interface (ether1) is slave - use master instead (bridge1)
add action=dst-nat chain=dstnat dst-port=554 in-interface=ether1 protocol=tcp \
    to-addresses=192.168.0.215 to-ports=554
# in/out-interface matcher not possible when interface (ether1) is slave - use master instead (bridge1)
add action=dst-nat chain=dstnat dst-port=5222 in-interface=ether1 protocol=\
    tcp to-addresses=192.168.0.246 to-ports=5222
# in/out-interface matcher not possible when interface (ether1) is slave - use master instead (bridge1)
add action=dst-nat chain=dstnat dst-port=25 in-interface=ether1 protocol=tcp \
    to-addresses=192.168.0.219 to-ports=25
# in/out-interface matcher not possible when interface (ether1) is slave - use master instead (bridge1)
add action=dst-nat chain=dstnat dst-port=80 in-interface=ether1 protocol=tcp \
    to-addresses=192.168.0.219 to-ports=80
# in/out-interface matcher not possible when interface (ether1) is slave - use master instead (bridge1)
add action=dst-nat chain=dstnat dst-port=110 in-interface=ether1 protocol=tcp \
    to-addresses=192.168.0.219 to-ports=110
# in/out-interface matcher not possible when interface (ether1) is slave - use master instead (bridge1)
add action=dst-nat chain=dstnat dst-port=143 in-interface=ether1 protocol=tcp \
    to-addresses=192.168.0.219 to-ports=143
# in/out-interface matcher not possible when interface (ether1) is slave - use master instead (bridge1)
add action=dst-nat chain=dstnat dst-port=443 in-interface=ether1 protocol=tcp \
    to-addresses=192.168.0.219 to-ports=443
# in/out-interface matcher not possible when interface (ether1) is slave - use master instead (bridge1)
add action=dst-nat chain=dstnat dst-port=465 in-interface=ether1 protocol=tcp \
    to-addresses=192.168.0.219 to-ports=465
# in/out-interface matcher not possible when interface (ether1) is slave - use master instead (bridge1)
add action=dst-nat chain=dstnat dst-port=587 in-interface=ether1 protocol=tcp \
    to-addresses=192.168.0.219 to-ports=587
# in/out-interface matcher not possible when interface (ether1) is slave - use master instead (bridge1)
add action=dst-nat chain=dstnat dst-port=993 in-interface=ether1 protocol=tcp \
    to-addresses=192.168.0.219 to-ports=993
# in/out-interface matcher not possible when interface (ether1) is slave - use master instead (bridge1)
add action=dst-nat chain=dstnat dst-port=995 in-interface=ether1 protocol=tcp \
    to-addresses=192.168.0.219 to-ports=995
add action=dst-nat chain=dstnat disabled=yes dst-port=8080 in-interface=\
    ether1 protocol=tcp to-addresses=192.168.0.219 to-ports=8080
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
    src-address=192.168.5.0/24
/ip hotspot user
add name=admin
add limit-uptime=5m name=teszt1
/ip route
add distance=1 gateway=192.168.0.200

gotsprings · Sun Mar 13, 2022 7:42 pm

Use Client to Client Forwarding
Use Local Forwarding
TURN OFF WPA1
And your channels need some work

Zacharias · Sun Mar 13, 2022 7:49 pm

@gotsprings you prefer Local Forwarding mode instead of Capsman Forwarding ? If yes, may i ask why ?
Personally i use both modes but most of the time i use Capsman Forwarding...

erlinden · Sun Mar 13, 2022 9:23 pm

@gotsprings you prefer Local Forwarding mode instead of Capsman Forwarding ? If yes, may i ask why ?

Though I'm not @gotsprings...local forwarding will not cause a high cpu load on the CAPsMAN.

Regarding the config...I prefer to use a single bridge (and VLAN filtering).
Do you have a specific reason for running 6.48.3?
Why running so many VPN servers?
Do you have to support 802.11b?
Do the CAPs only have 2.4GHz radios?

What WIFI speeds are you expecting?
How many clients are connected to the CAPs?
At what speed are the clients connected?

And @gotsprings already gave a lot of good tips.

gotsprings · Mon Mar 14, 2022 3:08 am

Local forwarding is one of those things that "helps" speed up your wifi.

Also it make the configuration of access points more like dealing with other wifi APs. This is important when you find out that your Mikrotik AP "just ain't gonna hack it". So you have to move to another manufacturer. That way your router and switches can accept the new APs with the least amount of reconfiguration.

Like right now... I have to swap in another manufacturer because the client upgrade their ISP feed. And it's painfully obvious that the Mikrotik WiFi is limiting the throughput.

Since the network is configured to treat APs as APs... I need only match up signals and VLAN tags. Speeds jumped from the 180-200Meg on the cAP AC to 700Megs from the XV2-2.

toxicfusion · Fri Mar 18, 2022 2:41 am

Local forwarding is one of those things that "helps" speed up your wifi.

Also it make the configuration of access points more like dealing with other wifi APs. This is important when you find out that your Mikrotik AP "just ain't gonna hack it". So you have to move to another manufacturer. That way your router and switches can accept the new APs with the least amount of reconfiguration.

Like right now... I have to swap in another manufacturer because the client upgrade their ISP feed. And it's painfully obvious that the Mikrotik WiFi is limiting the throughput.

Since the network is configured to treat APs as APs... I need only match up signals and VLAN tags. Speeds jumped from the 180-200Meg on the cAP AC to 700Megs from the XV2-2.

Gotsprings - - bro..

Will you please F*&& stop with your spamming and being annoying about MikroTik products? We get you've had some bad experiences. MikroTik Fits a certain market segment/vertical........ works for 75%+ of market. Then for other percentages you have those that need Enterprise WIFI, different price bracket. Then you have Cambium and UBT products..

Please stop slander. Every post in Wireless you have something to say about your bad experience. How about post useful config information to help AID in a fix or better performance.

gotsprings · Sat Mar 19, 2022 5:53 pm

ToxicFusion...
Add me as a Foe...
Never have to see my posts again.

anav · Sat Mar 19, 2022 6:04 pm

Who is Toxic Fusion? I dont see that person in any threads?

You would think with a nick like that, one would enjoy some (toxic) truths!!

gotsprings · Sat Mar 19, 2022 6:44 pm

Who is Toxic Fusion? I dont see that person in any threads?

You would think with a nick like that, one would enjoy some (toxic) truths!!

Apologists and Fan Boys are the worst thing for a manufacture.

People with actual trouble shooting skills are less common that fan boys... and honestly... The Former are the enemy or progress.

I am now the PROUD owner of a kernel level bug, at another wireless manufacture. Its been in the wild for over 2 years. I slammed into it head first. Made it repeatable. Broke it down. Remove every roadblock that confirmation bias put in the way... sure enough... its a real thing that CAN'T be addressed without going back to dev level.

And how did I prove it was their problem to solve... By showing the problem didn't exist in Ruckus, Ubiquiti and Mikrotik.

To Quote my name sake...
" my existence, while grotesque and incomprehensible to you, saves lives. (Ok a bit much but... the lives part but...)
You don't want the truth because deep down in places you don't talk about at parties, you want me on that wall -- you need me on that wall!!!"

Zacharias · Sat Mar 19, 2022 7:17 pm

Though I'm not @gotsprings...local forwarding will not cause a high cpu load on the CAPsMAN.

I agree on that, but it is a users mistake if Capsman forwarding is used on a low performance CPU device...

anav · Sat Mar 19, 2022 8:13 pm

I am now the PROUD owner of a kernel level bug, at another wireless manufacture. Its been in the wild for over 2 years. I slammed into it head first. Made it repeatable. Broke it down. Remove every

By chance did this bug cause the unit to reboot when using pOE connections......... (or just randomly reboot).

gotsprings · Sat Mar 19, 2022 8:53 pm

I am now the PROUD owner of a kernel level bug, at another wireless manufacture. Its been in the wild for over 2 years. I slammed into it head first. Made it repeatable. Broke it down. Remove every
By chance did this bug cause the unit to reboot when using pOE connections......... (or just randomly reboot).

Nope.

They are placing it as an "extension of" or "worst case of" a DNS issue they "had seen".

Mikrotik is working on the crashing audience with WAVE 2 driver. Which "appears related to virtual AP". But it's still in the "working on it phase."

toxicfusion · Sun Mar 20, 2022 10:26 pm

Who is Toxic Fusion? I dont see that person in any threads?

You would think with a nick like that, one would enjoy some (toxic) truths!!
Apologists and Fan Boys are the worst thing for a manufacture.

People with actual trouble shooting skills are less common that fan boys... and honestly... The Former are the enemy or progress.

I am now the PROUD owner of a kernel level bug, at another wireless manufacture. Its been in the wild for over 2 years. I slammed into it head first. Made it repeatable. Broke it down. Remove every roadblock that confirmation bias put in the way... sure enough... its a real thing that CAN'T be addressed without going back to dev level.

And how did I prove it was their problem to solve... By showing the problem didn't exist in Ruckus, Ubiquiti and Mikrotik.

To Quote my name sake...
" my existence, while grotesque and incomprehensible to you, saves lives. (Ok a bit much but... the lives part but...)
You don't want the truth because deep down in places you don't talk about at parties, you want me on that wall -- you need me on that wall!!!"

Gotsprings:

Your ego is out of control.

I've used more than just mikrotik products. I use appropriate products depending on customer requirements....... However, I do use ALOT of MikroTik products; I only use their routers for 98% of my client base. Otherwise I roll fortigate.

I've used pretty much all the WIFI vendors out there, again - comes down to client requirements.

I was just making a point. Seems you constantly hijack posts complaining about your poor experience. Most of us know MikroTiks strong point is not their wireless [for now]. RouterOS 7.0 is still teething, and new wave2 products are slow drip releasing.

gotsprings · Sun Mar 20, 2022 10:52 pm

My ego is out of control...
Duh!

I told you before... Add me as a Foe!!!

How can you seriously justify 2016 protocols still being incomplete?
Forget WiFi6 or Wifi6E.

That would be like buying an iPhone 7 now.

anav · Thu Mar 24, 2022 2:10 pm

Gotsprings = speaks truth

Toxicfusion = okay with promoting wifi with a lower value, lower functionality proposition.

about as dumb as your partner in crime

Zacharias = okay with selling anything if its MT

(quote: " We are in a MikroTik forum and the OP wants to get a MikroTik product... So ofcorse i will recommend one ."
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Conclusion, some people are here to help other and make recommendations based on experience.
others are bordering on immoral conduct and are basing recommendation on allegiance to a brand and not value for the customer.

toxicfusion · Thu Mar 24, 2022 6:24 pm

Anav. I will promote other WIFI products when needed. However, this IS after all MikroTik forum....

I am not naive to other products; nor am I fanboy of any one vendor. We all know MikroTik has been behind other manufactures with their wireless products.

Zacharias · Fri Mar 25, 2022 2:31 pm

@anav, when someone wants a MikroTIK router/switch/AP and you suggest something different than that, obviously you are out off topic 100%...
You can suggest whatever you want...
Let the other engineers/users etc... make their own suggestions as well and have their own opinions, experience, preference ...

I will not comment further to your off topic conclusions, i just loose my time...

CAPsMAN - Slow wifi, devices disconnecting

CAPsMAN - Slow wifi, devices disconnecting

Re: CAPsMAN - Slow wifi, devices disconnecting

Re: CAPsMAN - Slow wifi, devices disconnecting

Re: CAPsMAN - Slow wifi, devices disconnecting

Re: CAPsMAN - Slow wifi, devices disconnecting

Re: CAPsMAN - Slow wifi, devices disconnecting

Re: CAPsMAN - Slow wifi, devices disconnecting

Re: CAPsMAN - Slow wifi, devices disconnecting

Re: CAPsMAN - Slow wifi, devices disconnecting

Re: CAPsMAN - Slow wifi, devices disconnecting

Re: CAPsMAN - Slow wifi, devices disconnecting

Re: CAPsMAN - Slow wifi, devices disconnecting

Re: CAPsMAN - Slow wifi, devices disconnecting

Re: CAPsMAN - Slow wifi, devices disconnecting

Re: CAPsMAN - Slow wifi, devices disconnecting

Re: CAPsMAN - Slow wifi, devices disconnecting

Re: CAPsMAN - Slow wifi, devices disconnecting

Who is online