Community discussions

MikroTik App
 
adler007
just joined
Topic Author
Posts: 5
Joined: Mon Jul 22, 2024 12:26 am

Multi AP Home Setup Examples with CAPsMAN v2

Mon Jul 22, 2024 12:33 am

Hi folks,

I got 3 devices that i am trying to setup for my home using capsman v2; a cap ax, a mantbox ax, and a hap ac3.
Goal is to get to use a single ssid for everything; both bands, all APs, managed thorugh CAPsMAN for roaming benefits.
I am really struggling with the config, with random behavior; disconnects, devices not connecting, etc; emphasis on random, can't find the pattern.
Tried to keep the config as simple as i can muster, with basically everything on defaults.

Is there an example of a multi-AP setup manage through CAPs v2, with functional roaming, that I could take inspitation from?


Thanks!
 
gigabyte091
Forum Guru
Forum Guru
Posts: 1518
Joined: Fri Dec 31, 2021 11:44 am
Location: Croatia

Re: Multi AP Home Setup Examples with CAPsMAN v2

Mon Jul 22, 2024 6:18 am

So first step is to post your configuration of the device that acts as your CAPsMAN controller. There is example on ROS wiki page for CAPsMAN config and you can just add new devices to the system.

For hAP ac3 you installed wifiwave2 drivers I presume ? So it can be connected to CAPsMAN v2.
 
User avatar
Nullcaller
Member Candidate
Member Candidate
Posts: 173
Joined: Mon Oct 16, 2023 3:09 pm

Re: Multi AP Home Setup Examples with CAPsMAN v2

Mon Jul 22, 2024 9:49 am

Without knowing your config and assuming you did everything correctly, the steps for debugging are:
  1. Update every piece of equipment to the latest software and firmware version. Not only RouterOS devices, but ideally all equipment. Keep in mind that there are two separate things you need to upgrade with MikroTik devices: RouterOS (system -> packages) and firmware (system -> routerboard -> upgrade).
  2. Make sure ax devices use the wifi-qcom package, and the ac devices (hAP ac3) use wifi-qcom-ac.
  3. Make sure the physical layer and layer-2 stuff (switches, cables, etc) is up to snuff. You can usually use RouterOS logs to debug ethernet issues.
  4. Check that roaming features are enabled (in security -> ft, ft-enabled and ft-over-ds).
  5. Try and use very basic security settings (WPA2 only, passphrase setup, everything else left at defaults)
  6. Try and use very basic configuration settings (pretty much everything at defaults)
  7. Manually set up channels for CAPs, avoiding DFS channels for the time being, since DFS events can obviously cause disconnects, and that's what we're debugging. Don't set 'band' value explicitly anywhere except in provisioning rules, CAPs will use the best they have automatically.
  8. Manually set TX power values to 10...18 dBm first, and then play around with them to better inform client roaming decisions. If there's a single AP screaming its radios off at 30 dBm, by the time a client decides to roam away from the AP or just contact it at a great distance, it may no longer be in range of the AP (it still hears the AP, but doesn't have enough radio power to send anything to it), that can cause problems.
  9. Disable RSTP on all AP bridges (it used to complicate roaming and delay connection to WiFi on ROS6; shouldn't be needed with fast transition enabled, but who knows; it still delays connection times and is not needed at home, so...)
  10. In wifi -> datapath, remove the bridges from datapaths on all APs and add WiFi interfaces to bridges manually. This is completely just a hail mary. It works okay with interfaces added dynamically, but theoretically could delay AP coming back up after reconnecting to CAPsMAN.

P.S. It's not CAPsMAN v2. CAPsMAN v2 is 10 years old at this point. The new CAPsMAN thingamajig MikroTik introduced in RouterOS 7 doesn't actually have a name. The best distinction we have is "WiFi CAPsMAN".
 
adler007
just joined
Topic Author
Posts: 5
Joined: Mon Jul 22, 2024 12:26 am

Re: Multi AP Home Setup Examples with CAPsMAN v2

Mon Jul 22, 2024 10:31 am

Yeah, i am on wifi wave2 and capsman v2.
Exported wifi config of the current setup, with some elements removed for brevity. Created in a rush last night just ot have most things working; i think i am missing 2 interfaces on cap-ax for <ssid2> and <ssid5>.
To note, these are only AP, no routing on them.
My ideal setup would be <ssid> as the only ssid used in the house for both bands and all AP with fast roaming; i have <ssid2> and <ssid5> setup also as i have some devices still configured to use them - will reconfigure them in the future and disable the config. got <ssid_iot> for certain iot devices, but not setup to handle traffic in any special way, for now.

The behavior on this type of setup is random disconnects of clients and sometimes clients unable to connect at all - phones switching to mobile data (and staying o mobile data for minutes), or TV losing connection and scewing up my YT watching :) It's not a problem of signal coverrage as for eg in my office my laptop is around 1m from the hap ac3, or the TV is around 3m from cap ax.
/interface bridge
add igmp-snooping=yes igmp-version=3 name=bridge1
/interface wifi security
add authentication-types=wpa2-psk,wpa3-psk connect-priority=0 disabled=no \
    name=<ssid>
add authentication-types=wpa2-psk,wpa3-psk connect-priority=0 disabled=no \
    name=iot
/interface wifi configuration
add country=Netherlands disabled=no mode=ap name=<ssid2> security=<ssid> \
    security.ft=yes .ft-over-ds=yes ssid=<ssid2>
add country=Netherlands disabled=no mode=ap name=<ssid5> security=<ssid> \
    security.connect-priority=0 .ft=yes .ft-over-ds=yes ssid=<ssid5>
add country=Netherlands disabled=no mode=ap name=<ssid_iot> security=iot \
    security.ft=yes .ft-over-ds=yes ssid=<ssid_iot>
add country=Netherlands disabled=no mode=ap name=<ssid> security=<ssid> \
    security.ft=yes .ft-over-ds=yes ssid=<ssid>
/interface wifi
set [ find default-name=wifi2 ] configuration=<ssid2> configuration.mode=ap \
    disabled=no name=cap-ax-wifi2ghz
set [ find default-name=wifi1 ] configuration=<ssid5> configuration.mode=ap \
    disabled=no name=cap-ax-wifi5ghz
add configuration=<ssid2> configuration.mode=ap mac-address=4A:A9:8A:E5:18:4A \
    master-interface=cap-ax-wifi2ghz name=<ssid2>
add configuration=<ssid> configuration.mode=ap mac-address=4A:A9:8A:E5:18:47 \
    master-interface=cap-ax-wifi2ghz name=<ssid2_unified> \
    security.connect-priority=0
add configuration=<ssid5> configuration.mode=ap mac-address=4A:A9:8A:E5:18:4A \
    master-interface=cap-ax-wifi5ghz name=<ssid5>
add configuration=<ssid_iot> configuration.hide-ssid=no .mode=ap disabled=no \
    mac-address=4A:A9:8A:E5:18:48 master-interface=cap-ax-wifi2ghz name=\
    <ssid_iot> security.connect-priority=0

/interface bridge port
add bridge=bridge1 interface=all
/ip firewall connection tracking
set udp-timeout=10s
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/interface wifi access-list
add action=accept comment=heatbooster-bedroom disabled=no mac-address=\
    F4:12:FA:32:FC:64
add action=accept comment=Heatbooster-reading-area disabled=no interface=\
    <ssid>_iot mac-address=40:4C:CA:62:3F:74
#more access list entries; mostly there for the comment

/interface wifi cap
set certificate=none
/interface wifi capsman
set enabled=yes package-path="" require-peer-certificate=no upgrade-policy=\
    none
/interface wifi provisioning
add action=create-enabled disabled=yes master-configuration=<ssid2> \
    slave-configurations=<ssid_iot> supported-bands=2ghz-n
add action=create-dynamic-enabled disabled=no master-configuration=<ssid5> \
    name-format=cap-%I-5Ghz- slave-configurations=<ssid> supported-bands=\
    5ghz-ac
add action=create-dynamic-enabled disabled=no master-configuration=<ssid2> \
    name-format=cap-%I-2Ghz- slave-configurations=<ssid> supported-bands=\
    2ghz-n
add action=create-enabled disabled=yes master-configuration=<ssid5> \
    supported-bands=5ghz-ax,5ghz-ac
add action=create-dynamic-enabled disabled=yes master-configuration=<ssid> \
    name-format=cap-%I- slave-configurations=<ssid_iot>
/ip address
add address=192.168.1.16/24 interface=bridge1 network=192.168.1.0
/ip cloud
set ddns-enabled=yes
/ip dhcp-client
add !dhcp-options disabled=yes interface=bridge1
/ip dns
set servers=192.168.1.1,8.8.8.8
/ip kid-control
add fri=0s-1d mon=0s-1d name=system-dummy sat=0s-1d sun=0s-1d thu=0s-1d tue=\
    0s-1d tur-fri=0s-1d tur-mon=0s-1d tur-sat=0s-1d tur-sun=0s-1d tur-thu=\
    0s-1d tur-tue=0s-1d tur-wed=0s-1d wed=0s-1d
/ip route
add disabled=no dst-address=0.0.0.0/0 gateway=192.168.1.1 routing-table=main \
    suppress-hw-offload=no
/system logging
add topics=debug,wireless
 
User avatar
spippan
Member
Member
Posts: 463
Joined: Wed Nov 12, 2014 1:00 pm

Re: Multi AP Home Setup Examples with CAPsMAN v2

Mon Jul 22, 2024 12:36 pm

would like to achieve the same with 2 APs (hap ac2) and capsman v2 on a RB1100x4AH with the only addition of 3 SSIDs (where each SSID belongs to a different VLAN)
hopefully i gain some advice here by a basic setup solved
 
adler007
just joined
Topic Author
Posts: 5
Joined: Mon Jul 22, 2024 12:26 am

Re: Multi AP Home Setup Examples with CAPsMAN v2

Mon Jul 22, 2024 8:03 pm

A very curious symptom.
I was connected, line of sight & few m away, to the AP that host CAPsMAN and had random and rahter frequent ICMP drops.

Just by disabling CAPsMAN ICMP became rock stable, no packet lost; obviously the other AP disappeared from the remote cap list.
Re-enabling CAPsMAN back, eventually the remote APs connected back, but surprisingly, ICMP remained rock solid.....

As if, something got built up under CAPsMAN which got flushed/reset disabling it and it takes time to build back....
I'll proceed to disable IGMP and RSTP and see if that keeps things stable.
 
User avatar
Nullcaller
Member Candidate
Member Candidate
Posts: 173
Joined: Mon Oct 16, 2023 3:09 pm

Re: Multi AP Home Setup Examples with CAPsMAN v2

Tue Jul 23, 2024 12:05 pm

Do you have a device that connects both to WiFi and Ethernet, and attempts to bridge them, perchance? That would be extremely weird, but would potentially pin the issue down on RSTP disabling wifi interfaces because of a detected loop.

A little network topology drawing and CAP configurations would be of help.

Also, your network set up is, while not that far from default, definitely isn't as close as you can get. If it turns out it still doesn't work, as a part of the debugging process, consider redoing configuration, with configuration changes kept at an absolute minimum. One SSID, no IGMP snooping, no access lists, none of that stuff. Make configuration changes I advised you to make in my previous "debugging steps" post, though. Then, if everything is working perfectly, start adding things.
 
adler007
just joined
Topic Author
Posts: 5
Joined: Mon Jul 22, 2024 12:26 am

Re: Multi AP Home Setup Examples with CAPsMAN v2

Tue Jul 23, 2024 2:29 pm

The only loops i can imagine are from client deivces, like raspberry pi or laptops/dekstop that have both wifi and ethernet.
Found some other problems with the radio spectrum i think.
HAP ac3 has 24db transmit power on 5ghz, which seems ok considerign 6db antenna.
mANTBox ax as 15db transmit power and considering 15db antenna seems ok.
CAP AX has 8db transmit power, which is not what is expected for a 5.5db antenna.

Currently removed country setting for the 5ghz, which should mean Latvia.

Need to now research the 8db problem and observe the setup.
I am now using the AP as simple AP w/o CAP and trying to get this setup to work, then i'll activate CAP again.
 
User avatar
Nullcaller
Member Candidate
Member Candidate
Posts: 173
Joined: Mon Oct 16, 2023 3:09 pm

Re: Multi AP Home Setup Examples with CAPsMAN v2

Wed Jul 24, 2024 5:43 am

CAP AX has 8db transmit power, which is not what is expected for a 5.5db antenna.

Ah. Good ol' european 14 dBm TX power limit on channel 155 (in 5710-5875 MHz, really). Real 5.5 dBi antenna gain gets rounded up to 6 dBi for regulatory purposes, and then <target max regulatory EIRP> - <antenna gain> = 14 dBm - 6 dBi = 8 dBm. Force static channels onto APs, avoid channels higher than 5710 MHz. Use this wikipedia article in case of confusion.
 
adler007
just joined
Topic Author
Posts: 5
Joined: Mon Jul 22, 2024 12:26 am

Re: Multi AP Home Setup Examples with CAPsMAN v2

Wed Jul 24, 2024 2:00 pm

Static channels was next on my todo; learning smth every day.

Thanks!

Who is online

Users browsing this forum: No registered users and 8 guests