Community discussions

MikroTik App
  4. RouterOS
  5. Wireless Networking

Lag spikes from cAP AC with capsman

Post Reply
 
Timonator
just joined
Topic Author
Posts: 4
Joined: Sun Apr 23, 2017 3:24 pm

Lag spikes from cAP AC with capsman

Tue Dec 13, 2022 9:17 pm

Hi all,

I have the following setup.
RB3011UiAS-RM, which functions as modem and router
Mikrotik 24 port gigabit switch

hEX PoE on the attic connected to cAP AC through PoE

On PS5 speedtest will give me:
On a wired connection I get 44.8Mbps down and 13.4Mbps up
On a wireless connection 44.4Mbps down and 13.3Mbps up
It defaults on 2.4Ghz

Distance from PS5 to cAP AC is about 3m in a wooden house.

The connection speed seems pretty solid (for my 100/40 Mbps VDSL line). Only while gaming on the wifi, every so many minutes there are lag spikes noticeable.
Using the ethernet cable is rock solid.
Does anyone have a clue what this could cause?
Code: Select all
# dec/13/2022 20:13:38 by RouterOS 6.47
# software id = NR26-H0VF
#
# model = RouterBOARD 3011UiAS
# serial number = 8EED091AFE28
/caps-man channel
add band=2ghz-g/n control-channel-width=20mhz frequency=2412 name=\
    2.4Ghz_channel1
add band=2ghz-g/n control-channel-width=20mhz frequency=2437 name=\
    2.4Ghz_channel6
add band=5ghz-a/n/ac control-channel-width=20mhz extension-channel=Ceee \
    frequency=5180 name=5Ghz_channel36
/interface bridge
add admin-mac=B8:69:F4:F1:D4:26 ageing-time=1h auto-mac=no comment=defconf \
    name=bridge
add name=bridge_guest
/interface ethernet
set [ find default-name=ether1 ] speed=100Mbps
set [ find default-name=ether2 ] speed=100Mbps
set [ find default-name=ether3 ] speed=100Mbps
set [ find default-name=ether4 ] speed=100Mbps
set [ find default-name=ether5 ] speed=100Mbps
set [ find default-name=ether6 ] speed=100Mbps
set [ find default-name=ether7 ] speed=100Mbps
set [ find default-name=ether8 ] speed=100Mbps
set [ find default-name=ether9 ] speed=100Mbps
set [ find default-name=ether10 ] speed=100Mbps
set [ find default-name=sfp1 ] advertise=\
    10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
/interface pppoe-client
add add-default-route=yes disabled=no interface=ether1 name=pppoe-out1 user=\
    **@EDPNET
/caps-man datapath
add bridge=bridge client-to-client-forwarding=yes local-forwarding=yes name=\
    datapath_Main
add bridge=bridge_guest name=datapath_Guest
/caps-man configuration
add country=belgium datapath=datapath_Guest mode=ap name=Configuration_Guest \
    ssid="Wireless Guest Network"
/caps-man rates
add basic=6Mbps name="GN Only - No B rates" supported=\
    6Mbps,9Mbps,12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps
/caps-man security
add authentication-types=wpa2-psk disable-pmkid=yes encryption=aes-ccm name=\
    security_Main
/caps-man configuration
add country=belgium datapath=datapath_Main mode=ap name=\
    "Configuration Main 2.4Ghz" rates="GN Only - No B rates" security=\
    security_Main ssid="Wireless Main Network"
add country=belgium datapath=datapath_Main mode=ap name=\
    "Configuration Main 5Ghz" security=security_Main ssid=\
    "Wireless Main Network"
/caps-man interface
add channel=2.4Ghz_channel1 configuration="Configuration Main 2.4Ghz" \
    datapath=datapath_Main disabled=no l2mtu=1600 mac-address=\
    CC:2D:E0:96:00:9C master-interface=none name=2.4GHz--MikroTik-1 \
    radio-mac=CC:2D:E0:96:00:9C radio-name=CC2DE096009C rates=\
    "GN Only - No B rates"
add channel=5Ghz_channel36 configuration="Configuration Main 5Ghz" datapath=\
    datapath_Main disabled=no l2mtu=1600 mac-address=CC:2D:E0:96:00:9D \
    master-interface=none name=5GHz--MikroTik-1 radio-mac=CC:2D:E0:96:00:9D \
    radio-name=CC2DE096009D
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp ranges=10.10.1.100-10.10.1.200
add name=dhcp_guest ranges=10.10.2.100-10.10.2.200
add name=dhcp_pool2 ranges=10.10.2.2-10.10.2.254
add name=vpn ranges=192.168.89.2-192.168.89.255
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge lease-time=1h name=defconf
add address-pool=dhcp_pool2 disabled=no interface=bridge_guest name=\
    dhcp_guest
/ppp profile
add bridge=bridge name=TimoVPN
set *FFFFFFFE local-address=192.168.89.1 remote-address=vpn
/queue type
add kind=pcq name=pcq_guest_download pcq-classifier=dst-address pcq-rate=2M
add kind=pcq name=pcq_guest_upload pcq-classifier=src-address pcq-rate=512k
/queue simple
add name=limit_guest queue=pcq_guest_upload/pcq_guest_download target=\
    10.10.2.0/24
/user group
set full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,pas\
    sword,web,sniff,sensitive,api,romon,dude,tikapp"
add name=homeassistant policy="read,test,api,!local,!telnet,!ssh,!ftp,!reboot,\
    !write,!policy,!winbox,!password,!web,!sniff,!sensitive,!romon,!dude,!tika\
    pp"
/caps-man access-list
add action=reject allow-signal-out-of-range=10s disabled=yes signal-range=\
    -120..-70 ssid-regexp="" time=0s-1d,sun,mon,tue,wed,thu,fri,sat
add action=accept allow-signal-out-of-range=10s disabled=yes signal-range=\
    -69..120 ssid-regexp="" time=0s-1d,sun,mon,tue,wed,thu,fri,sat
/caps-man manager
set enabled=yes
/caps-man provisioning
add action=create-enabled comment="2.4GHz 802.11 capable devices" \
    hw-supported-modes=g master-configuration="Configuration Main 2.4Ghz" \
    name-format=prefix-identity name-prefix=2.4GHz-
add action=create-enabled comment="5GHz 802.11ac capable radios" \
    hw-supported-modes=ac master-configuration="Configuration Main 5Ghz" \
    name-format=prefix-identity name-prefix=5GHz-
/interface bridge port
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
add bridge=bridge comment=defconf interface=ether6
add bridge=bridge comment=defconf interface=ether7
add bridge=bridge comment=defconf interface=ether8
add bridge=bridge comment=defconf interface=ether9
add bridge=bridge comment=defconf interface=ether10
add bridge=bridge comment=defconf interface=sfp1
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether2
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface l2tp-server server
set enabled=yes use-ipsec=yes
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=pppoe-out1 list=WAN
/interface pptp-server server
set authentication=pap,chap,mschap1,mschap2 enabled=yes
/interface sstp-server server
set default-profile=default-encryption enabled=yes
/ip address
add address=10.10.1.1/24 comment=defconf interface=ether2 network=10.10.1.0
add address=10.10.2.1/24 interface=bridge_guest network=10.10.2.0
/ip cloud
set ddns-enabled=yes ddns-update-interval=1h
/ip dhcp-client
add comment=defconf interface=ether1 use-peer-dns=no
/ip dhcp-server lease
add address=10.10.1.2 client-id=1:b8:69:f4:fe:3:3e comment=\
    "Mikrotik 24-port gigabit switch" mac-address=B8:69:F4:FE:03:3E server=\
    defconf
add address=10.10.1.10 client-id=1:0:11:32:8a:15:17 comment="Synology NAS" \
    mac-address=00:11:32:8A:15:17 server=defconf
add address=10.10.1.11 client-id=1:28:6d:97:70:de:68 comment=\
    "SmartThings Hub" mac-address=28:6D:97:70:DE:68 server=defconf
add address=10.10.1.3 client-id=1:cc:2d:e0:96:0:9a comment="Mikrotik cAP 1" \
    mac-address=CC:2D:E0:96:00:9A server=defconf
add address=10.10.1.20 comment="Google Home Max Basement" mac-address=\
    E4:F0:42:0E:82:AD server=defconf
add address=10.10.1.70 comment="Xiaomi Vac" mac-address=40:31:3C:AE:40:FA \
    server=defconf
add address=10.10.1.84 client-id=1:0:12:17:8b:8d:2a comment="Shitty Ali Cam" \
    mac-address=00:12:17:8B:8D:2A server=defconf
add address=10.10.1.12 comment="Philips Hue Hub" mac-address=\
    00:17:88:6D:23:10 server=defconf
add address=10.10.1.23 client-id=1:30:d1:6b:79:ac:23 comment=\
    "Lenovo Smart Display 7\"" mac-address=30:D1:6B:79:AC:23 server=defconf
add address=10.10.1.5 client-id=1:74:4d:28:84:17:6b comment=\
    "Mikrotik POE switch" mac-address=74:4D:28:84:17:6B server=defconf
add address=10.10.1.85 client-id=1:ec:71:db:cd:52:c4 comment=Reolink1 \
    mac-address=EC:71:DB:CD:52:C4 server=defconf
add address=10.10.1.30 comment="Irrigation Controller 1" mac-address=\
    60:01:94:CD:FA:EF server=defconf
add address=10.10.1.31 comment="Irrigation Controller 2" mac-address=\
    60:01:94:CE:07:40 server=defconf
add address=10.10.1.32 comment="Irrigation Controller 3" mac-address=\
    60:01:94:CE:09:48 server=defconf
add address=10.10.1.21 always-broadcast=yes client-id=1:3c:95:9:e3:af:fb \
    comment=TimoTv mac-address=3C:95:09:E3:AF:FB server=defconf
add address=10.10.1.22 client-id=1:30:d1:6b:aa:ac:1d comment=\
    "Lenovo Smart Display 10\"" mac-address=30:D1:6B:AA:AC:1D server=defconf
add address=10.10.1.25 comment="Bathroom speaker" mac-address=\
    F4:F5:D8:BF:5B:FA server=defconf
add address=10.10.1.24 comment="Basement speaker" mac-address=\
    38:8B:59:AD:6D:80 server=defconf
add address=10.10.1.27 mac-address=20:DF:B9:8E:F5:00 server=defconf
add address=10.10.1.40 comment="Ring doorbell" mac-address=34:15:13:BB:95:B7 \
    server=defconf
add address=10.10.1.26 comment="Living Room Speaker" mac-address=\
    48:D6:D5:C8:69:22 server=defconf
add address=10.10.1.35 comment=Shelly4ProModule2 mac-address=\
    E4:15:F6:4D:0C:E6 server=defconf
add address=10.10.1.36 comment=Shelly4ProModule1 mac-address=\
    E4:15:F6:4D:11:50 server=defconf
add address=10.10.1.86 client-id=1:0:62:6e:6a:6a:bf comment=\
    "Foscam Project Area" mac-address=00:62:6E:6A:6A:BF server=defconf
add address=10.10.1.13 client-id=1:50:ec:50:ed:14:cc comment=\
    "Xiaomi Aqara Hub" mac-address=50:EC:50:ED:14:CC server=defconf
add address=10.10.1.41 mac-address=98:F4:AB:65:0C:F8 server=defconf
add address=10.10.1.15 comment="Home Assistant" mac-address=00:1E:06:42:DE:E7 \
    server=defconf
add address=10.10.1.38 mac-address=24:62:AB:B0:61:68 server=defconf
add address=10.10.1.72 mac-address=54:48:E6:55:27:3B server=defconf
add address=10.10.1.80 client-id=1:ec:71:db:a6:ec:2c comment=\
    "Reolink 16port NVR" mac-address=EC:71:DB:A6:EC:2C server=defconf
add address=10.10.1.71 mac-address=54:48:E6:04:27:81 server=defconf
add address=10.10.1.42 comment=Kerstboom mac-address=E8:DB:84:0E:01:20 \
    server=defconf
add address=10.10.1.14 client-id=1:0:11:2a:22:ea:7b comment=\
    "Niko Home Control" mac-address=00:11:2A:22:EA:7B server=defconf
add address=10.10.1.81 client-id=1:ec:71:db:90:45:e7 comment=\
    "Reolink voordeur" mac-address=EC:71:DB:90:45:E7 server=defconf
/ip dhcp-server network
add address=10.10.1.0/24 gateway=10.10.1.1 netmask=24
add address=10.10.2.0/24 gateway=10.10.2.1
add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8
/ip dns static
add address=10.10.1.1 name=router.lan type=A
/ip firewall filter
add action=accept chain=input comment=\
    "defconf: accept established,related,untracked" connection-state=\
    established,related,untracked
add action=accept chain=input comment="allow IPsec NAT" dst-port=4500 \
    protocol=udp
add action=accept chain=input comment="allow IKE" dst-port=500 protocol=udp
add action=accept chain=input comment="allow l2tp" dst-port=1701 protocol=udp
add action=accept chain=input comment="allow pptp" dst-port=1723 protocol=tcp
add action=accept chain=input comment="allow sstp" dst-port=443 protocol=tcp
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
    invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
    disabled=yes in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
    ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
    ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
    connection-state=established,related disabled=yes
add action=accept chain=forward comment=\
    "defconf: accept established,related, untracked" connection-state=\
    established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
    connection-state=invalid
add action=drop chain=forward comment=\
    "defconf:  drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
    connection-state=new in-interface-list=WAN
add action=drop chain=forward comment="Block guest from main" dst-address=\
    10.10.1.0/24 src-address=10.10.2.0/24
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
    ipsec-policy=out,none out-interface-list=WAN
add action=dst-nat chain=dstnat comment="Forward to HASS" dst-address=\
    !10.10.1.1 dst-address-type=local dst-port=8123 protocol=tcp \
    to-addresses=10.10.1.10 to-ports=8123
add action=masquerade chain=srcnat comment="Hairpin for NAS" dst-address=\
    10.10.1.10 src-address=10.10.1.0/24
add action=dst-nat chain=dstnat comment="Forward to Synology" dst-address=\
    !10.10.1.1 dst-address-type=local dst-port=8080 protocol=tcp \
    to-addresses=10.10.1.10 to-ports=5000
add action=dst-nat chain=dstnat comment="Forward to PLEX" dst-address=\
    !10.10.1.10 dst-port=32400 protocol=tcp to-addresses=10.10.1.10 to-ports=\
    32400
add action=masquerade chain=srcnat comment="masq. vpn traffic" src-address=\
    192.168.89.0/24
add action=dst-nat chain=dstnat comment="Minecraft forward" disabled=yes \
    dst-address=!10.10.1.1 dst-port=25565 protocol=tcp to-addresses=\
    10.10.1.180 to-ports=25565
add action=dst-nat chain=dstnat comment=Reolink disabled=yes dst-address=\
    !10.10.1.1 dst-address-type=local dst-port=1234 protocol=tcp \
    to-addresses=10.10.1.80 to-ports=80
add action=dst-nat chain=dstnat comment="HASS FTP" disabled=yes dst-address=\
    !10.10.1.1 dst-address-type=local dst-port=21 protocol=tcp to-addresses=\
    10.10.1.15 to-ports=21
/ip ssh
set allow-none-crypto=yes forwarding-enabled=remote
/ip upnp
set enabled=yes
/ppp secret
add name=*** profile=**VPN
add name=vpn profile=default-encryption
/system clock
set time-zone-name=Europe/Brussels
/system identity
set name="MikroTik Router"
/tool bandwidth-server
set authenticate=no
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN
Top
 
kravietz81
just joined
Posts: 3
Joined: Wed Nov 23, 2022 10:59 pm
Location: Poland 🇵🇱

Re: Lag spikes from cAP AC with capsman

Wed Dec 14, 2022 11:48 pm

Hi. I have the same set of key devices (RouterBOARD 3011UiAS & 2x RBcAPGi-5acD2nD) and experience the same issue with wifi. The thing is that I need to stream because I work from home. I've changed devices to Mikrotik basing on good opinions which I read in internet. But now I'm little confused.

Going back to subject => sometimes I have just lags and sometimes connection drops for couple of seconds and is established again. This behavior is visible on random devices so it is not related to the device.

It's annoying. I'm searching for solution, playing with different settings. Without result so far.

Can anyone help me with setting this up?
Top
 
User avatar
bpwl
Forum Guru
Forum Guru
Posts: 2993
Joined: Mon Apr 08, 2019 1:16 am

Re: Lag spikes from cAP AC with capsman

Thu Dec 15, 2022 1:21 am

Wifi connection looks ok. But ...
In a busy wifi environment (neighbors included) you probably need priority for the game data stream to avoid lag variation.
Wifi airtime contention varies over time, and all transmitters at priority 0 are handled equal at the lowest (BE) priority
The fast ones AND the slow ones have the same statistical chance to grab a transmit timeslot.
A slow transmitter will take much more time, keeping the channel busy, than a fast transmitter. And there is only one talker allowed ever per channel!

Setting WMM priority is not just one parameter in RouterOS. WMM must be enabled, Priority must be set different from the low 0 ! AMPDU enabled for that priority if high volume.
Priority setting on packets is not transmitted between RouterOS devices.
(Where do you set priority in CAPsMAN? On the CAP or CAPsMAN controller? Don't know. FW, bridge, VLAN ?)

And on 2.4GHz, the microwave oven can disturb the channels.
Top
 
kravietz81
just joined
Posts: 3
Joined: Wed Nov 23, 2022 10:59 pm
Location: Poland 🇵🇱

Re: Lag spikes from cAP AC with capsman

Sat Dec 17, 2022 3:09 pm

Setting WMM priority is not just one parameter in RouterOS. WMM must be enabled, Priority must be set different from the low 0 ! AMPDU enabled for that priority if high volume.
Priority setting on packets is not transmitted between RouterOS devices.
(Where do you set priority in CAPsMAN? On the CAP or CAPsMAN controller? Don't know. FW, bridge, VLAN ?)

And on 2.4GHz, the microwave oven can disturb the channels.
Thanks for prompt reply.

I don't have microwave, and I think that using it would disturb connection shortly. But I will have that in mind in case I start using one.

Refering to your other questions I have default settings beside CAPsMAN where I set wifi on access points.

I don't know how to check/set those parameters you've mentioned. I know that I would like to have all settings in one place - in my case in router rather than in CAPs.

Is there a simple way to change priority for Teams, GlobalProtect and VMware to the highest, games middle, other trafic to base/lowest priority?
Top
 
User avatar
bpwl
Forum Guru
Forum Guru
Posts: 2993
Joined: Mon Apr 08, 2019 1:16 am

Re: Lag spikes from cAP AC with capsman

Sat Dec 17, 2022 6:44 pm

I think classification of Teams, GlobalProtect and VMware to the highest, games middle, should be done with DSCP at the edge (internet facing) router. DSCP tags are forwarded with the data.

DSCP to priority setting is done with Firewall mangle rule for standalone AP. viewtopic.php?t=161381#p795540

How this should be done for CAPsMAN is not documented AFAIK. So I don't know where to set priority: in CAPsMAN controller or in the CAP itself. Could be different for central (CAPWAP tunnel) or local delivery. Does a CAPsMAN controlled WLAN driver pick up priority as set in the controller, or at the CAP? Mystery to me. Not easy to test, because don't know how to make "priority" visible. "Priority" is not forwarded between routers says MT wiki.
Top
 
UpRunTech
Member Candidate
Member Candidate
Posts: 213
Joined: Fri Jul 27, 2012 12:11 pm

Re: Lag spikes from cAP AC with capsman

Wed Jan 04, 2023 10:28 pm

How this should be done for CAPsMAN is not documented AFAIK. So I don't know where to set priority: in CAPsMAN controller or in the CAP itself. Could be different for central (CAPWAP tunnel) or local delivery. Does a CAPsMAN controlled WLAN driver pick up priority as set in the controller, or at the CAP? Mystery to me. Not easy to test, because don't know how to make "priority" visible. "Priority" is not forwarded between routers says MT wiki.
I have always assumed you need to place this set prio mangle rule wherever the eth-wifi bridge is. For local-forward systems you need to do it on each remote access point. On non-local-forward systems just the CAPSMAN controller. For systems with mixed non/local-forward SSID systems then both the CAPSMAN controller and access points. I have always set it up this way.
Top
Post Reply

Who is online

Users browsing this forum: No registered users and 24 guests
  4. RouterOS
  5. Wireless Networking