*) certificates – fix SCEP RA operation and SCEP client when operating with RA;
*) ppp – report authentication failure cause like in v6.6;
*) ovpn server – added support for address lists;
*) improved boot times;
*) api – fixed missing return values of some commands;
*) ntp – fixed vulnerabilities;
*) mpls/vpls have improved per core balancing on CCRs;
*) fixed queue tree no-mark matching (was broken since 6.24);
*) fixed nested simple queues (was broken since 6.24);
*) fixed occasional crash when ipv6 was used;
*) fixed route cache overflow (ipv4/ipv6 stops working) if ipsec is used;
*) fixed Omnitik upgrade from v5 where wireless config was not correctly saved
*) fixed Webfig Design Skin where some skin changes were not saved
*) WPS support added to CM2 wireless package
Simply click “Check for updates” in QuickSet, Webfig or Winbox packages menu. It should also work from v5
*) ovpn – added support for null crypto;
*) files – allow to remove empty disk folders;
*) sntp – fix problems with dns name resolving failures that were triggering
system watchdog timeout;
*) eoip/eoipv6/gre/gre6/ipip/ipipv6/6to4 tunnels have new features:
tunnels go down when no route to destination;
tunnels go down for 1 minute when transmit loop detected, warning gets logged;
new keepalive-retries setting;
keepalives enabled by default for new tunnels (10sec interval, 10 retries);
*) improved connection-state matcher in firewall – can match multiple states in one rule, supports negation;
*) added connection-nat-state matcher – can match connections that are srcnatted,dstnatted or both;
*) 100% CPU load caused by DNS service fixed;
*) 100% CPU load caused by unclassified services fixed;
*) 6to4 tunnel fixed;
*) new RouterBOOT firmware for Metal 2SHPn to improve wireless stability;
Almost all the time I get asked: “How many clients can an AP handle?” . My answer is always a very long and drawn out one. There is no set in stone answer. There are many factors which can affect this. I will go into some of these and then explain how to calculate this.
Some things that we will assume.
1.You are calculating on an 802.11N Ap with some kind of polling (TDMA, NSTREME, AIRMAX, etc)
2.You know the MCS values and/or data rates at channel widths.
3.When I say in an ideal situation I mean basically in the lab. This is our baseline. This means no outside noise, everything is working properly, and all the connected clients are excellent.
Before I get into what affects how many clients can an AP handle we need to shift our thinking a little. We don’t think in terms of how many clients can an AP handle. We need to think in terms of how much capacity an AP has. This is very important to think in these terms. If you do so things will become more clear and more quantifiable.
So now, on to what affects the total capacity of an AP.
1.The channel width. In and ideal situation you will get more Capacity out of a 20 mhz channel than you will a 10mhz channel.
2.Noise. In the real world you will have interference. If you have interference the noise floor drops, customer signals can’t reach maximum modulation, and there are retransmits.
3.Plain old signal. Things such as trees, distance, fresnel zone, and antenna gain all affect signal
4.The speed you are giving to each customer.
5.Overselling. The concept of overselling has been around since the dial-up days. You are betting your customers are not all online at the same exact time doing the exact same stuff. So you can oversell your capacity. I will explain this a little more in a bit how this factors in.
Okay, so let’s dive into this. I am going to use a Ubiquity Rocket M5 as an example. Again, this can be applied to any polling type N radio.
Say we have a Rocket M5. At a 20MHZ channel the best modulation this M5 will do is MCS 15 at 130 Megs of over the air. What do you mean Over the Air? Well there is a difference between actual throughput and the Wireless Data Rate (aka over the air). Your actual throughput/capacity will be 1/2 of the over the air rate minus a little for overhead. I factor in 10% overhead for easy figuring.
Back to our figuring. You have 130 megs of capacity on your AP in an ideal situation on a 20 mhz channel. If we do our math:
130 / 2 = 65 Megs of Capacity to sell on the AP.
Now here comes the overselling part.
If we oversell at a 2:1 ratio we have 130 Megs of capacity on the AP.
If we oversell at a 3:1 ratio we have 195 megs of capacity on the AP.
We can do higher ratios, but it starts to become a moving target. With the spread of Netflix, Youtube, Hulu, and other streaming services the average customer is sucking down more and more bandwidth for longer periods of time. Think of a restaurant with so many tables. If your customers are staying longer and longer, you don’t have as much seating capacity to turn over for new people to sit down and consume your food. This is for another blog post.
So, let’s say we are overselling at 3:1. We have 195 megs of capacity. We now need to think about what packages we are selling to our customers. If they are all say 5 meg packages, this means we can safely sell 39 connections to the AP. 195 / 5 = 39. You can figure up the math if you have 3 Meg, 10 meg, or a mixture.
Now to the real world (aka why do my customers hate me and my AP sucks?).
The following is a real AP in the wild. Blacked out to protect the innocent from script kiddies.
Couple of things to Note (circled in Red).
20 MHZ Channel
Capacity at 45% . This is more important than anything, even CCQ.
43 clients associated.
Let’s apply our math we learned earlier. We know a 20 mhz channel nets us MCS15 – 130 Megs
Here is the kicker. Our capacity is at 45%. This means we only have 45% of 130 megs of Over the air capacity. Take this in half (130 / 2= 65 45% of 65 = 29.25.
This means all 43 of these customers are sharing 29 megs of capacity on the AP. And the quality isn’t the greatest (37%). So this means there are retransmissions going on between the client and the AP. The client can’t talk as fast as it is capable of in most cases. This means you can’t oversell the AP as much due to the quality of the signals being poor. It is important to note I am talking about the quality and capacity of the signals, not signal strengths.
If those 43 people are all paying for, let’s say, 2 Megs download. That means your AP needs to support a minimum of 86 megs. Thats without overselling. We only have 29 megs in the current state!
We need to get those capacity numbers up. How do we do that?
1. Channel selection. A noisy channel will drag everyone down.
2. Antenna gain. This can be done at both the client and the AP. A higher gain or better quality antenna can cause the clients to “hear” better. You might not get an increase in signal strengths, but you are looking for an increase in quality. I use a loudspeaker metaphor. You can hear a loudspeaker from a far distance, but you might not always be able to make out what is being said. If you can somehow make out what is being said more clearly, then you don’t have to have the speaker turn up the volume.
3. Shielding. This helps eliminate the amount of stuff a client or AP hears.
4. Channel Width. Sometimes dropping the channel width down can increase signals, thus raising the overall capacity. Keep in mind it will lessen the overall capacity of the AP.
5.Simply getting rid of customers that shouldn’t be installed. We have all done installs that were iffy. These can drag down the overall capacity.
I hope this has helped understand. The biggest thing I want you all to take away from this is think in terms of the amount of capacity you have to sell, not the number of connections.
What's new in 6.18 (2014-Aug-01 10:47):
*) sstp - report TLS encryption as well;
*) safe mode - do not allow user with less permissions to disrupt active safe mode;
*) console - print command does not try to reuse item numbers assigned by
previous invocations of 'print' when doing 'print where' or 'print follow',
items are numbered consecutively starting from '0'.
*) console - fix compact export of some partially modified
configuration values;
*) api - use the same syntax for property values as is used in 'print detail'
output, with the exception of numbers, that are not shown with suffixes
(K/M/G/T or bitrate) and are not contracted or separated into digit groups,
and "yes"/"no" values that continue to be reported as "true"/"false".
*) console - show internal numbers in the form returned by 'find' (like *9A0F)
instead of "(unknown)" when configuration refers to
deleted items. This change also applies to API.
*) ipsec - fix addition of default policy template;
*) console - values of type 'nil' were returning 'nil' as result of most
operations. Now it compares less than all values except 'nil'
and 'nothing', and compares inequal to all values except 'nil'.
This was changed to make 'print where' and 'find where' more useful.
An example. Previously the following command
/ip route print where routing-mark!=nosuch
Would not print routes that had no value for 'routing-mark' set, because
(nil != "nosuch") was equal to nil. Now it evaluates to 'true', and this
command will also print all routes that have no 'routing-mark' value set.
*) l2tp - fixed problem on CCR where server responded with wrong source address;
*) console export - put qutes around item names that start with a digit;
*) sntp client - added support for dns lookup of ntp servers;
*) console - when exporting to file, use name ending in '.in_progress', and
rename when export finishes;
*) bridge setups sometimes could crash on CCR devices;
*) fixed port flapping in 1G mode on sfp-sfpplus1 on CRS226;
*) fixed SXT ac model losing it's interface if changing regulatory settings in "routerboard" menu
What's new in 6.17 (2014-Jul-18 15:14):
*) CCR1009 - fixed crash, only affects CCR1009;
What's new in 6.16 (2014-Jul-17 13:12):
*) 802.11ac support added in wireless-fp package for QCA9880/9882 rev2 (-BR4A) chips;
*) ip cloud now allows to set which IP to use - detected (public) or local (private);
*) l2tp, pptp, pppoe - fixed possible packet corruption when encryption was enabled;
*) ovpn - fixed ethernet mode;
*) certificates - use SHA256 for fingerprinting;
*) ipsec - fix AH proposal and problem when sometimes policy was not generated;
*) snmp - support AES encryption (rfc3826);
*) l2tp server: added option to enable IPsec automatically;
*) poe-out: added power-cycle-ping and power-cycle-interval settings;
*) gps - increased retry duration to 30 seconds;
*) time - on routerboards, current time is saved in configuration on reboot
and on clock adjustment, and is used to set initial time after reboot;
*) sntp - disabling/enabling client was causing dynamic-servers to be ignored
(bug introduced in 6.14);
*) CCR - fixed rare file system corruption when none
of configuration could be changed or some of it disappeared;
*) ipsec - allow multiple encryption algorithms per peer;
*) email - support tls only connections;
*) smb - fixed usb share issues after reboot
*) snmp - fix v3 protocol time window checks;
*) updated timezone information;
*) quickset - added VPN settings for HomeAP mode;
*) latency improvements on CCR devices;
Big bug fix if you are upgrading from V5.x
What's new in 6.15 (2014-Jun-12 12:25):
*) fixed upgrade from v5 - on first boot all the optional packages were disabled;
*) fixed problem where sntp server could not be specified in winbox & webfig;
*) metarouter - make openwrt work on ppc metarouter again;
*) console – comments are now accepted where new command can start, that is,
where ‘/’ or ‘:’ characters can be used to start new command, e.g.
/interface { # comment until the end of the line
print
}
*) backup – backups by default are encrypted now (with user password).
To use backup on older versions, you should disable encryption with dont-encrypt
flag when creating it;
*) files with ‘.sensitive.’ in the filename require ‘sensitive’
permission to manipulate;
*) lcd – reduce CPU usage when displaying static screens;
*) l2tp – fixed occasional server lockup;
*) pptp – fixed memory leak;
*) sstp – fixed crashes;
Simply click “Check for updates” in QuickSet, Webfig or Winbox packages menu. If you run v5 or older, download the newest NPK package from our webpage, upload to your router, and reboot: http://www.mikrotik.com/download
You must be logged in to post a comment.