I am back with a new wifi issue! (yey!)
I have 4 cAP ax access points scattered evenly across my office. They are all managed centrally by a CAPsMAN.
My issue is that, at some random moments (~once per hour), an AP becomes unreachable for a small amount of times (~50 seconds) making all my clients roam to the nearest AP which is too far to have a good connection.
I have properly configured my APs to be able to roam efficiently (or at least I think I did), and everything works well, until one of the APs decides to freak out.
Here is what the logs produce (in this example, the AP-Brainstorming AP stops working properly)
Code: Select all
Jul/01/2024 16:17:59 wireless,info E4:0D:36:F4:16:F4@AP-Brainstorming-5g roamed to E4:0D:36:F4:16:F4@AP-Prod-5g, signal strength -73
Jul/01/2024 16:17:59 wireless,info 20:C1:9B:B8:C8:15@AP-Brainstorming-5g roamed to 20:C1:9B:B8:C8:15@AP-Prod-5g, signal strength -64
Jul/01/2024 16:17:59 wireless,info 38:87:D5:09:BE:CE@AP-Brainstorming-5g roamed to 38:87:D5:09:BE:CE@AP-Prod-5g, signal strength -59
Jul/01/2024 16:17:59 wireless,info 64:79:F0:CA:F9:36@AP-Brainstorming-5g roamed to 64:79:F0:CA:F9:36@AP-Startup-5g, signal strength -74
Jul/01/2024 16:17:59 wireless,info C4:D0:E3:05:42:45@AP-Brainstorming-5g roamed to C4:D0:E3:05:42:45@AP-Prod-5g, signal strength -53
Jul/01/2024 16:18:00 wireless,info AE:ED:53:78:32:11@AP-Brainstorming-5g roamed to AE:ED:53:78:32:11@AP-Startup-5g, signal strength -84
Jul/01/2024 16:18:01 wireless,info 80:A9:97:12:22:F4@AP-Brainstorming-5g roamed to 80:A9:97:12:22:F4@AP-Prod-5g, signal strength -81
Jul/01/2024 16:18:01 wireless,info 80:A9:97:10:AC:73@AP-Brainstorming-5g roamed to 80:A9:97:10:AC:73@AP-Prod-5g, signal strength -76
Jul/01/2024 16:18:21 wireless,info 80:A9:97:12:22:F4@AP-Prod-5g roamed to 80:A9:97:12:22:F4@AP-Brainstorming-5g, signal strength -70
Jul/01/2024 16:18:21 wireless,info 80:A9:97:12:22:F4@AP-Brainstorming-5g reconnecting, signal strength -69
Jul/01/2024 16:18:21 wireless,info 80:A9:97:12:22:F4@AP-Brainstorming-5g connected, signal strength -69
Jul/01/2024 16:18:22 wireless,info 80:A9:97:12:22:F4@AP-Brainstorming-5g roamed to 80:A9:97:12:22:F4@AP-Startup-5g, signal strength -83
Jul/01/2024 16:18:54 wireless,info E4:0D:36:F4:16:F4@AP-Startup-5g roamed to E4:0D:36:F4:16:F4@AP-Brainstorming-5g, signal strength -69
Jul/01/2024 16:18:55 wireless,info 80:A9:97:10:AC:73@AP-Startup-5g roamed to 80:A9:97:10:AC:73@AP-Brainstorming-5g, signal strength -70
Jul/01/2024 16:19:05 wireless,info 80:A9:97:12:22:F4@AP-Startup-5g roamed to 80:A9:97:12:22:F4@AP-Brainstorming-5g, signal strength -72
Jul/01/2024 16:19:10 wireless,info 64:79:F0:CA:F9:36@AP-Startup-5g roamed to 64:79:F0:CA:F9:36@AP-Brainstorming-5g, signal strength -56
Here is my interpretation:
- 16:18:00 - Everybody roams away due to inaccessibility of the AP
- 16:18:21 - One of the clients try to connect again, but fails
- 16:18:55 - The AP is working again and all the clients are connecting back to it
Here is my wifi setup:
Code: Select all
/interface wifi channel
add band=5ghz-ax disabled=no name=5ghz skip-dfs-channels=all width=20/40/80mhz
/interface wifi security
add authentication-types=wpa2-psk connect-priority=0/1 disable-pmkid=yes disabled=no ft=yes ft-mobility-domain=0x23BE ft-over-ds=yes name=Main wps=disable
add authentication-types=wpa2-psk disabled=no name=Guest wps=disable
/interface wifi steering
add disabled=no name=steering1 rrm=yes wnm=yes
/interface wifi configuration
add channel=5ghz country=France disabled=no mode=ap name="Guest 5ghz" security=Guest security.disable-pmkid=yes .ft=yes .ft-mobility-domain=0xFC34 .ft-over-ds=yes ssid=Guest tx-power=14
add channel=5ghz channel.frequency=5180 .skip-dfs-channels=all country="United States" disabled=no name="Main 5ghz B" security=Main security.ft=yes .ft-mobility-domain=0x23BE .ft-over-ds=yes ssid=Wifi-Prive steering=steering1 tx-power=14
add channel=5ghz channel.frequency=5745 .skip-dfs-channels=all country="United States" disabled=no name="Main 5ghz H" security=Main security.ft=yes .ft-mobility-domain=0x23BE .ft-over-ds=yes ssid=Wifi-Prive steering=steering1 tx-power=14
add channel=5ghz channel.frequency=5745 .skip-dfs-channels=all country="United States" disabled=no name="Main 5ghz P" security=Main security.ft=yes .ft-mobility-domain=0x23BE .ft-over-ds=yes ssid=Wifi-Prive steering=steering1 tx-power=14
add channel=5ghz channel.frequency=5180 .skip-dfs-channels=all country="United States" disabled=no name="Main 5ghz S" security=Main security.ft=yes .ft-mobility-domain=0x23BE .ft-over-ds=yes ssid=Wifi-Prive steering=steering1 tx-power=14
/interface wifi
add configuration="Main 5ghz B" disabled=no name=AP-Brainstorming-5g radio-mac=78:9A:18:CB:21:1A
add configuration="Guest 5ghz" disabled=no mac-address=7A:9A:18:CB:21:1A master-interface=AP-Brainstorming-5g name=AP-Brainstorming-5g2
add configuration="Main 5ghz H" disabled=no name=AP-Hub-5g radio-mac=78:9A:18:CB:21:70
add configuration="Guest 5ghz" disabled=no mac-address=7A:9A:18:CB:21:70 master-interface=AP-Hub-5g name=AP-Hub-5g2
add configuration="Main 5ghz P" disabled=no name=AP-Prod-5g radio-mac=78:9A:18:C9:6C:71
add configuration="Guest 5ghz" disabled=no mac-address=7A:9A:18:C9:6C:71 master-interface=AP-Prod-5g name=AP-Prod-5g2
add configuration="Main 5ghz S" disabled=no name=AP-Startup-5g radio-mac=48:A9:8A:E3:3C:28
add configuration="Guest 5ghz" disabled=no mac-address=4A:A9:8A:E3:3C:28 master-interface=AP-Startup-5g name=AP-Startup-5g2
/interface wifi cap
set certificate=request discovery-interfaces=sfp-sfpplus1
/interface wifi capsman
set ca-certificate=auto certificate=auto enabled=yes interfaces=vlan99 package-path="" require-peer-certificate=no upgrade-policy=none
/interface wifi provisioning
add action=create-enabled comment="Brainstorming 5ghz" disabled=no master-configuration="Main 5ghz B" name-format=%I-5g radio-mac=78:9A:18:CB:21:1A slave-configurations="Guest 5ghz"
add action=create-enabled comment="Prod 5ghz" disabled=no master-configuration="Main 5ghz P" name-format=%I-5g radio-mac=78:9A:18:C9:6C:71 slave-configurations="Guest 5ghz"
add action=create-enabled comment="Hub 5ghz" disabled=no master-configuration="Main 5ghz H" name-format=%I-5g radio-mac=78:9A:18:CB:21:70 slave-configurations="Guest 5ghz"
add action=create-enabled comment="Startup 5ghz" disabled=no master-configuration="Main 5ghz S" name-format=%I-5g radio-mac=48:A9:8A:E3:3C:28 slave-configurations="Guest 5ghz
Some comments about my configuration:
- When sniffing the networks, my APs appear to be implementing 802.11d/e/h/i/r
- The steering feature has been enabled recently but did not seem to change anything to my networks (I would have thought it would add 802.11v & 802.11k, but it did not change a thing)
- Even though I am in France, I am using the United States country. Indeed, there seems to be a bug that limits the tx-power a lot too much when setting the France country (I am limiting the tx-power however to enforce the country actual limits).
- WPA3 has been disabled as it seems to be poorly compatible with Apple products
- If I don't set the connect-priority=0/1 parameter, the devices don't roam at all (I have tested it again recently on 7.15.1). I really don't understand why I need this one, but well, maybe a bug from Mikrotik?
- I am willingly using the 5180 & 5745 channels as they are the only two 80mhz channels that are not on DFS and avoid the AP to spend time looking for radars and eventually disconnecting
- I am willingly enforcing the specific channels to avoid the AP to spend time searching for the available channels around
Final note: when monitoring my network using Nirsoft WifiInfoView, I could notice a RSSI of -100 on the buggy AP during the outrage.
Final final note: These issues seem to have risen in the latest versions of RouterOS (I would say it started around 7.14)
Any help would be welcome!
