Seamless Wi-Fi roaming: theory in practice. Wi-Fi MESH networks with seamless roaming from several access points for large turnkey premises Seamless roaming in wifi networks
We understand roaming technologies (Handover, Band steering, IEEE 802.11k, r, v) and conduct a couple of visual experiments demonstrating their work in practice.
Introduction
Wireless networks of the IEEE 802.11 standards group are developing extremely quickly today, new technologies, new approaches and implementations are appearing. However, as the number of standards grows, they become increasingly difficult to understand. Today we will try to describe several of the most common technologies that relate to roaming (the procedure for reconnecting to wireless network), and also see how seamless roaming works in practice.
Handover or "client migration"
Once connected to a wireless network, the client device (be it a smartphone with Wi-Fi, a tablet, a laptop or a PC equipped with a wireless card) will maintain a wireless connection if the signal parameters remain at an acceptable level. However, when the client device moves, the signal from the access point with which the connection was originally established may weaken, which sooner or later will lead to a complete inability to transmit data. Having lost connection with the access point, the client equipment will select a new access point (of course, if it is within reach) and connect to it. This process is called handover. Formally, handover is a migration procedure between access points, initiated and performed by the client himself (hand over - “transfer, give, concede”). IN in this case The SSIDs of the old and new points do not even have to match. Moreover, the client may be on a completely different IP subnet.
To minimize the time spent reconnecting a subscriber to media services, it is necessary to make changes both to the underlying wired infrastructure (make sure that the client's external and internal IP addresses do not change) and to the handover procedure described below.
Handover between access points:
- Determine a list of potential candidates (access points) for switching.
- Set the CAC status (Call Admission Control - call availability control, that is, essentially, the degree of device load) of the new access point.
- Determine the moment to switch.
- Switch to new access point:
In IEEE 802.11 wireless networks, all handover decisions are made by the client side.
Source: frankandernest.com
Band steering
Band steering technology allows the wireless network infrastructure to move a client from one frequency range to another, usually by forcing the client from the 2.4 GHz band to the 5 GHz band. Although band steering is not directly related to roaming, we decided to mention it here anyway since it is related to client device switching and is supported by all of our dual-band access points.
In what case might it be necessary to switch a client to another frequency range? For example, such a need may be associated with transferring a client from the congested 2.4 GHz band to the freer and higher-speed 5 GHz. But there are other reasons.
It is worth noting that at the moment there is no standard that strictly regulates the operation of the described technology, so each manufacturer implements it in its own way. However, the general idea remains roughly the same: access points do not advertise an SSID in the 2.4 GHz band to a client performing an active scan if that client has been observed to be active on the 5 GHz band for some time. That is, access points, in fact, can simply remain silent about the presence of support for the 2.4 GHz band, if it was possible to establish that the client supports the 5 GHz frequency.
There are several modes work band steering:
- Forced connection. In this mode, the client is, in principle, not informed about the presence of support for the 2.4 GHz band, of course, if the client has support for the 5 GHz frequency.
- Preferred connection. The client is forced to connect to the 5 GHz band only if the RSSI (Received Signal Strength Indicator) is above a certain threshold, otherwise the client is allowed to connect to the 2.4 GHz band.
- Load balancing. Some clients that support both frequency bands connect to the 2.4 GHz network, and some connect to the 5 GHz network. This mode will prevent overloading the 5 GHz band if all wireless clients support both frequency bands.
Of course, clients with support for only one frequency range will be able to connect to it without problems.
In the diagram below we tried to graphically depict the essence of band steering technology.
Technologies and standards
Let us now return to the process of switching between access points. In a standard situation, the client will maintain the existing association with the access point for as long as possible (as possible). Exactly as long as the signal level allows it. As soon as the situation arises that the client can no longer support the old association, the switchover procedure described earlier will begin. However, handover does not happen instantly; it usually takes more than 100 ms to complete, and this is already a noticeable amount. There are several radio resource management standards working group IEEE 802.11, aimed at improving wireless network reconnection time: k, r and v. In our Auranet line, 802.11k support is implemented on the CAP1200 access point, and in the Omada line, 802.11k and 802.11v protocols are implemented on the EAP225 and EAP225-Outdoor access points.
802.11k
This standard allows a wireless network to report to client devices a list of neighboring access points and the channel numbers on which they operate. The generated list of neighboring points allows you to speed up the search for candidates for switching. If the current access point's signal weakens (for example, the client is removed), the device will search for nearby access points from this list.
802.11r
Version r of the standard defines the FT - Fast Transition (Fast Basic Service Set Transition) function, which allows you to speed up the client authentication procedure. FT can be used when switching a wireless client from one access point to another within the same network. Both authentication methods can be supported: PSK (Preshared Key) and IEEE 802.1X. Acceleration is achieved by storing encryption keys on all access points, that is, the client does not need to go through the full authentication procedure using a remote server when roaming.
802.11v
This standard (Wireless Network Management) allows wireless clients to exchange service data to improve the overall performance of a wireless network. One of the most used options is BTM (BSS Transition Management).
Typically, a wireless client measures its connection to an access point to make roaming decisions. This means that the client has no information about what is happening with the access point itself: the number of connected clients, device loading, scheduled reboots, etc. Using BTM, the access point can send a request to the client to switch to another point with better operating conditions , even with a few worst signal. Thus, the 802.11v standard is not directly aimed at speeding up the switching process of a client wireless device, but in combination with 802.11k and 802.11r it provides faster program performance and improves the convenience of working with wireless Wi-Fi networks.
IEEE 802.11k in detail
The standard extends RRM (Radio Resource Management) capabilities and allows 11k-capable wireless clients to request a list of neighboring access points that are potential handover candidates from the network. The access point informs clients about 802.11k support using a special flag in the Beacon. The request is sent in the form of a management frame called an action frame. The access point also responds with an action frame containing a list of neighboring points and their wireless channel numbers. The list itself is not stored on the controller, but is generated automatically upon request. It is also worth noting that this list depends on the client's location and does not contain everything possible points wireless network access, but only neighboring ones. That is, two wireless clients located in different places will receive different lists of neighboring devices.
With such a list, the client device does not need to scan (actively or passively) all wireless channels in the 2.4 and 5 GHz bands, which reduces the use of wireless channels, that is, freeing up additional bandwidth. Thus, 802.11k allows you to reduce the time spent by the client on switching, as well as improve the process of selecting an access point to connect to. In addition, eliminating the need for additional scans helps extend the battery life of the wireless client. It is worth noting that access points operating in two bands can provide the client with information about points from an adjacent frequency range.
We decided to clearly demonstrate the operation of IEEE 802.11k in our wireless equipment, for which we used an AC50 controller and CAP1200 access points. One of the following was used as a traffic source: popular messengers with support for voice calls, running on a smartphone Apple iPhone 8+, which obviously supports 802.11k. The voice traffic profile is presented below.
As you can see from the diagram, the codec used generates one voice packet every 10 ms. Noticeable spikes and dips in the graph are explained by the slight variation in delay (jitter), which is always present in wireless networks on Wi-Fi base. We configured traffic mirroring on , to which both access points participating in the experiment are connected. Frames from one access point ended up in one network card traffic collection systems, frames from the second to the second. In the resulting dumps, only voice traffic was selected. The switching delay can be considered the time interval that elapses from the moment traffic disappears through one network interface until it appears on the second interface. Of course, the measurement accuracy cannot exceed 10 ms, which is due to the structure of the traffic itself.
So, without enabling 802.11k support, wireless client switching occurred on average within 120 ms, while activating 802.11k reduced this delay to 100 ms. Of course, we understand that although switching latency has been reduced by 20%, it is still high. Further reductions in latency will be possible by using the 11k, 11r and 11v standards together, as is already implemented in the home series of wireless equipment.
However, 802.11k has another trick up its sleeve: timing of the switch. This opportunity is not so obvious, so we would like to mention it separately, demonstrating its operation in real conditions. Typically, the wireless client waits until the last minute, maintaining the existing association with the access point. And only when the characteristics of the wireless channel become completely bad does the switching procedure to a new access point start. Using 802.11k, you can help the client with switching, that is, offer to do it earlier, without waiting for significant signal degradation (of course, we are talking about a mobile client). Our next experiment is devoted to the moment of switching.
Qualitative experiment
Let's move from a sterile laboratory to a real customer site. Two 10 dBm (10 mW) access points, a wireless controller, and the necessary supporting wired infrastructure were installed in the room. A diagram of the premises and installation locations of access points are presented below.
A wireless client moved around the room making a video call. First, we disabled 802.11k support in the controller and set the locations where switching occurred. As can be seen from the picture below, this happened at a considerable distance from the “old” access point, near the “new” one; in these places the signal became very weak, and the speed was barely enough to transmit video content. There were noticeable lags in voice and video when switching.
We then enabled 802.11k support and repeated the experiment. Now the switching occurred earlier, in places where the signal from the “old” access point was still strong enough. There were no lags in the voice or video recorded. The switching point has now moved approximately to the middle between access points.
In this experiment, we did not set ourselves the goal of finding out any numerical characteristics of switching, but only qualitatively demonstrating the essence of the observed differences.
Conclusion
All the described standards and technologies are designed to improve the client’s experience of using wireless networks, make his work more comfortable, reduce the influence of irritating factors, and increase the overall performance of the wireless infrastructure. We hope that we were able to clearly demonstrate the benefits that users will receive after implementing these options in wireless networks.
Is it possible to live in an office without roaming in 2018? In our opinion, this is quite possible. But, having once tried to move between offices and floors without losing the connection, without having to re-establish a voice or video call, without being forced to repeat what was said or ask again, it will be impossible to give up.
P.S. but this is how you can create seamlessness not in the office, but at home, which we will talk about in more detail in another article.
Nowadays various wireless devices, for which high-speed network access is possible only via WiFi. These are Ipad/Iphone, and other mobile gadgets. When you want to organize WiFi access in an area of 30 sq. m., then installing a regular Dlink for 1200 rubles will solve all your problems, but if you have an area >500 sq. m. m. and this is only for one floor, this solution will not work. If you use regular access points or routers, then each router will have its own network name (unique SSID) or the routers will need to be spaced far apart so that coverage areas do not overlap, and this will lead to the emergence of zones with very poor quality reception, or, generally, a missing signal. About six months ago, I encountered the same problem, a solution was found quite quickly - UniFi.
Example of installing WiFi UniFi in a car service center with several buildings.
UniFi provides wireless coverage to the Arcadia School District in California (translation).
UniFi provides wireless access upscale hotels in Peru (translation).
Possibilities WiFi points UniFi:
One network for all WiFi points.
Attractive design.
Easy to install, PoE.
Displays coverage area and access point locations on the administrator display.
Centralized wireless network management.
Guest networks, no access to local network.
Create temporary passwords for guest users.
Automatic software updates on access points.
High scalability: up to 100 or more points.
Multiple wireless networks with differentiated access rights.
Separation of network user traffic by VLAN.
Fast intranet roaming when switching between access points.
Monitoring user traffic, identifying sources of increased network load.
Large coverage area.
Possibility of generating one-time temporary passwords (relevant for places public use: hotels, cafes, etc.)
Connecting points in repeater mode.
An overview of the capabilities of the UniFi Controller is here.
Implementation of WiFi from Ubiquity in hotels in Peru here (translation).
Hardware controller for Ubiquiti UniFi. UniFi Cloud Key.
What it looks like in practice:
A software controller is installed on one of the network computers, on which all wireless network settings are made.
All settings of points and network parameters are subsequently made through this controller. Below are a couple of screenshots of the settings and appearance.
This is a building plan showing the locations of the points.
Setting up a guest network without access to corporate resources.
Monitoring active clients.
Access point monitoring.
Top view.
The installation and configuration process is extremely simple:
1. Place the points and connect them to the local network; UniFi supports PoE so that you only need an ethernet socket to connect them.
2. Install the software controller on any computer on the network, configure the parameters of WiFi networks, initialize the points, after initialization, the settings from the controller will be applied to the point, and the point will be ready for operation. Even when the controller is turned off, the settings on the points are saved.
Modern principles of building information and communication networks are focused not only on providing high-speed access, but also on user convenience. Roaming in Wi-Fi networks is the very component that is more related to the convenience of subscribers. In radio networks, roaming is the process of switching a wireless network subscriber from one base station(access point from whose service area the subscriber leaves) to another (into whose service area this subscriber enters).
Quite a common situation in offices large companies with a Wi-Fi network is the lack of roaming or its incorrect configuration. This leads to the fact that, despite the presence of uniform radio coverage throughout the building, when a subscriber moves around it, SSH sessions are interrupted, file downloading stops, not to mention interruptions in communication sessions when using WatsApp, Skype and other similar applications.
The simplest, cheapest and most common way to organize roaming is to configure a radio network of access points with the same SSID. When the power of the radio signal from the subscriber weakens (the SNR - signal-to-noise ratio decreases), this leads to a decrease in the connection speed, and if the SNR falls below a critical level, the connection is completely broken. If a wireless subscriber device “sees” equipment on the network with the same SSID, then it connects to it.
Many manufacturers of wireless equipment use proprietary protocols to organize roaming, but even in this case, handover delays can reach several seconds, for example, when using the WPA2-Enterprise protocol, when connecting access points to a RADIUS server is required:
The stumbling block in organizing Wi-Fi roaming is that the decision to switch from one access point to another is made by the subscriber (more precisely, the client equipment). Most protocols for switching a subscriber from one Wi-Fi device to another use forced disconnection of the user from the access point when the signal quality deteriorates. In the settings of most access points that support roaming, you can set the minimum signal level at which the subscriber will be disconnected from the network. This is not the best option for implementing roaming, because the TCP session still breaks, and the client device may unsuccessfully try to continue trying to establish a connection with the device that blatantly kicked it out of the network.
802.11r and 802.11k- "Mobile"Wi-Fi
To solve the problems described above, the 802.11r specification was released in 2008 (and later an amendment to it - 802.11k), which is an addition to the 802.11 standard and serves to provide seamless radio coverage and switch subscribers from one access point to another. So if you are going to solve a similar problem for an organization seamless Wi-Fi roaming, you need to select equipment that supports these standard specifications.
802.11r uses Fast Basic Service Set Transition technology, which stores encryption keys from all access points in one place, allowing the subscriber to reduce the authentication procedure to the exchange of four short messages. The 11k amendment allows you to reduce the detection time of access points with better signal levels. This is realized due to the fact that packets with information about neighboring access points and their status begin to “fly” over the wireless network.
The general principle of operation of the 802.11r standard is that the subscriber terminal has a list of available access points. Available points belong to the same MDIE mobile domain, information about MDIE membership is broadcast along with the SSID. If the subscriber sees an available access point from MDIE with a better SNR level, then the subscriber, using a still active wireless connection, pre-authorizes with another access point from MDIE.
To speed up the connection, authentication occurs according to a simplified scheme: instead of authorization on the RADIUS server, the subscriber terminal exchanges a PMK key with the Wi-Fi controller. The PKM key is transmitted only during the first authentication and is stored in Wi-Fi memory controller.
Only after another access point has authorized the subscriber does handover occur. Further, the switching speed will no longer depend on how quickly packets fly through the network, but only on how quickly the subscriber device can adjust the frequency to new channel. With this algorithm, subscriber switching occurs unnoticed by the user.
Despite the fact that the vast majority of modern Wi-Fi devices supports 802.11r, you always need to leave a backup option, so it’s a good idea to configure “aggressive roaming”, which works on the principle of disconnecting a subscriber when the SNR drops below a specified threshold.
Ready-made solutions for seamless roaming
You can organize roaming on a wireless network using regular access points that support the above specifications. And this option is more suitable for cases where the network consists of a small number of access points. But if your network has a dozen wireless points, then for such a network it is more advisable to consider specialized solutions from Cisco, Motorola, Juniper Aruba, etc.
Some solutions require setting up a separate controller that manages the entire network, but there are others that do not require a controller. For example, Aruba Networks has Instant points that do not work without a physical controller, but there is a virtual one that rises on one of the points. At the same time, most of the services for which such networks are created work: seamless roaming, scanning of the radio spectrum and space, recognition of devices on the network. In the future, as the network grows, these points can be switched to operating mode with a physical controller, abandoning the virtual one.
Motorolla is famous for its intelligent Wing 5 solution, which is “endowed” with wireless equipment. Thanks to this solution, all equipment (both local and remote) is combined into a single distributed network, which reduces the number of switches in the network, and access points can work more synchronously and efficiently.
With Wing 5, Motorolla can intelligently control bandwidth and load balance between access points, thereby distributing network traffic evenly across all access points. In addition, the equipment can dynamically change its configuration if interference is detected (for example, if there is a microwave oven nearby). The equipment also has an adaptive coverage function, which allows you to increase the signal strength for devices on a network with a low signal-to-noise ratio (SNR). And of course, an important function is self-healing of neighboring access points if they freeze.
Cisco also has a similar solution, and it is called Cisco Mobility Express Solution. Cisco's approach to software somewhat reminiscent of Apple - easy to deploy and configure (setup takes less than 10 minutes). Therefore, it is suitable for companies with a small staff of IT specialists or no staff at all. Mobility Express Solution is deployed on the basis of Cisco Aironet access points, which also have a virtual controller and there is no need to purchase a separate device for this. Aironet can be connected and configured even from a regular smartphone; you just need to connect to the access point using a known SSID with a standard factory password:
When connecting to an access point using a known IP address, the user will be prompted to complete setup using a wizard Cisco installations WLAN Express. Regardless of how many access points there are in the network, its configuration can be done through any Cisco Aironet equipment running on the network. By the way, when setting up a network from a smartphone, you can download separate application Cisco Wireless, available as in Google Play, and App Sore.
Conclusion
Setting up network roaming without using specialized solutions from leading network equipment manufacturers is possible, but it is always useful to use more than just a “bare standard”. Therefore, the implementation of seamless roaming using solutions with a virtual or physical WLAN controller corporate class from manufacturers such as Cisco, Motorola, Juniper and Aruba allows you to easily manage other access points without the need for additional equipment. This means that with their help, any company, both small and medium-sized businesses, can offer their wireless customers the same high level services, like large enterprises, without any additional costs and complex software.
IN corporate environment WiFi performs an increasingly prominent function and plays an increasingly important role. You can connect a smartphone or tablet to WiFi, but, more importantly, a corporate phone, a mobile data collection terminal or an online cash register for accepting payments and printing receipts. It’s good if the WiFi network coverage area your business needs is small, and you can get by with an ordinary inexpensive access point, but what if wireless communication need to cover thousands of square meters over several floors? There are certainly options.
Firstly, you can “produce” many WiFi networks on many autonomous access points. The bad option is that such a farm is difficult and inconvenient to manage, when moving around the enterprise territory, some mobile devices you will have to switch between these networks manually, and, most importantly, all this will have to be explained to users who do not always understand IT well and are simply unable to absorb these intricacies. This solution has only one advantage: it's cheap.
Secondly, Can broadcast one WiFi network using the same type of autonomous access points supporting WDS technology. The main disadvantage of this solution is that the vast, absolute and unconditional majority of more or less affordable (up to 300 USD) access points from popular vendors work poorly in WDS mode. Broadcasting may disappear and be restored, connectivity between the main and dependent access points will be disrupted, and mobile devices will lose communication and, along with it, their functional characteristics. So it’s better to leave this option for real samurai.
The ideologically and technologically correct option is to use a controller and dependent access points. This option is called " seamless WiFi". Its essence is that there can be many access points, and they are managed and broadcast by one centralized controller device. Controller:
- monitors the status of slave access points and the load on them;
- adjusts the signal strength and throughput depending on the number of clients and the nature of their work;
- independently restores areas unserved due to equipment failures by increasing the coverage area from nearby access points;
- provides web authentication and dynamic accounts for the implementation of the so-called " guest access" (for some controllers, options such as printers are available to generate and print temporary user credentials);
- provides fast roaming, with which you can freely move, for example, with a WiFi phone between the coverage areas of different access points, without interrupting the conversation or experiencing any interruptions in communication. At the same time, the controller promptly sends a signal to your device from the closest access point.
Modern controllers allow you to connect access points via WiFi in repeater mode (the so-called Mesh technology) without a cable connection to the network, and also provide integration with related IT systems (for example, Active Directory, geolocation services, etc.).
How to build seamless Wi-Fi
Our catalog of solutions has already carefully selected and described options for household, corporate and industry WiFi solutions: . And if you go “at the top”, then the most successful options for seamless Wi-Fi on the market are represented by the following vendors:
2. Another American manufacturer reigns in the middle-end segment - . Relatively inexpensive, Cambium is also reliable and high performance.
Similar to Ruckus Unleashed, Cambium can also operate in controller-less network management mode. Cambium calls this ecosystem autoPilot, which supports up to 32 access points in the network and up to 1000 wireless clients. Functionally, it is almost as good as the version with a controller, and also does not require any investment, in addition to purchasing the access points themselves, there is no need to buy licenses, service contracts and their updates.
Do you need faster, higher, stronger? Please! Free cloud The cnMaestro controller already supports up to 4,000 access points and up to 25,000 wireless clients. The software can be installed completely free of charge on own server, if beliefs do not allow the use of cloud solutions. Cambium’s functionality is also fine: here you have centralized ecosystem management, geolocation services, analytics, radio broadcast analysis, integration with related systems... in general, everything your heart desires.
The disadvantage of Cambium can be considered its relatively poor line of access points: . Although everything you need is present in it: There are access points with sector antennas, supporting 802.11ac Wave 2, MU-MIMO 4x4:4, outdoor and indoor. In general, a complete gentleman's set is at your service!
3. B budget segment The competition is much higher, but we distinguish TP-LINK from other daring Chinese. This is the main and most interesting competitor of Ubiquiti (which will be discussed below), although such a comparison in 2019 is no longer flattering for TP-LINK.
First, let's look at the TP-LINK label itself: actually, there are two of them. There is TP-LINK, which makes cheap home routers and plastic switches, and there is TP-LINK, which makes Enterprise line products - WiFi systems, Smart series switches, accessories for them. This is actually 2 different companies, because there are no intersection points between these two directions neither in the field of scientific development, nor in production lines. And, for the sake of objectivity, Enterprise TP-LINK is of significantly higher quality than its younger brother, specializing in products for SOHO.
Now to WiFi. TP-LINK has a line of Auranet CAP- currently in some kind of oblivion (but this is temporary). The solution ceiling is 500 access points, 10,000 wireless clients. Controllers are hardware only, for 50 or 500 access points. Access points - in a rather old, "clumsy" design, but with support for fair, seamless roaming in accordance with 802.11k/v standards, Beamforming, Band Steering, Airtime Fairness - in general, the set is completely complete. High Density cannot be provided on TP-LINK, of course, but we have already served events with 200-300 users in one room, and this has not caused any complaints from customers.
TP-LINK's second ecosystem is called Omada, it features EAP series access points. The controller - Omada Controller - is available in hardware version (with a limit of 50 access points in the 1st network), but there is also a software version that can be installed on a server under Windows control or Linux. EAP access points look modern, and, of course, they can do everything that a self-respecting access point needs to be able to do in 2019.
4. Our next patient is Ubiquiti UniFi series. This is when you want something beautiful and cheap. Moreover, it will always be “beautiful” with Ubiquiti, because... For them, everything is subordinated to design: from packaging to the design of control interfaces. And the design is truly perhaps the best in the industry. In general, Ubiquiti products are characterized by an extremely low price with a fairly high quality the product as a whole.
The main disadvantage of Ubiquiti is that it still does not support truly seamless WiFi roaming in accordance with IEEE standards, offering a proprietary implementation instead. Which works, well, let's say, so-so. Therefore, if you need to organize flawless operation of roaming WiFi clients with voice or video applications, then Ubiquiti, sadly, is no longer suitable for you. The same goes for High Density - this is not about Ubiquiti. In general, Ubiquiti is far from ideal in the radio part, but thanks to a powerful component base, a very wide range of equipment and the right marketing policy, they are still one of the most popular manufacturers of WiFi solutions. In Russia, Ubiquiti has two more significant shortcomings: the lack of official service and representation. The first means that the guarantee on the territory of the Russian Federation works a little better than not at all, and the second means that you will have neither technical support nor certificates for equipment (which closes its way to state enterprises and telecom operators).
Ubiquiti's advantage is in their UniFi ecosystem, which now includes not only WiFi equipment, but also switches, routers, video surveillance, telephony, and more recently even some smart home components. Moreover, management of all this equipment is available through very beautiful and convenient applications (including mobile ones) that integrate with the Ubiquiti “cloud”, i.e. You can “steer” the UniFi ecosystem from anywhere on the planet, and this without any dances with port forwarding, static IP addresses and other leapfrogs. Overall, it's really convenient.
5. Mikrotik, Edimax, Wisnetworks, TG-NET, etc. We are adding the 5th item in this list only because the number 5 is more beautiful than 4. Or it has a better reputation. Objectively, the vendors listed here do not yet even reach the level of Ubiquiti (they may not be worse, but in terms of the totality of factors of their market perception, they are still not so significant), but they still occupy some niche in the market and enjoy some popularity.
Let us boldly boast: we have accumulated extensive experience in deploying large Wi-Fi networks, we managed to “touch” a wide variety of solutions from most specialized vendors, and we know them strengths and pitfalls. We are ready to apply our experience to design and install wireless networks at your enterprise. - save your time and money!
In this article we will learn how to create a single seamless WiFi network on MikroTik / Mikrotik routers. Where can this be useful? For example, in various cafes or hotels, where one wi-fi router not enough to cover all premises and access to the Internet, and with large quantity access points, various kinds of problems constantly arise: the connection is constantly lost on laptops, and mobile devices do not switch on their own to the nearest access point.
The solution to this situation is seamless WiFi network roaming or handover, which we can get thanks to the CapsMan functionality from several Mikrotik routers, one of which will be a WiFi controller, and the rest will be access points controlled by this controller.
The first thing you need to do is update to latest version BY. The firmware can be downloaded from the official website. Next, going into the MikroTik interface, drag it to the Files section and reboot the router. Along with the firmware, you also need to download the Wireless CAPs MAN package, drag it to the same place and reboot. After completing the steps, you can proceed to configuration.
Let's start with the controller. Open the CAPsMAN section by clicking the corresponding button in the main menu. In the Interfaces tab, click the Manager button (turn on controller mode) and in the window that appears, check the Enable box and save OK. After that, go to the Configurations tab.
The configuration settings will apply to all access points connected to the controller. Click the blue cross and in the Wireless tab indicate the configuration name (3), wireless network mode (4), network name (5), and also turn on all wireless antennas for reception and transmission (6), save (7) and go to the Channel tab .
Here we indicate the frequency (2), wireless network broadcast format (3) and channel (4). Save (5) and go to the Datapath tab.
Here we only need to check the Local Forwarding box - this will transfer traffic control to the access points. All that remains is to fill out the last Security tab.
In the security section, select the authentication type, encryption method and password for the wireless network, click OK.
After we have created the configuration, we move on to the next step - deployment. In the same CAPsMAN section, select the Provisioning tab (1) and click the blue cross. The Radio MAC field (2) allows us to select a specific access point to which our deployment will relate. We leave it as default so that the deployment applies to all access points. In the next Action (3) field, select createdynamicenabled, since we have a dynamic interface. In Master Configuration (4) we indicate the name of the configuration created above.
We’re done with the CAPsMAN section, let’s move on to the Wireless section (1). In the Interfaces tab, click the CAP button (3), check the Enabled checkbox (4), select the wlan1 interface and indicate the IP address of our main router, which is also the controller.
If we did everything correctly, then two red lines will appear in the Interfaces tab, indicating that wifi adapter connected to the controller and adopted all the necessary settings.
At this point, the configuration of the main router-controller is completed, and this network can be used to create telephone network and connections to an office PBX
Setting up access points that will connect to the controller via an Ethernet cable is quite simple. They also need to be updated to the latest version and CAPs MAN installed. Next, we combine all the ports and wi-fi interface into one Bridge in the section of the same name.
The next step in the Wireless section is to do the same as on the controller, except that instead of the IP address in CAPs MAN Addresses, we indicate the Bridge created on the access point in the Discovery Interfaces field. After the manipulations have been completed, the access point will receive settings from the controller and will distribute wi-fi (the same two red lines should appear in the Interfaces tab).
