Page 1 of 1
Virtual AP and NV2
Posted: Wed Apr 13, 2011 12:35 pm
by Ciambot
Hello Mikrotik staff,
when will Virtual AP be support by nv2 protocol?
I need it!
Re: Virtual AP and NV2
Posted: Wed Apr 13, 2011 1:01 pm
by sergejs
We do not have plans to implement this feature.
What is the purpose for VAP and NV2? Is there any use for it?
You can use VLAN to separate clients connected to the same AP, there is no overhead from using VLAN and NV2 on single AP (wireless interface allows to set higher MTU,
http://wiki.mikrotik.com/wiki/Manual:Ma ... 2.2FL2_MTU
).
Re: Virtual AP and NV2
Posted: Thu Apr 14, 2011 11:33 am
by ilnicchio
Yes there is a very usefull things that i can do with virtual AP:
I can give to some customer the virtual wisp service, creating a virtual ap for the customer(virtual wisp), I can automatically assign the client to the virtual wisp vlan basing on SSID.... how I can do the same with nv2?
Re: Virtual AP and NV2
Posted: Thu Apr 28, 2011 11:16 am
by ilnicchio
How can we implement this kind o solution??? We have a very big project, where we spend many word about the very nice feature of Virtual AP... How we can do the same in other way?... HELP US!!!
Re: Virtual AP and NV2
Posted: Tue Jul 19, 2011 10:39 pm
by ilnicchio
Any news about VAP in NV2 protocol?
Why we're loosing functionality with this new wireless protocol?
Say us that your are thinking about it... please...
Re: Virtual AP and NV2
Posted: Wed Jul 20, 2011 12:43 pm
by normis
Sergejs already gave you all the answers, did you read his post above?
Re: Virtual AP and NV2
Posted: Sat Jul 23, 2011 1:20 am
by chadd
We do not have plans to implement this feature.
What is the purpose for VAP and NV2? Is there any use for it?
You can use VLAN to separate clients connected to the same AP, there is no overhead from using VLAN and NV2 on single AP (wireless interface allows to set higher MTU,
http://wiki.mikrotik.com/wiki/Manual:Ma ... 2.2FL2_MTU
).
I don't use Virtual AP on a daily basis but I have used it numerous times in the past when changing SSID schemes or to move some customers from one AP to another temporarily without having to log into each customer and change their SSID. It is/was a very helpful feature.
Re: Virtual AP and NV2
Posted: Sun Jul 24, 2011 9:06 am
by pedja
I always use Vurtual AP. As Mikrotik does not handle weel when one must replace wireless interface, I found using Virtuall AP saving feature. I never connect users to native AP, always to Virutal AP, so when I have to replace card, I simply attach Virtual AP to new interface.
Re: Virtual AP and NV2
Posted: Mon Jul 25, 2011 12:56 am
by changeip
yes, exactly - running hotspot on a virtual ap saves a lot of time when swapping configs / cards.
Re: Virtual AP and NV2
Posted: Mon Jul 25, 2011 2:27 am
by WirelessRudy
We do not have plans to implement this feature.
What is the purpose for VAP and NV2? Is there any use for it?
You can use VLAN to separate clients connected to the same AP, there is no overhead from using VLAN and NV2 on single AP (wireless interface allows to set higher MTU,
http://wiki.mikrotik.com/wiki/Manual:Ma ... 2.2FL2_MTU
).
Can MT change the plans on this feature please? I use it like others mentioned as well, to avoid problems when cards are down or when I need to swap SSID's I use the virtual AP. Very handy. So now all my AP networks are NV2 I can't do that anymore? What a loss....
Re: Virtual AP and NV2
Posted: Mon Aug 01, 2011 2:14 pm
by ilnicchio
the sergejs answer it's not a real answer for my problem.
We need to implement a multiprovider network based on MPLS/VPLS on the backhaul side and VAP/VPLS on the acces side...
How we can do it?
Re: Virtual AP and NV2
Posted: Tue Nov 29, 2011 11:42 am
by sup5
Are there any news regarding this issue?
I need VAP, because traffic separation by VLAN is NOT secure. (All VLANs will reach the customers site!)
But traffic separation using VAPs with different security profiles IS. (Only selected VLANs reach the customers site)
Also the before mentioned configuration advantages of VAP are very important to me.
I use rather complex setups with VLANs on VAPs.
So NV2 without VAP is a big step backward here, topology-wise.
VAP also enables quick'n'dirty hacks such as creating a Hotspot for my Clients on top of the wireless backbone.
Or the other way around: abuse the Hotspot to make a connection to the backbone.
All these possibilities are gone without VAP.
Re: Virtual AP and NV2
Posted: Tue Nov 29, 2011 9:20 pm
by NetworkPro
I saw three different useful purposes explained by different users. I have used one of these three and it saved my life.
Re: Virtual AP and NV2
Posted: Sun Feb 26, 2012 3:35 pm
by diode
Hi !
One more issue not beeing solveable without virtual ap:
Usually, I have one general SSID on a sender, where customers can roam between if one segment fails, for additional redundancy.
Some customers usually will connect to the weaker signal for unknown reason, I do connect these to a sector specific SSID which is realised by Virtual AP.
Also, sharing a cell tower & APs with another provider needs Virtual APs for splitted IP connectivities, useing different security profiles (as the companys have different security configurations)
I wouldn't need this functionality, if clients would do some type of "background scan" therefore always selecting the strongest signal even when connected to a weaker one.
the older nstreme protocol also had it ....
NV2 is a huge improvment in crowded sectors, in throughput and response time - really many thanks for that.
Greetings Maria / WISP in Austria
Re: Virtual AP and NV2
Posted: Sun Mar 04, 2012 7:38 pm
by karina
Add my name to the list as would love to use NV2 but cannot as i use VAP`s in various scenarios.
Re: Virtual AP and NV2
Posted: Wed May 02, 2012 3:28 pm
by tnarnold
and my.
Re: Virtual AP and NV2
Posted: Sat Jun 23, 2012 7:19 pm
by maxstel
Mine too...
Re: Virtual AP and NV2
Posted: Sun Jul 15, 2012 8:59 pm
by fresnel
Add my name too! I just found out yesterday the hard way that it is not supported!!
Re: Virtual AP and NV2
Posted: Sun Jul 15, 2012 9:22 pm
by karina
yesterday VAP saved my life. i have array of 3 sectors. one went down. i was able to restore service to 90% of the effected clients by cloning the dead AP with an VAP on one of the remaining sectors.
Honestly Mikrotik VAP is very important.
I need NV2 but I need VAP also. Please consider changing your policy on this one
Re: Virtual AP and NV2
Posted: Sun Jul 15, 2012 10:22 pm
by diode
hi karina !
this is exactly one usual cenario vap is used by me. at the moment you have to configure the network so that nstreme & nv2 are both working, to be able to switch back to nstreme with vap support when you need it.
a second scenario is sharing accesspoints between two providers, one provider uses radius access control (via mac adresses), the other doesnt - whithout vap this is not solveable, and both providers dont want to change ther access strategy.
greetings maria
yesterday VAP saved my life. i have array of 3 sectors. one went down. i was able to restore service to 90% of the effected clients by cloning the dead AP with an VAP on one of the remaining sectors.
Honestly Mikrotik VAP is very important.
I need NV2 but I need VAP also. Please consider changing your policy on this one
Re: Virtual AP and NV2
Posted: Mon Jul 16, 2012 10:52 pm
by samsung172
Its really usfull, for use in installation enviroments
Client= Default config ssid= INSTALL (step 1) (VAP)
Client = Customer spesific = xx.locid.unitid.interfaceid (eg 10.23.1.66) (Interface SSID)
SSID INSTALL = pppoe server, default user default pass, give access to control system trough l2tp tunnel (but no internett)
step 2, autogenerated from system then give client correct ssid, user, password etc etc. - Routed to internett.
Re: Virtual AP and NV2
Posted: Tue Nov 27, 2012 1:09 am
by lbenzo
Do we have some news with NV2 and VirtualAP?
Re: Virtual AP and NV2
Posted: Thu Feb 28, 2013 1:44 am
by diode
any news ?
we, two providers still cant share an ap, as one provider uses encryption as access restriction, and the other one mac authentication via radius ...
greetz from vienna
Re: Virtual AP and NV2
Posted: Thu Feb 28, 2013 1:54 am
by samsung172
Well. today. only answer is, run 820.11 to use VAP, and don't use the nice feature from NV2.
The VAP feature, is really a wanted feature of nv2. In many setup, the use of vlan, and same ssid, is not an option. This is really a BIG HUG discussion thing.
The choice for us today, is to run same SSID at all AP. The negative thing here, is tat the area is concentrated with more than one AP , som a lot of CPE's can see another AP. If then it have same SSID, under a reebot of the main AP, the station will pick the other one. And. it would not go back, after the main com up. ( I know that all is possible to do with a script) but the ""old"" VAP, could eliminate this to happened. All CPE's go to a uniq SSID after installation. When mounting crew is installing, the AP go to a VAP (same SSID to all AP's) and give the installer, a link to management system. (pppoe server-default password-default user) No need for customizong the CPE to a uniq customer, and mounting crw, could have 100 CPE's with default config in car.
When installer, is at customer, and is given acces to the management system. he could just get a code sniplet. and setting some :global variables, and run a step2 config. Then the CPE choose the AP, installer choose (after a scan, to se where the stongest signal is) and set custom specific parameter. pppoe user, pppose password, ssid, etc etc etc.
To not have the feature of VAP in nv2, almost eliminate the use of NV2 to CPE's, and just possible to use in P2P links.
Re: Virtual AP and NV2
Posted: Thu Feb 28, 2013 12:10 pm
by karina
I don't understand Mikrotik's policy on this one. If it was technical difficulty to add VAP to NV2 then I would understand, but to say it is just not considered important is very odd indeed.
I would also understand not wasting valuable tech time on a soon to be obselete version but there is no mention of considering VAP with NV2 in V6 either
Confused ????
Can Anybody at Mikrotik enlighten us? if is not possible because of technical reasons then say so we then at least know the situation and can consider alternatives
Re: Virtual AP and NV2
Posted: Thu Feb 28, 2013 2:04 pm
by doush
+1 here for VAP on NV2.
Re: Virtual AP and NV2
Posted: Wed Jun 05, 2013 6:48 pm
by n21roadie
Any update on this very important feature - Virtual AP in NV2 - which I and many other would confirm?
Re: Virtual AP and NV2
Posted: Thu Jun 06, 2013 12:53 am
by spire2z
I can see some use for multi ssid but nothing that's essential for any of the tasks mentioned by the OP.
I get the reason about changing cards over but your only saving a few mins if you do proper config exports.
For the purpose of a multi provider network then it can look nice specially if you have the installers of each ISP doing their own installs but it's no means essential for the actual purpose. I would say it's got more to do with the authentication, routing, gateway and IP addressing to be multi provider? Possibly a vlan here or there. But then I guess it's the icing on the cake to have it's own ssid.
You could just have a different radio and antenna for each provider? Its not that expensive really and if you get a busy network you may be glad you did that in the long run anyway.
Re: Virtual AP and NV2
Posted: Thu Jun 06, 2013 1:17 am
by diode
having seperate radios for each provider is the only way to do it for the moment, BUT free channels and space for antennas is not an endless resource.
especially in crowded areas its a huge difference to coorinate 3 oder 6 channels (out of 9, cause 3 cant be used cause of radar reservetion).
Re: Virtual AP and NV2
Posted: Thu Jun 06, 2013 2:28 am
by spire2z
Very true about channel resource. I guess the only other way is that if you supply the client devices then you can just lock the installer out from the wireless and wpa settings etc then the ssid is not that important.But if your letting each provider buy an install their own kit then that wont work.
Re: Virtual AP and NV2
Posted: Thu Jun 06, 2013 2:41 am
by n21roadie
I can see some use for multi ssid but nothing that's essential for any of the tasks mentioned by the OP.
I get the reason about changing cards over but your only saving a few mins if you do proper config exports.
For the purpose of a multi provider network then it can look nice specially if you have the installers of each ISP doing their own installs but it's no means essential for the actual purpose. I would say it's got more to do with the authentication, routing, gateway and IP addressing to be multi provider? Possibly a vlan here or there. But then I guess it's the icing on the cake to have it's own ssid.
You could just have a different radio and antenna for each provider? Its not that expensive really and if you get a busy network you may be glad you did that in the long run anyway.
When on site - the more options available to achieve a task or even to change the service or upgrade sequence as was originally planned is essential,
When a radio card fails on a sector it will take more than just a few minutes to swap out, I really wish it was only a few minutes, but climbers do take time to achieve this task,
The ability to use virtual AP from another sector on the mast, even to bring back 80% customers back online is great as then you will have 20% of customers offline rather than 100%
Re: Virtual AP and NV2
Posted: Thu Nov 14, 2013 3:28 pm
by namery
nv2 is not use for virtals AP? who decide that? i hace 5 diferent virtuals ap on each ap that i have and i have many clients connecting to it.
From your wiki
Nv2 is based on TDMA (Time Division Multiple Access) media access technology instead of CSMA (Carrier Sense Multiple Access) media access technology used in regular 802.11 devices.
TDMA media access technology solves hidden node problem and improves media usage, thus improving throughput and latency, especially in PtMP networks.
And now u said that you will no implement this???. Sorry but that sound really stupid!!. I thought use mikrotik for cpe using nv2 but now i have to change that back to use nano station because u dont want to implement it.
Re: Virtual AP and NV2
Posted: Thu Nov 14, 2013 4:08 pm
by normis
nv2 is not use for virtals AP? who decide that? i hace 5 diferent virtuals ap on each ap that i have and i have many clients connecting to it.
From your wiki
Nv2 is based on TDMA (Time Division Multiple Access) media access technology instead of CSMA (Carrier Sense Multiple Access) media access technology used in regular 802.11 devices.
TDMA media access technology solves hidden node problem and improves media usage, thus improving throughput and latency, especially in PtMP networks.
And now u said that you will no implement this???. Sorry but that sound really stupid!!. I thought use mikrotik for cpe using nv2 but now i have to change that back to use nano station because u dont want to implement it.
Nanostation certainly doesn't have VirtualAP for Nv2, so could you please clarify what you meant?
Re: Virtual AP and NV2
Posted: Thu Nov 14, 2013 4:41 pm
by namery
i mean that i use for AP mikrotik with virtuals APs, and nanostation for cpe. With the new nv2 i thought to change to mikrotiks cpe to use nv2 on my network. but...
Re: Virtual AP and NV2
Posted: Mon Mar 03, 2014 2:07 pm
by tgyula
Me too. VAP very important for WISPs. One of the great advantages of the MikroTik devices. Is not the same without him.
Re: Virtual AP and NV2
Posted: Sun Mar 09, 2014 12:58 am
by samsung172
nv2 is not use for virtals AP? who decide that? i hace 5 diferent virtuals ap on each ap that i have and i have many clients connecting to it.
From your wiki
Nv2 is based on TDMA (Time Division Multiple Access) media access technology instead of CSMA (Carrier Sense Multiple Access) media access technology used in regular 802.11 devices.
TDMA media access technology solves hidden node problem and improves media usage, thus improving throughput and latency, especially in PtMP networks.
And now u said that you will no implement this???. Sorry but that sound really stupid!!. I thought use mikrotik for cpe using nv2 but now i have to change that back to use nano station because u dont want to implement it.
Nanostation certainly doesn't have VirtualAP for Nv2, so could you please clarify what you meant?
.. It dosent have NV2 at all.........
And its not possible to tell what a nanostation have and or not. You make it have what you want Your selv. Since using openwrt. If skilled enough. It does have NV2 in the way you make it Your own.
Re: Virtual AP and NV2
Posted: Wed Jun 04, 2014 12:49 am
by Basdno
I have had Headaces from he.. several times over this topic when I considered switching my APs to NV2 for many of my PtMP sites. But each time it just failed, and I had to move back to NStreme. Wondering what went wrong!
I have been wondering, thinking and rageing over this several times cause I did exactly what was explained about NV2 migrating in Wiki.
And the odd part was it worked so well on SOME PTP links.
Well probably needless to say, I just found out what was my problem! I use a lot of VAPs for a multitude of reasons. I finally got an idea what it could be when I started comparing my actually working NV2 links, and those places it didnt work.
I put my main SSID directly in the physical Wlan on an AP to test it, and BAM there they where some of my CPEs atleast(Those with that SSID)! A google search with nv2 and VAP then finally brought me here!
But as you probably understand, I have an extensive use of VirtualAPs for a many reasons. Several have already been mentioned above!
F.ex. as standard I NEVER place a production SSID on Main/Physical Wlan.
But I didnt even dream in my wildest dreams that NV2, the new shiny Mikrotik Propretary protocol, couldnt be used togheter with the NR1 most useful feature of Mikrotik:VAP!!
Virtual AP IS VITAL for WISP operations!!! It is a total showstopper for me not beeing able to use NV2 togheter with VAP!!!
I really hope and URGE Mikrotik to reconsider this choice if it is a choice and not a technical issue!
But as far as I have read here I see no indication that it is because of techincal reasons, so: PLEASE!!!!!!!!
Please make my headaches go away by making VAP and NV2 work togheter!
Re: Virtual AP and NV2
Posted: Wed Jun 04, 2014 2:20 am
by WirelessRudy
@basdno; Explain me why VAP is so important to you?
If you work with an all MT 802.11a/n network, I see no reason why to use VAP.
If you work with a mixed brand (3rd party CPE's) 802.11a/n network, well, than NV2 can't be used anyway since its proprietary technology.
If you work with an all MT 802.11b/g/n network, again there is not really a use for VAP unless you wan't to divide some groups of users. But I can't find a reason why to do that..
If you work with an mixed brand 802.11b/g/n network. Well, yet again NV2 can't be used since it is proprietary tech.
The reason NV2 can't work with 3rd party brand equipments is that its proprietary technology. Meaning to say every manufacturer makes its own protocol which is allowed and just an amendment within the IEEE.
Actually for manufacturer its is a nice way to invent the (in their opinion) the best tdma (NV2 = tdma) protocol and at the same time bind users that like it to their devices.
Imagine Motorola would allow others to user their propietary tdma? Soon thew won't sell lots of CPE's any longer because there is always someone that can make it lots cheaper.... so they lose lots of money.
Why is it not possible to make virtual AP with NV2 protocol? Well, its inherent to the technology. The "TD" in TDMA stands for "time division" meaning there is some sort of traffic controller in AP that tells CPE's when they can talk to AP, or listen, and for how long before next CPE gets its turn.
Since virtual AP still uses same radio as physical main AP it therefore means that virtual AP connected clients just has to join the "time division" maintained by the main AP.
Since the tdma protocol uses code embedded in the mac layer, the fact the mac or SSID has to be the same for the coding arranging the TD. Thus the SSID has to be the same, and thus VAP has to be the same as AP and therefore is just the same......
(The actual technical explanation will be a bit more complicated but ok, this is in short why VAP with NV2 is not possible.)
But like I began with, I don't see real reasons for using VAP anyway. NV2 is predominantly designed to improve network communications and time share between AP and fixed clients. For moving (like with hotspots for instance) its not a good protocol anyway.
So, its good, very good, for fixed CPE networks. I use it everywhere in my network. It makes the network much more stable and you can have more CPE's connected with certain speed assignments as without NV2.
The only use I make with VAP is in 2,4Ghz hotspot networks.
I use main SSID to connect to clients.
I use one VAP just to have SSID with my website
I use second VAP just with my phone number.
So, what happens now. People that usually will not even see my 5Ghz main client network, now see some hotpots in town, they can even connect to it if signal allows.
But even when the signal is not strong enough for a connection, the SSID still pops up in the network scan. So, meaning my network and website and phone number are visible... Result; People start calling or try to browse to the website, just to find out who is this internet provider that they see everywhere....
1-0 to ubnt! (They don't have that option!)
Re: Virtual AP and NV2
Posted: Sun Jun 08, 2014 8:56 am
by Basdno
I am a local WISP Operator in my area and have a ALL Mikrotik network, Core, APs, CPE, all is Mikrotik. Only thing not Mikrotik yet is Switches, but will have a look at that when they need next replacing. I have only fixed clients! I also work togheter with a National WISP Operator as a service technician, servicing their network in the areas surrounding me.
Well, one of the most obvius uses of VirtualAP is if you use a main ssid for all APs in your network for CPEs to connect to and need to connect a Repeater to a main AP(AP1) somewhere for better coverage in a particular area. With a large network it is important to be able to use same SSID so CPEs can be produced and distributed without having to tailor evry CPE for particular area it is going to.
This Repeater will get same SSID on its outgoing/AP wlan, so it is mandatory to have another SSID on inlink from the main/feeding AP(AP1). This is easily done by creating a Virtual SSID on the main/feeding AP(AP1). Then Repeater can connect to AP1 without risk of internal loop.
This setup also makes it possible to move Repeater around between different Main APs. F.ex. the repeater can see two main tower APs, AP1 and AP2, but AP1s signal is best and therefor should normally be used. Repeaters SSID is then created on AP1 and Repeater connects there.
Now lets say, for some reason Main AP1 goes down(Power outage, bad radiocard whatever), then you have the possibility to put in the Virtual AP in AP2 to get Repeater(And all its customers) online again. Maybe a little less bandwith due to weaker signal, but still a lot better then leaving your customers offline untill AP1 is fixed. Also it is possible that customers that normally connect to AP1 could get signal through Repeater while AP1 is down(Depending on distances and Topology ofc).
This kind of setup is not possible with NV2, since you only can have the Main SSID on interface. Thereby excluding NV2 on all APs that have atleast 1 repeater connected, even if these APs actually could benefit higly from NV2s advantages because of higher amount of CPEs in PtMP topology.
The workaround would be to put in more physical cards/and antennas in each location for each Repeater, but this would be a VERY costly workaround since you would need extra antennas, Towerslots, getting Technician to toweres each time u need to setup any size of RP and so on. + Loosing the ability to move Repeater around if need arises.
So as I said in my last post; I really hope and URGE Mikrotik to reconsider this choice if it is
a choice and not a technical issue!
If it is a technical reason that makes it impossible to do, then well sadly just have to live with it and keep using Nstreme.
But if it is a choice based on what Mikrotik want to use resources on or believe is useful or not to their customers, then I think this is a issue that should definitly be adressed and worked out since it has real world applications value form day1 and is a total showstopper for many to be able to fully utilize NV2 and its benefits.
And I think it is sad not beeing able to use NV2 since Mikrotik has put resources and effort into creating NV2, and then we the customers cant use it because of this little flaw.
Especially since VirtualAP is one of (In my mind atleast) Mikrotiks real engenius advantages, making MT way better and faster deployable than most other systems on the market today! Therefor it is sad that MT make another new proprietary protocole that excludes one of its former BIG advantages!
Also you have the issues with replacing Wireless cards and configs and so on that VirtualAPs make a lot easier, wich is one of the reasons I normally never place any production SSIDs on physical WLAN Interface but rather in a VAP. Making it way faster to replace card or even entire AP if necessery, since u get all VAPs(And their SSIDs) in the export and backups files.
Also have a read above several uses described.
I really hope it is possible to get this to work as it would make my world alot easier to be able to use NV2 fully in most of my crowded PtMP envirnoments.
Hope I havent done too much misspellings and jibberich this early in a sunday morning.
Have a nice day!
Re: Virtual AP and NV2
Posted: Sun Jun 08, 2014 3:49 pm
by WirelessRudy
@basdno; Thanks for your message. Its well written.
It's obvious everybody has its own approach in setting up a network. Many networks are also setup years ago while nowadays technology improvements (or 'off-track-developments' like some proprietary protocols might work out for some...
) would actually ask for, or allow, other setups...
I'm not saying your's is a bad setup, but from the past I learned repeaters are only a second best solution due the halving of speed each time used.
My network is more setup with many relative small cells, all interconnected by backhauls with their own SSID's. All AP's have their own SSID's too.
(I find it an plus to have them all with their own SSID. That way I am sure which AP the client is connecting to. And in doing site surveys its easy to distinguish which AP gives the best signal. To remember all these mac's is just to much for my brain. Also, clients all have diretional CPE's thus they basically have to work with one AP only anyway. Second advantage, I am working in a region were me competitors usually work with high elevated towers, expensive and limited in capacity, where I use a 10-vold of small cells to work in same region located on building roofs etc.. Hence I can service theoretically 10 times more clients before saturation becomes an issue, I have better signals everywhere. And although a risk one of my towers goes down is bigger, the amount of clients than effected is 10 times less. More cells gives more work, true. But it also gives more ways of serving more clients, its easier to battle with competition because my signal usually wins and it make my network 'per client' less vulnerable for attacks, breakdowns or interferences.)
If one AP would go down, or one backhaul, with nowadays cheap units (SXT's, OmniTiks) its so easy to replace them I'm not bothered in having fall back systems for my customers. Second reason for that is that nowadays units are pretty reliable that downtimes due failing of hardware is less than once a year....
Critical mission clients though I usually hook up with two CPE's, each connecting to another AP from another network segment. (And yet again, with nowadays prices this is not an issue at all, this client pays more anyway...)
When it comes to preparing CPE's to clients; Well, I have a script made with the basics that are the same for all and then upon a site visit we choose the AP and I set the details for this AP. Each CPE has the AP (and sometimes a second for fail-over) in its 'connect-to' list with both its SSID as the mac. listed.
AP has client's CPE-mac in its 'access-list'. Together with the use of the NV2-protocol and its encryption this also makes it almost impossible for any intruder to get into my network. (And the fact I am the only user in a wide region to use MT where everybody else use ubnt, this is just another 'thin' layer of extra security against intrusion. Its more prone an attacker would use ubnt stuff than MT. After all, you have to be an expert to be able to work with MT!
. Anyway, I personally this way it the best way to get the best out of my network.
Maybe the setup of an CPE is a bit extra work compared to your system but most of the work on a new client is the paperwork and getting your money. Not the config of an antenna!
When it comes to up-time for the client, I am working with the best main stream providers in my Country, and sadly enough I must experience that fibre cables are more often pulled in two by stupid workers somewhere in my upstream provider's network than my network fails....
Most of my competitors work with mountain towers, each thunderstorm sees downtimes... pfff.
At the same time we have regular power cuts in this highly advanced country. People are so used to power cuts bringing at least their own stuff down that an operator with service cuts is sort of normal. (I spend 4x as much money on battery and ups setups for all my towers than I do on actually making my system redundant for failure.)
Back to the NV2. As said, I don't think not having VAP on tdma is a choice but more a technical impossibility. (Correct me if I am wrong, I'm not a 100% tech wiz. that knows all!
Re: Virtual AP and NV2
Posted: Sun Jun 08, 2014 5:29 pm
by n21roadie
........................................................
So as I said in my last post; I really hope and URGE Mikrotik to reconsider this choice if it is a choice and not a technical issue!
If it is a technical reason that makes it impossible to do, then well sadly just have to live with it and keep using Nstreme.
...............................................................
I agree we should have the option if technically possible to use VAP on NV2
Re: Virtual AP and NV2
Posted: Sun Jun 08, 2014 5:46 pm
by n21roadie
.....................................................................................
When it comes to preparing CPE's to clients; Well, I have a script made with the basics that are the same for all and then upon a site visit we choose the AP and I set the details for this AP. Each CPE has the AP (and sometimes a second for fail-over) in its 'connect-to' list with both its SSID as the mac. listed.
AP has client's CPE-mac in its 'access-list'. Together with the use of the NV2-protocol and its encryption this also makes it almost impossible for any intruder to get into my network.....................................
Good idea "connect list" but what happens when you add extra AP's have you to login to each CPE and update the connect list?
Also not so sure about ..
almost impossible for any intruder to get into my network... at best we can only deter the script kids and slow down the professionals?
Re: Virtual AP and NV2
Posted: Mon Jun 09, 2014 3:28 am
by WirelessRudy
Good idea "connect list" but what happens when you add extra AP's have you to login to each CPE and update the connect list?
Well, if I setup new AP's usually that is for new CPE's. If there is to be an existing CPE that can can reach a new, better signal, AP, yes, I log in and change its setting. But yet again, most CPE's are directional so usually I only need to set a new AP in its' 'connect to' list if this new AP is on the same tower as the existing. (We are 'upgrading the tower from 1 to multi AP'). Yes, that is a little extra work. But how often does this happen?
If there is a new AP that would give an CPE a better signal because it is better located; well, in that case it first has to be re-aligned anyway so compared to that physical work, the setting of an extra mac in the 'connect to' list is minor...
Also not so sure about ..almost impossible for any intruder to get into my network... at best we can only deter the script kids and slow down the professionals?
Any security system can be breached. Protection against intruders is all about creating barriers. The more the better. The more sophisticated, the higher the skills needed to breached them.
NV2's encryption is pretty strong.
The use of 'access list' and 'connect to list' only creates an extra barrier. Just the plain fact I use Mikrotik's tdma instead of ubnt (like all others do) makes my network just a little bit more safe. Every home script kiddy can buy a ubnt antenna in almost every computershop where its only the die-hards like us that know where to purchase Mikrotik.
I use it as just another sales tool, "My network is, because not like all the others, more secure. Just because it is not like all the others....."
Re: Virtual AP and NV2
Posted: Wed Jun 11, 2014 1:56 pm
by Basdno
There are differences in running a local WISP in a Local area/city where you or your employees can do all the installing and selecting APs/SSIDs and the like.
To if it is a National WISP that has to rely on using a number of different technicians from different innstalling companies all over the country. These typically install a wide vareiety off equipment an vendors, and you cant always count on them knowing spesific how to config each unit they install.
Then you need to have a simple way of getting antennas connected with same SSID where ever they try to mount it, without having to log into each antenna and start changing the config with all the troubles this can cause if technician isnt very good at this.
Also this is important for beeing able to offer "SelfService-Option" where customer innstalls his own CPE equipment(Most used). I for sure do not want my customers to mess around in my CPEs config f.ex.!
But the important question here is really if this is a Technical issue or just a priority issue from Mikrotik, so if some1 from Staff at Mikrotik could please let us know wheter it can be done or not it would be very nice! Anyone at staff Mikrotik that can give us an answer, and/or explanation?
Re: Virtual AP and NV2
Posted: Thu Jun 12, 2014 11:29 am
by WirelessRudy
@Basdno
I still don't understand the plus of having virtual AP's?
Well, one of the most obvius uses of VirtualAP is if you use a main ssid for all APs in your network for CPEs to connect to and need to connect a Repeater to a main AP(AP1) somewhere for better coverage in a particular area. With a large network it is important to be able to use same SSID so CPEs can be produced and distributed without having to tailor evry CPE for particular area it is going to.
This Repeater will get same SSID on its outgoing/AP wlan, so it is mandatory to have another SSID on inlink from the main/feeding AP(AP1). This is easily done by creating a Virtual SSID on the main/feeding AP(AP1). Then Repeater can connect to AP1 without risk of internal loop.
According my knowledge multiple AP's in a wds mesh mode all work with the same SSID. If you need a repeater it is just the same. It uses the SSID of the main 'mother' AP and re-broadcast that same SSID for its clients?
Why would you put an virtual AP on that repeater?
I still don't find any argument good enough that explains why you would choose virtual AP's above the use of NV2?
Actually, I even use different AP's in some locations (all for hotspot use) that broadcast the same SSID but that's the only they share. You can even differ the channel so client's device will 'see' same SSID everywhere and connect while at one time he connects to AP-A, the other time he connects to AP-B. Client wont notice. And AP's are not interfering each other.
In regard of the use of pre-installed CPE's I still don't see why you can't use same SSID on physical AP for client.
When I give a pre-installed CPE (2,4Ghz for hotspot use, but with better antenna than just client device) I can give it to installer/client and tell him to fit it and look for best signal. Since all hotspots have same SSID (on main physical radio) all installer/client need to do is to look for best signal. (Now that comes with some other issues, hooking up to best signal if CPE is hooked up to first, maybe poor signal ap, first. But that's another discussion).
But again, I am not saying I want to stop MT finding a NV2-VAP solution, if possible. (It is very quiet in that respect from their end.) I just try to understand your way of working....
(After all, if you can proof some real advantages over my way of working I can adopt. I'm always looking for the best way of doing things!
)
I did have once a need for a VAP though. I have one 2,4Ghz AP that had only 5 or 6 MT clients connected. Because of interferences of other 2,4Ghz devices I needed a stable solution for their connections. So I used NV2. But at the same time I hoped to use that tower for occasional hotspot client. I thought to setup VAP for that and connect this VAP with vlan to hotspot server, where fixed clients on main are connected with other vlan to different authenticating/dhcp server. It took me some weeks to realize I will never see any hotspot clients on that tower though. Because main AP was NV2 thus so was the VAP. And since usual client is not MT they can't connect. I also could not skip NV2 because that made the MT clients disconnecting regularly (obvious interference issue). Since that area will not see lots of hotspot clients anyway I abandoned the VAP....
Re: Virtual AP and NV2
Posted: Mon Jun 20, 2016 5:01 pm
by letabawireless
Hi
Its quite simple really. We have a site with multiple sectors, and multiple SSID's. So if one sector fails, you can simply add the Virtual AP with the SSID, and the IP to OSPF, and everybody runs again. You then have ample time to go and replace the faulty unit, withou affecting your customers.
Re: Virtual AP and NV2
Posted: Tue Jun 21, 2016 8:06 am
by jarda
You can bridge the vap or route over it freely as it is internally fully separated interface.
Re: Virtual AP and NV2
Posted: Tue Jun 21, 2016 8:25 am
by letabawireless
Fair enough - bear in mind that I want to to host multiple sector ssid's on one router, for failover purposes. Then it requires multiple ssid's.
Re: Virtual AP and NV2
Posted: Sat Oct 20, 2018 2:50 am
by TomjNorthIdaho
Old topic
One big huge advantage of virtual APs with the nv2 protocol would be this:
- Physical AP for many nv2 clients to connect to - where the SSID is on one of the WISP's vlans.
- Virtual AP , the ability to connect a WDS nv2 client and pass all vlans through the WDS link.
At this time , this can only be done using 802.11 or nstream
At the very least , I would like to see virtual APs using nv2 (It would be OK to keep a common nv2 key , just as long as there are two different SSIDs - where one SSID is on a single bridged vlan and the second virtual SSID can do WDS and pass all vlans to a nv2 wds client. (or can this already be done with virtual SSIDs on a single wlan card where all the SSIDs use the same nv2 key ????? --- I never tired it )))
EDIT - - I just tried it. created a virtual AP on a nv2 configured AP WDS-passing vlans. The virtual AP was not seen by anything on a next-to-the-tower site survey.
Darn it , if a nv2 wlan could have one or multiple virtual SSIDs using the same NV2 key , it would solve many problems.
EDIT: I wonder if there is a work-around using not using secondary nv2 SSID , but rather try something like this:
- A single wlan using nv2 - however configure the wlan1 "VLAN ID" to use Vlan1 for the all nv2 clients , then configure WDS for a WDS nv2 client where the WDS client is trunked and getting all of the vlans (some possible changes on Vlan and native-Vlan )
EDIT - mabey what was a WDS client is configured as a client and then EOIP the vlans through the normal nv2 AP so that what was a WDS client is now a normal nv2 client that gets all vlans via EOIP tunnels... Whew sounds ugly but workable...
North Idaho Tom Jones