I've just started a test setup for CAPS manager. Network consists of:
- one RB2011UAS-2HnD (will act as Caps manager)
- one RB333 (will act as Caps client)
both of them running 6.15 with wireless-fp enabled. They are connected via ethernet link, same subnet with no filtering.
I've tried to setup caps using example given in Mikrotik manual.
here is code for caps manager (RB2011):
Code: Select all
# jun/23/2014 13:17:31 by RouterOS 6.15
# software id = IHI0-I60U
#
/caps-man security
add authentication-types=wpa2-psk encryption=aes-ccm name=wpa2psk
/caps-man configuration
add channel.band=2ghz-b/g/n channel.frequency=2442 channel.width=20 datapath.bridge=bridge1 datapath.bridge-cost=8 name=master-cfg security=wpa2psk
security.passphrase=12345678 ssid=master
add datapath.bridge=bridge1 datapath.bridge-cost=8 name=slave-cfg security=wpa2psk security.passphrase=87654321 ssid=slave
/caps-man manager
set enabled=yes
/caps-man provisioning
add action=create-dynamic-enabled master-configuration=master-cfg slave-configurations=slave-cfg
Code: Select all
# jun/23/2014 13:18:34 by RouterOS 6.15
# software id = 5TAV-4HIF
#
/interface wireless cap
set bridge=bridge1 caps-man-addresses=10.10.1.252 discovery-interfaces=\
bridge1 enabled=yes interfaces=muezin-24n
1. As long as there are no wireless clients connected manager-ap connection stays stable
2. Provisioning works OK, all provisioned SSIDS are available
3. it takes quite a long time for a client to get in
3. during association I can see that capXX port in RB2011 bridge gets enabled
4. after a while wireless device gets disconnected with following messages in RB2011 log (I've connected device at 13:21):
13:21:58 wireless,debug CAP Run->DtlsTeardown
13:21:58 wireless,info CAP disconnected from muezin-rtr (D4:CA:6D:8D:80:60/7/0)
13:21:58 wireless,debug CAP DtlsTeardown->Idle
13:21:58 wireless,debug CAP discovery target list:
13:21:58 wireless,debug ::ffff:10.10.1.252:5246
13:21:58 wireless,debug ::ffff:255.255.255.255:5246
13:21:58 wireless,debug FF:FF:FF:FF:FF:FF/0/0
13:21:58 wireless,debug CAP Idle->Discover
13:22:01 wireless,debug CAP discovery over, results:
13:22:01 wireless,debug muezin-rtr (::ffff:10.10.1.252:5246)
13:22:01 wireless,debug CAP Discover->Select
13:22:01 wireless,info CAP selected muezin-rtr (::ffff:10.10.1.252:5246)
13:22:01 wireless,debug CAP Select->PMTUDiscover
13:22:01 wireless,debug CAP PMTUDiscover->DtlsSetup
13:23:01 wireless,debug CAP DtlsSetup->DtlsTeardown
13:23:01 wireless,info CAP failed to join muezin-rtr (::ffff:10.10.1.252:5246)
13:23:01 wireless,debug CAP DtlsTeardown->Select
13:23:01 wireless,debug CAP did not find suitable CAPsMAN
13:23:01 wireless,debug CAP Select->Sulking
13:23:06 wireless,debug CAP Sulking->Idle
13:23:06 wireless,debug CAP discovery target list:
If I setup a client with static IP it gets connected, but any client-orginated traffic results in DTLS teardown.
I've played with other setups:
1. using certificates - with the same result
2. using local forwarding mode - device stays connected, gets IP but quality of transmission is very bad - long packets are broken or lost, short one (like ping, dns) are forwarded mostly ok (only 10-30% packets lost - remember that backend is a 100Mbps eth).
3. trying different setups that are given in mikrotik's example - but always the same result: CAPS forwarding results in DTLS teardown, local mode is not reliable.
Unfortunatelly I don't have other Mikrotik devices to test - so I wonder if anyone got mipsbe and ppc working together in CAPS mode?
It looks like a bug....
regards
Maciej
