So a problem has come up with folks who use the Dude for upgrades. Ever since 6.24 The Dude has been having problems pushing upgrades out to devices. The error message you get is “Can not determine packages”. This seems to be a known issue according to this post.
The GPON module allows any RouterBOARD device to be used for Fiber to Home installations without any special modems or software. A plug and play solution means you simply plug it into your device, and no special configuration is needed. It is supported by all our SFP products, with any RouterOS version – all configuration will be done on the ISP side. The GPON ONU integrates GPON OMCI Stack and is fully compliant with ITU-T G.984 standards. The ONU is in a standardized MSA SFP form-factor and is designed to simply plug into a standard SFP port in your router. The product provides a pluggable GPON ONU interface for networking equipment with an uplink SFP receptacle enabling these devices to be deployed in GPON networks for FTTx, business services, and wireless backhaul applications.
Below are some basic Filter Rules for Mikrotik BGP filtering. These are not complex and can be very easily implemented on your BGP peers.
Before we get to the code there are a few assumptions
1.Your own IP space in this example is 1.1.1.0/22
2.These filters are not fancy and are geared toward upstream ISPs, not your own internal routers or clients.
3.If you copy and paste the below code make sure there is one command per line. Some browsers will cut the line off and then it won’t paste right. If in doubt paste it into notepad, textedit, etc. and clean it up.
/routing filter add action=discard chain=INET-IN comment="BEGIN INET-IN" prefix=127.0.0.0/8 protocol=bgp add action=discard chain=INET-IN prefix=10.0.0.0/8 protocol=bgp add action=discard chain=INET-IN prefix=169.254.0.0/16 protocol=bgp add action=discard chain=INET-IN prefix=172.16.0.0/12 protocol=bgp add action=discard chain=INET-IN prefix=192.168.0.0/16 protocol=bgp add action=discard chain=INET-IN prefix=224.0.0.0/3 protocol=bgp add action=discard chain=INET-IN prefix=1.1.1.0/22 protocol=bgp add action=discard chain=INET-IN prefix-length=25-32 protocol=bgp add action=discard chain=INET-IN protocol=bgp add action=accept chain=INET-OUT comment="BEGIN INET OUT" prefix=1.1.1.0/22 protocol=bgp add action=discard chain=INET-OUT protocol=bgp
So what does this do?
-The first 6 lines filter out non routeable IP space. There should be no reason these are being advertised to you from the public internet.
-Next we are saying if we see our own IP space being advertised to us (in this case 1.1.1.0/22) discard that. There should be no reason we see our own IP space on a public peer.
-The next line filters out prefixes that are a /25 and smaller. Just about every provider out there has a minimum size of a /24 they will accept as an advertisement. If you are getting anything smaller it’s a good practice to drop that. If there happens to be smaller prefixes they can be sent to a default route to the provider. This helps trim your routing table, which makes lookups and convergence time quicker.
Under the INET-OUT rules we are advertising our IP space to our upstream.
Pretty simple eh? We could get complicated and add in chains, and more rules. But, this is a start. We will do some more advanced rules in a later post.
RoMON
another blog post will follow on this.
Need to use Winbox 3
FastTrack
FastPath + Connection Tracking
FastTrack Accelerates packet processing for specific connection tracking entries
Full NAT support
Works with IPv4/TCP and IPv4/UDP
Recently Introduced
hAP Lite (Home Access Point Lite)
2.4GHZ Dual Chain
5volt USB powered
CCR1009 PC
9 Core Tilera
Passive cooling
* Gigabit, 1SFP, 1SFP+
PowerBox
Outdoor Ethernet router
POE Out
S+2332LC10D
10KM Bidirectional SFP+
New Products:
hAP
951 replacement
regular power input
POE-IN
PoE-out on port 5
hAP ac lite
2.4GHZ dual chain 802.11n
5GHZ single chain 802.11ac
hAP AC
Gigabit
2.4GHZ high power 2 chain 802.11n
5GHZ high power 3 chanin 802.11ac
5Gigabit and 1 SFP cage
CRS112-8G-4S-IN
4 SFP ports
8 Gigabit copper
QRT 5GH
miniPCIe card with 5GHZ triple chain 802.11ac
QRT 5 AC
802.11ac upgrade for QRT5
SXT HG5 AC
802.11ac
RB3011 Series
Upgrade for 2011
Dual core 1.2GHZ ARM CPU
2x performance of 2011
10x Gigabit ethernet
niniPCIe slot and SFP port
QuickMount
Easy way to mount to wall for SXT
Can have back to back setup
Available Q3
DynaDish 5
802.11ac
5GHZ dual chain board integrated into 23DBI dish
8 Degree beamwidth
$179
What’s new in 6.25 (2015-Jan-19 10:11):
*) certificates – fix SCEP RA operation and SCEP client when operating with RA;
*) ppp – report authentication failure cause like in v6.6;
*) ovpn server – added support for address lists;
*) improved boot times;
*) api – fixed missing return values of some commands;
*) ntp – fixed vulnerabilities;
*) mpls/vpls have improved per core balancing on CCRs;
*) fixed queue tree no-mark matching (was broken since 6.24);
*) fixed nested simple queues (was broken since 6.24);
*) fixed occasional crash when ipv6 was used;
*) fixed route cache overflow (ipv4/ipv6 stops working) if ipsec is used;
*) fixed Omnitik upgrade from v5 where wireless config was not correctly saved
*) fixed Webfig Design Skin where some skin changes were not saved
*) WPS support added to CM2 wireless package
Simply click “Check for updates” in QuickSet, Webfig or Winbox packages menu. It should also work from v5
From the ChangeLog
What’s new in 6.22 (2014-Nov-11 14:46):
*) ovpn – added support for null crypto;
*) files – allow to remove empty disk folders;
*) sntp – fix problems with dns name resolving failures that were triggering
system watchdog timeout;
*) eoip/eoipv6/gre/gre6/ipip/ipipv6/6to4 tunnels have new features:
tunnels go down when no route to destination;
tunnels go down for 1 minute when transmit loop detected, warning gets logged;
new keepalive-retries setting;
keepalives enabled by default for new tunnels (10sec interval, 10 retries);
*) improved connection-state matcher in firewall – can match multiple states in one rule, supports negation;
*) added connection-nat-state matcher – can match connections that are srcnatted,dstnatted or both;
*) 100% CPU load caused by DNS service fixed;
*) 100% CPU load caused by unclassified services fixed;
*) 6to4 tunnel fixed;
*) new RouterBOOT firmware for Metal 2SHPn to improve wireless stability;
Download at http://www.mikrotik.com/download
As I am preparing talks for the upcoming WISPAPALOOZA 2014 in Las Vegas I am making some notes on advanced BGP. If you are running BGP, and want to lock it down a little here are some general hints. If you want more attend my session in Vegas or look here afterwords for the full rundown.
General Hints for BGP filter.
1.Filter all all the bogon addresses unless you have a specific need. If you have to ask you probably don’t have a need so filter it. Bogons are:
10.0.0.0/8,
172.16.0.0/12
192.168.0.0/16
169.254.0.0/16
2.Don’t accept your own IP space from upstreams. There should be no reason someone is advertising your own IP space back to you that is not a downstream customer. I mean dowstream as to someone you have assigned your own IP space to.
3.Limit the maximum number of prefixes your router will accept.
4.Most ISPs don’t announce anything less than a /24. Configure your filters to not accept anything smaller than a /24 unless you have a specific need to do so.
5. Separate iBGP from eBGP.
6.Understand the defaults for the platform you are using.
Almost all the time I get asked: “How many clients can an AP handle?” . My answer is always a very long and drawn out one. There is no set in stone answer. There are many factors which can affect this. I will go into some of these and then explain how to calculate this.
Some things that we will assume.
1.You are calculating on an 802.11N Ap with some kind of polling (TDMA, NSTREME, AIRMAX, etc)
2.You know the MCS values and/or data rates at channel widths.
3.When I say in an ideal situation I mean basically in the lab. This is our baseline. This means no outside noise, everything is working properly, and all the connected clients are excellent.
Before I get into what affects how many clients can an AP handle we need to shift our thinking a little. We don’t think in terms of how many clients can an AP handle. We need to think in terms of how much capacity an AP has. This is very important to think in these terms. If you do so things will become more clear and more quantifiable.
So now, on to what affects the total capacity of an AP.
1.The channel width. In and ideal situation you will get more Capacity out of a 20 mhz channel than you will a 10mhz channel.
2.Noise. In the real world you will have interference. If you have interference the noise floor drops, customer signals can’t reach maximum modulation, and there are retransmits.
3.Plain old signal. Things such as trees, distance, fresnel zone, and antenna gain all affect signal
4.The speed you are giving to each customer.
5.Overselling. The concept of overselling has been around since the dial-up days. You are betting your customers are not all online at the same exact time doing the exact same stuff. So you can oversell your capacity. I will explain this a little more in a bit how this factors in.
Okay, so let’s dive into this. I am going to use a Ubiquity Rocket M5 as an example. Again, this can be applied to any polling type N radio.
Say we have a Rocket M5. At a 20MHZ channel the best modulation this M5 will do is MCS 15 at 130 Megs of over the air. What do you mean Over the Air? Well there is a difference between actual throughput and the Wireless Data Rate (aka over the air). Your actual throughput/capacity will be 1/2 of the over the air rate minus a little for overhead. I factor in 10% overhead for easy figuring.
Back to our figuring. You have 130 megs of capacity on your AP in an ideal situation on a 20 mhz channel. If we do our math:
130 / 2 = 65 Megs of Capacity to sell on the AP.
Now here comes the overselling part.
If we oversell at a 2:1 ratio we have 130 Megs of capacity on the AP.
If we oversell at a 3:1 ratio we have 195 megs of capacity on the AP.
We can do higher ratios, but it starts to become a moving target. With the spread of Netflix, Youtube, Hulu, and other streaming services the average customer is sucking down more and more bandwidth for longer periods of time. Think of a restaurant with so many tables. If your customers are staying longer and longer, you don’t have as much seating capacity to turn over for new people to sit down and consume your food. This is for another blog post.
So, let’s say we are overselling at 3:1. We have 195 megs of capacity. We now need to think about what packages we are selling to our customers. If they are all say 5 meg packages, this means we can safely sell 39 connections to the AP. 195 / 5 = 39. You can figure up the math if you have 3 Meg, 10 meg, or a mixture.
Now to the real world (aka why do my customers hate me and my AP sucks?).
The following is a real AP in the wild. Blacked out to protect the innocent from script kiddies.
Couple of things to Note (circled in Red).
20 MHZ Channel
Capacity at 45% . This is more important than anything, even CCQ.
43 clients associated.
Let’s apply our math we learned earlier. We know a 20 mhz channel nets us MCS15 – 130 Megs
Here is the kicker. Our capacity is at 45%. This means we only have 45% of 130 megs of Over the air capacity. Take this in half (130 / 2= 65 45% of 65 = 29.25.
This means all 43 of these customers are sharing 29 megs of capacity on the AP. And the quality isn’t the greatest (37%). So this means there are retransmissions going on between the client and the AP. The client can’t talk as fast as it is capable of in most cases. This means you can’t oversell the AP as much due to the quality of the signals being poor. It is important to note I am talking about the quality and capacity of the signals, not signal strengths.
If those 43 people are all paying for, let’s say, 2 Megs download. That means your AP needs to support a minimum of 86 megs. Thats without overselling. We only have 29 megs in the current state!
We need to get those capacity numbers up. How do we do that?
1. Channel selection. A noisy channel will drag everyone down.
2. Antenna gain. This can be done at both the client and the AP. A higher gain or better quality antenna can cause the clients to “hear” better. You might not get an increase in signal strengths, but you are looking for an increase in quality. I use a loudspeaker metaphor. You can hear a loudspeaker from a far distance, but you might not always be able to make out what is being said. If you can somehow make out what is being said more clearly, then you don’t have to have the speaker turn up the volume.
3. Shielding. This helps eliminate the amount of stuff a client or AP hears.
4. Channel Width. Sometimes dropping the channel width down can increase signals, thus raising the overall capacity. Keep in mind it will lessen the overall capacity of the AP.
5.Simply getting rid of customers that shouldn’t be installed. We have all done installs that were iffy. These can drag down the overall capacity.
I hope this has helped understand. The biggest thing I want you all to take away from this is think in terms of the amount of capacity you have to sell, not the number of connections.
You must be logged in to post a comment.