Please log in and verify your age to view this post. Why?
MikroTik Router/Switch/Wireless
- Thread starter s_alagas
- Start date
Please log in and verify your age to view this post. Why?
Please log in and verify your age to view this post. Why?
Please log in and verify your age to view this post. Why?
Please log in and verify your age to view this post. Why?
Please log in and verify your age to view this post. Why?
Please log in and verify your age to view this post. Why?
Please log in and verify your age to view this post. Why?
Please log in and verify your age to view this post. Why?
Please log in and verify your age to view this post. Why?
Please log in and verify your age to view this post. Why?
Please log in and verify your age to view this post. Why?
Please log in and verify your age to view this post. Why?
Please log in and verify your age to view this post. Why?
Please log in and verify your age to view this post. Why?
BBCWatcher
Arch-Supremacy Member
- Joined
- Jun 15, 2010
- Messages
- 23,293
- Reaction score
- 4,780
Fairly recently MikroTik released some upgraded Wi-Fi driver packages with many functional improvements. They're compatible with many but not all MikroTik products with Wi-Fi radios. The driver package name is "wifi-qcom-ac" for compatible 802.11ac devices and "wifi-qcom" for 802.11ax devices. They replace the "wireless" and "WifiWave2" driver packages. (The WifiWave2 driver package is no longer available in newer RouterOS releases, but the classic wireless driver package is still available and supported.) New features across all the "qcom" drivers include WPA3, OWE, 802.11w, 802.11r/k/v, MU-MIMO and beamforming, and wide channel support in 2.4 GHz for some devices. (But please don't use 40 MHz wide channels in 2.4 GHz spectrum.) A few features and configuration settings are dropped, but you probably won't miss them. If you miss them, the wireless driver package is still available.
If you're using CAPsMAN then you cannot mix devices running the wireless driver package with devices running the wifi-qcom-ac/wifi-qcom driver packages. But wifi-qcom-ac and wifi-qcom devices can be mixed in the same CAPsMAN group. Being able to support 802.11r/k/v (wireless roaming) even with many of the older 802.11ac devices in a group is a nice feature.
On some devices such as the hAP ac2 the wifi-qcom-ac package is a tight fit, but it fits as long as you don't have any other packages besides the base RouterOS.
Companies such as RUCKUS and HPE Networks (Aruba) offer Wi-Fi products that have advantages over MikroTik's products even with the new driver packages. However, the new driver packages help.
If you're using CAPsMAN then you cannot mix devices running the wireless driver package with devices running the wifi-qcom-ac/wifi-qcom driver packages. But wifi-qcom-ac and wifi-qcom devices can be mixed in the same CAPsMAN group. Being able to support 802.11r/k/v (wireless roaming) even with many of the older 802.11ac devices in a group is a nice feature.
On some devices such as the hAP ac2 the wifi-qcom-ac package is a tight fit, but it fits as long as you don't have any other packages besides the base RouterOS.
Companies such as RUCKUS and HPE Networks (Aruba) offer Wi-Fi products that have advantages over MikroTik's products even with the new driver packages. However, the new driver packages help.
BBCWatcher
Arch-Supremacy Member
- Joined
- Jun 15, 2010
- Messages
- 23,293
- Reaction score
- 4,780
I'm fairly impressed with MikroTik's support for Wi-Fi roaming (802.11r — plus 802.11k and 802.11v) in their newer RouterOS releases with wifi-qcom-ac and wifi-qcom packages. Here are some anecdotal tips that might help, although YMMV.
First, it's important to understand that wireless client devices still decide which access points they'll associate with (or not). Some devices make questionable decisions. There's only so much you can do to persuade poorly behaving clients to roam across access points in a sensible way. For example, for a while I had a "smart" TV that frequently associated with the "wrong" access point. On that access point I added a MAC address-based block, to shove away the not-so-smart TV and prod it to associate with the better access point. That worked, but eventually I shifted the TV from a wireless to a wired connection. Another strategy to deal with older and less capable Wi-Fi clients (such as "IoT" devices) is to shift them to a separate, isolated, "legacy" Wi-Fi network — preferably with a separate radio if you can spare one.
In RouterOS you have to set up CAPsMAN if you want 802.11r (and k/v) to work across different physical access points. CAPsMAN configuration is odd in certain respects, so be sure to read the documentation carefully before you set it up. For example, when you run CAPsMAN on Access Point #1, you don't actually include AP1's own radios in any CAPsMAN-related configuration. In other words, CAPsMAN is used to manage remote radios. The local, on-device radios are effectively already within the CAPsMAN "group."
On each of the radios in the "group" I found there are a couple critical settings to make roaming work well:
Channel selection (and width) is "interesting" in this urban jungle named Singapore. I've recently settled on some limited, controlled automatic channel (re)selection that occurs every night in the early morning hours.
Good luck!
First, it's important to understand that wireless client devices still decide which access points they'll associate with (or not). Some devices make questionable decisions. There's only so much you can do to persuade poorly behaving clients to roam across access points in a sensible way. For example, for a while I had a "smart" TV that frequently associated with the "wrong" access point. On that access point I added a MAC address-based block, to shove away the not-so-smart TV and prod it to associate with the better access point. That worked, but eventually I shifted the TV from a wireless to a wired connection. Another strategy to deal with older and less capable Wi-Fi clients (such as "IoT" devices) is to shift them to a separate, isolated, "legacy" Wi-Fi network — preferably with a separate radio if you can spare one.
In RouterOS you have to set up CAPsMAN if you want 802.11r (and k/v) to work across different physical access points. CAPsMAN configuration is odd in certain respects, so be sure to read the documentation carefully before you set it up. For example, when you run CAPsMAN on Access Point #1, you don't actually include AP1's own radios in any CAPsMAN-related configuration. In other words, CAPsMAN is used to manage remote radios. The local, on-device radios are effectively already within the CAPsMAN "group."
On each of the radios in the "group" I found there are a couple critical settings to make roaming work well:
- connect-priority: 0/1
This setting seems to allow the client to connect immediately to a new access point and assumes the client should be immediately dropped from the "old" access point. - ft: yes
This parameter should be obvious: it's the one that enables any 802.11r. - ft-over-ds: no
No is the default. Some Apple devices reportedly have trouble if this setting is enabled. I didn't have trouble when I tried it, but I also didn't observe any benefits. So I'm keeping the default.
- management-protection: required
All my wireless devices seem to be new enough to support management frame protection. You can skip this parameter if you're only using WPA3 since "required" is then the default. - disable-pmkid: yes
This parameter is especially (but not only) important when you're using 802.11r. - group-key-update: 1h
Makes some attacks a little tougher.
Channel selection (and width) is "interesting" in this urban jungle named Singapore. I've recently settled on some limited, controlled automatic channel (re)selection that occurs every night in the early morning hours.
Good luck!
BBCWatcher
Arch-Supremacy Member
- Joined
- Jun 15, 2010
- Messages
- 23,293
- Reaction score
- 4,780
MikroTik has introduced a new, more affordable Wi-Fi 6 wireless router called the hAP ax S. It's broadly similar to the hAP ax2 but with a different mix of features. Here's what it adds compared to the hAP ax2:
- triple chain 5 GHz (instead of dual chain)
- one 2.5 GbE SFP cage
- MediaTek wireless chipset (instead of Qualcomm), which makes future OpenWrt support more likely
- one USB-A port
- higher tested maximum operating temperature (70°C instead of 50°C)
- 512MB of RAM (instead of 1GB on the hAP ax2)
- dual core ARM32 CPU (instead of quad core ARM64 CPU on the hAP ax2), albeit at a slightly higher clock speed
- US$20 off the suggested retail price (US$79 v. US$99 for the hAP ax2)
BBCWatcher
Arch-Supremacy Member
- Joined
- Jun 15, 2010
- Messages
- 23,293
- Reaction score
- 4,780
MikroTik has teased upcoming availability of their hAP be3 Media device, stylized as hAP be³ Media. The MikroTik hAP be3 Media is a triple band Wi-Fi router with five (5) 2.5GBASE-T ports, 1 USB-C port, 2 USB-A ports, a microSD card slot, Bluetooth 5.4, PoE-in, and support for Matter and Thread "smart home" technologies. It has a 64-bit quad core ARM processor, 2GB of RAM, and 512MB of onboard NAND flash for RouterOS. The data sheet isn't available on MikroTik's Web site yet, but it leaked here. Retail prices aren't available yet, but one distributor suggests it may be as low as €119 (currently about S$180) — plus shipping and GST to Singapore. The formal model code is MA53UG+HbeH.
BBCWatcher
Arch-Supremacy Member
- Joined
- Jun 15, 2010
- Messages
- 23,293
- Reaction score
- 4,780
MikroTik has released their first Long Term RouterOS build in their Version 7.x stream: RouterOS Version 7.20.7. MikroTik reached this milestone more than 4 years after releasing Version 7.1 to their Stable channel.
Important Forum Advisory Note
This forum is moderated by volunteer moderators who will react only to members' feedback on posts. Moderators are not employees or representatives of HWZ. Forum members and moderators are responsible for their own posts.
Please refer to our Community Guidelines and Standards, Terms of Service and Member T&Cs for more information.
Please refer to our Community Guidelines and Standards, Terms of Service and Member T&Cs for more information.
