Do MicroTik AP’s have roaming with CAPsMAN?

[Zerxal]

I’m planning on getting some of their access point’s soon, but I’ve heard differing opinions on whether have have roaming or not between multiple AP’s on the same SSID.

 

I’m going to be running 4 of the cAP ac’s, so I really need to know if they will work with roaming or not.

[jj9987]

You can configure the APs to kick out clients, that surpass a certain dBm though using Capsman access-list. This means when signal quality goes too low, the AP triggers a WiFi disconnect. That will force clients to reconnect to another AP, which is decided by the client.

[brwainer]

First, the client always controls roaming. Doing thinks like kicking clients with low signal is very disruptive, and is not “roaming”. In this case the client will completely start over, including killing all IP connections. If on a call, this will cause a drop of 5 seconds or more because the connection needs to be made again.

Second, yes devices will roam pretty quickly between the same SSID on Mikrotik CAPsMAN APs. But if on an audio or video call there will be a 2 second or so drop.

Third, Mikrotik does not have some of the “fast roaming” standards, 802.11r, 802.11k, and 802.11v - these allow the client device to roam between APs fast enough to have almost no noticeable affect on audio or video call. When people talk about Mikrotik not having roaming, they mean these things.

 

Resources:

Apple explanation of fast roaming standards (one of the best I’ve seen): https://support.apple.com/en-lamr/HT202628

Apple explanation of when their devices roam: https://support.apple.com/en-us/HT203068

Samsung explanation of when their devices roam: https://docs.samsungknox.com/admin/knox-platform-for-enterprise/kbas/kba-115013403768.htm

[Zerxal]

49 minutes ago, jj9987 said:

You can configure the APs to kick out clients, that surpass a certain dBm though using Capsman access-list. This means when signal quality goes too low, the AP triggers a WiFi disconnect. That will force clients to reconnect to another AP, which is decided by the client.

 

42 minutes ago, brwainer said:

First, the client always controls roaming. Doing thinks like kicking clients with low signal is very disruptive, and is not “roaming”. In this case the client will completely start over, including killing all IP connections. If on a call, this will cause a drop of 5 seconds or more because the connection needs to be made again.

Second, yes devices will roam pretty quickly between the same SSID on Mikrotik CAPsMAN APs. But if on an audio or video call there will be a 2 second or so drop.

Third, Mikrotik does not have some of the “fast roaming” standards, 802.11r, 802.11k, and 802.11v - these allow the client device to roam between APs fast enough to have almost no noticeable affect on audio or video call. When people talk about Mikrotik not having roaming, they mean these things.

 

Resources:

Apple explanation of fast roaming standards (one of the best I’ve seen): https://support.apple.com/en-lamr/HT202628

Apple explanation of when their devices roam: https://support.apple.com/en-us/HT203068

Samsung explanation of when their devices roam: https://docs.samsungknox.com/admin/knox-platform-for-enterprise/kbas/kba-115013403768.htm

Another question for you two, if you know.

 

One of the primary reasons I’m moving towards this more business oriented hardware is to move away from my xFi which restricts me from creating a 2.4 GHz only WiFi network for my smart devices.

 

I’d assume with these devices I’d be able to broadcast two networks at once, one network with a 2.4 and 5 GHz together, and one network with 2.4 GHz only?

[brwainer]

34 minutes ago, Zerxal said:

I’d assume with these devices I’d be able to broadcast two networks at once, one network with a 2.4 and 5 GHz together, and one network with 2.4 GHz only?

Yes, because with Mikrotik there is only minimal automation and you are setting each thing up yourself (you create a profile for the SSID, a profile for channels, and assign those to the radios, with the 2.4GHz and 5GHz radios being set up separately).

For someone who is a beginner though I would recommend Unifi over CAPsMAN. Everything in Mikrotik requires learning, not just of their system but of the actual network fundamentals. It is very easy to mis-configure Mikrotik.

[Zerxal]

1 hour ago, brwainer said:

Yes, because with Mikrotik there is only minimal automation and you are setting each thing up yourself (you create a profile for the SSID, a profile for channels, and assign those to the radios, with the 2.4GHz and 5GHz radios being set up separately).

For someone who is a beginner though I would recommend Unifi over CAPsMAN. Everything in Mikrotik requires learning, not just of their system but of the actual network fundamentals. It is very easy to mis-configure Mikrotik.

Define “beginner”, what sort of person would be a beginner?

[Falcon1986]

5 hours ago, Zerxal said:

I’m planning on getting some of their access point’s soon, but I’ve heard differing opinions on whether have have roaming or not between multiple AP’s on the same SSID.

 

I’m going to be running 4 of the cAP ac’s, so I really need to know if they will work with roaming or not.

Are you going with Mikrotik because of availability/cost in your part of the world? Is there anything stopping you from using Ubiquiti?

 

I find device roaming to work pretty well on UniFi.

[brwainer]

2 hours ago, Zerxal said:

Define “beginner”, what sort of person would be a beginner?

Someone who does not understand subnets, VLANs, routing and switch principals (how each decides where to send a packet), firewall principals, and more. A successful Mikrotik install requires you to understand (or figure out) the networking basics. If you don't, then you are likely to end up with a system that is insecure (Mikrotik gets a bad reputation for their routers being hacked, but more times than not it is because the admin didn't set up the firewall rules and didn't set a password), doesn't work well (bad choices on the wireless settings, inappropriate use of bridges, configuration that causes FastTrack to no longer apply), or you never get working at all.

[Zerxal]

59 minutes ago, Falcon1986 said:

Are you going with Mikrotik because of availability/cost in your part of the world? Is there anything stopping you from using Ubiquiti?

 

I find device roaming to work pretty well on UniFi.

I would use UniFi but it is too expensive for me.

[brwainer]

1 hour ago, Zerxal said:

I would use UniFi but it is too expensive for me.

I know prices are different in every country, but in the US at prominent equipment distributors the difference between a CAP ac ($63) and an UAP-AC-Lite ($75) is 16%. I know sometimes any extra cost is not bearable, especially if you are already stretching your budget with the cAP ac, but I would rather you spend a bit more for the Unifi setup. You don't have to go all-in on Unifi, you can use the APs without getting Unifi switches and router. And you can run the controller software on anything - it only has to be running when you want to make changes (unless you decide to run the guest network login portal). Unifi single-pack APs include a power injector, so you don't even need to necessarily buy a POE switch (the multi-packs do not include POE injectors).

 

I have a CAPsMAN setup in my house, with 3x hAP AC (not hAP AC2). I've had it for about 4 years. The system works, it is reliable and stable. But I am also a Mikrotik enthusiast, and a professional network engineer for whom my home network is vastly simpler than what I do for my day job. And yet I am about to replace the Mikrotik APs with something else, because CAPsMAN has limitations that I don't believe Mikrotik is going to address soon, like the lack of Fast Roaming 802.11r/k/v as I mentioned in my first reply. When I am replacing it with is not the point of this, especially because it would be way outside your price range. But my second choice would be Unifi.

[Zerxal]

2 hours ago, brwainer said:

I know prices are different in every country, but in the US at prominent equipment distributors the difference between a CAP ac ($63) and an UAP-AC-Lite ($75) is 16%. I know sometimes any extra cost is not bearable, especially if you are already stretching your budget with the cAP ac, but I would rather you spend a bit more for the Unifi setup. You don't have to go all-in on Unifi, you can use the APs without getting Unifi switches and router. And you can run the controller software on anything - it only has to be running when you want to make changes (unless you decide to run the guest network login portal). Unifi single-pack APs include a power injector, so you don't even need to necessarily buy a POE switch (the multi-packs do not include POE injectors).

 

I have a CAPsMAN setup in my house, with 3x hAP AC (not hAP AC2). I've had it for about 4 years. The system works, it is reliable and stable. But I am also a Mikrotik enthusiast, and a professional network engineer for whom my home network is vastly simpler than what I do for my day job. And yet I am about to replace the Mikrotik APs with something else, because CAPsMAN has limitations that I don't believe Mikrotik is going to address soon, like the lack of Fast Roaming 802.11r/k/v as I mentioned in my first reply. When I am replacing it with is not the point of this, especially because it would be way outside your price range. But my second choice would be Unifi.

It’s more the cost of a UDM-Pro versus a equal MikroTik router. It’s over $200 more. I could just run the APs by themselves, with MikroTik router instead of the UDM-Pro and the Cloud Key.

 

You bring up a good point, is UniFi actually that much better for roaming?

[brwainer]

28 minutes ago, Zerxal said:

It’s more the cost of a UDM-Pro versus a equal MikroTik router. It’s over $200 more. I could just run the APs by themselves, with MikroTik router instead of the UDM-Pro and the Cloud Key.

 

You bring up a good point, is UniFi actually that much better for roaming?

If you buy a UDM-Pro, you can't use a Cloud Key - the UDM-Pro runs the controller software internally, and MUST be adopted to itself. So the Cloud Key would be useless, unless you really wanted to have your APs in a different controller from your gateway (this is sarcastic, it makes no sense).

 

The Cloud Key would be useful if you used a Mikrotik (or other) router, assuming you wanted the controller to be running 24/7. But even then it isn't necessary if you have a computer or NAS that is always on and can spare a bit of CPU and RAM (for a NAS, it will depend on what type you have, you can search for "(name of NAS) Unifi Controller" to see if people have done it). The Cloud Key is just a small computer that is dedicated to running the controller software.

 

In terms of normal roaming, Mikrotik and Unifi are the same. But Unifi supports Fast Roaming (802.11r/k/v) while Mikrotik does not. This means that if you have an active audio/video call, with Mikrotik you can expect to lose audio and video for about 2 seconds, but with Unifi with Fast Roaming enabled you would hardly notice you had changed APs. This is purely due to features that Mikrotik does not have support for at this time, and I have not seen hints about it coming in the future.

 

I fully support using Mikrotik for routing with Unifi APs. Routing on Mikrotik is almost purely by-the-book, and very much related to how you would set up a linux server to act as a router (because it is really, you just can't access the linux part). Its Mikrotik's wireless setup that can really drive people crazy. It gets the job done but isn't like any other wireless controller system. If you just wanted one AP then I would say go with Mikrotik and set it up standalone, but I can't recommend CAPsMAN to anyone who has other options.

 

EDIT: I've just re-read this
 

28 minutes ago, Zerxal said:

with MikroTik router instead of the UDM-Pro and the Cloud Key.

and now I think you meant (Mikrotik & Cloud Key) instead of (UDM-Pro). I initially read this as (Mikrotik) instead of (UDM-Pro & Cloud Key) and responded as such above.

 

[Zerxal]

35 minutes ago, brwainer said:

If you buy a UDM-Pro, you can't use a Cloud Key - the UDM-Pro runs the controller software internally, and MUST be adopted to itself. So the Cloud Key would be useless, unless you really wanted to have your APs in a different controller from your gateway (this is sarcastic, it makes no sense).

 

The Cloud Key would be useful if you used a Mikrotik (or other) router, assuming you wanted the controller to be running 24/7. But even then it isn't necessary if you have a computer or NAS that is always on and can spare a bit of CPU and RAM (for a NAS, it will depend on what type you have, you can search for "(name of NAS) Unifi Controller" to see if people have done it). The Cloud Key is just a small computer that is dedicated to running the controller software.

 

In terms of normal roaming, Mikrotik and Unifi are the same. But Unifi supports Fast Roaming (802.11r/k/v) while Mikrotik does not. This means that if you have an active audio/video call, with Mikrotik you can expect to lose audio and video for about 2 seconds, but with Unifi with Fast Roaming enabled you would hardly notice you had changed APs. This is purely due to features that Mikrotik does not have support for at this time, and I have not seen hints about it coming in the future.

 

I fully support using Mikrotik for routing with Unifi APs. Routing on Mikrotik is almost purely by-the-book, and very much related to how you would set up a linux server to act as a router (because it is really, you just can't access the linux part). Its Mikrotik's wireless setup that can really drive people crazy. It gets the job done but isn't like any other wireless controller system. If you just wanted one AP then I would say go with Mikrotik and set it up standalone, but I can't recommend CAPsMAN to anyone who has other options.

 

EDIT: I've just re-read this
 

and now I think you meant (Mikrotik & Cloud Key) instead of (UDM-Pro). I initially read this as (Mikrotik) instead of (UDM-Pro & Cloud Key) and responded as such above.

 

From what you’ve said, I infer that the controller does not need to be running for a seamless roaming experience with UniFi APs?

 

And yes, I did mean MikroTik and Cloud Key. No problem.

[brwainer]

10 minutes ago, Zerxal said:

From what you’ve said, I infer that the controller does not need to be running for a seamless roaming experience with UniFi APs?

 

And yes, I did mean MikroTik and Cloud Key. No problem.

That is correct. Whether or not you enable Fast Roaming, the controller isn't part of the roaming experience. Without Fast Roaming then nothing special happens. With Fast Roaming, the APs coordinate a few things between themselves (and some of these only happen once every 24 hours so wait a bit after enabling before testing it out) and the controller isn't involved.

 

Edit: You can initially set up the controller on a computer, and then later migrate that controller to a cloud key. Migration is simply restoring a backup onto the new device, and then in the old one telling the APs to migrate over. But no matter where your controller is running, every time you make a change I recommend exporting a backup and storing it somewhere else.

[Zerxal]

1 minute ago, brwainer said:

That is correct. Whether or not you enable Fast Roaming, the controller isn't part of the roaming experience. Without Fast Roaming then nothing special happens. With Fast Roaming, the APs coordinate a few things between themselves (and some of these only happen once every 24 hours so wait a bit after enabling before testing it out) and the controller isn't involved.

How comparable are the UAP AC LITE’s to the cAP ac’s in terms of signal? Better, worse, the same?

[brwainer]

Just now, Zerxal said:

How comparable are the UAP AC LITE’s to the cAP ac’s in terms of signal? Better, worse, the same?

I'm not able to directly answer your question as I haven't ever used the cAP ac. But I can tell you this from the data sheets:

• The UAP-AC-Lite has slightly higher gain on both frequencies (3 and 3 vs 2 and 2.5) this means the signal will be slightly stronger in the radial direction (out along the ceiling if it is mounted to the ceiling) and slightly weaker in the face direction (up and down if mounted to the ceiling). Or in other words the donut will be a little flatter and wider.
• The maximum transmit power is similar between the two. The cAP ac is a bit more powerful on 2.4GHz and the UAP-AC-Lite is a bit more powerful on 5GHz. But they are close enough it would be hard to tell the differences.

[Zerxal]

6 minutes ago, brwainer said:

I'm not able to directly answer your question as I haven't ever used the cAP ac. But I can tell you this from the data sheets:

• The UAP-AC-Lite has slightly higher gain on both frequencies (3 and 3 vs 2 and 2.5) this means the signal will be slightly stronger in the radial direction (out along the ceiling if it is mounted to the ceiling) and slightly weaker in the face direction (up and down if mounted to the ceiling). Or in other words the donut will be a little flatter and wider.
• The maximum transmit power is similar between the two. The cAP ac is a bit more powerful on 2.4GHz and the UAP-AC-Lite is a bit more powerful on 5GHz. But they are close enough it would be hard to tell the differences.

Cloud key seems to be $180, so yeah I’ll just run the controller on my old PC that is a temporary server.

 

Do you know if the UniFi controller is easily able to be transferred to another device if necessary? I’ll likely move it to a homelab server that I plan to purchase in around 6 months time.

[brwainer]

1 hour ago, Zerxal said:

Cloud key seems to be $180, so yeah I’ll just run the controller on my old PC that is a temporary server.

 

Do you know if the UniFi controller is easily able to be transferred to another device if necessary? I’ll likely move it to a homelab server that I plan to purchase in around 6 months time.

I guess you didn't see my edit to my prior post.

1 hour ago, brwainer said:

Edit: You can initially set up the controller on a computer, and then later migrate that controller to a cloud key. Migration is simply restoring a backup onto the new device, and then in the old one telling the APs to migrate over. But no matter where your controller is running, every time you make a change I recommend exporting a backup and storing it somewhere else.

What I said about "to a cloud key" applies to any device you want to put the controller on.

[Zerxal]

On 11/15/2020 at 2:02 AM, brwainer said:

I guess you didn't see my edit to my prior post.

What I said about "to a cloud key" applies to any device you want to put the controller on.

Just checked and it seems like UAP-AC-LITE’s do not support fast roaming. Seems like a bit of an issue as I currently get call drops when walking throughout my house with WiFi calling. Should call drops be expected with a non-fast roaming device?

 

I can’t spend over $700 on just nanoHD’s.

[brwainer]

34 minutes ago, Zerxal said:

Just checked and it seems like UAP-AC-LITE’s do not support fast roaming. Seems like a bit of an issue as I currently get call drops when walking throughout my house with WiFi calling. Should call drops be expected with a non-fast roaming device?

 

I can’t spend over $700 on just nanoHD’s.

Where are you seeing that UAP-AC-Lite do not support fast roaming? They certainly do. That feature is available across all current Unifi APs.

[Falcon1986]

1 hour ago, Zerxal said:

Just checked and it seems like UAP-AC-LITE’s do not support fast roaming.

Fast roaming is activated in the UniFi Controller, which is then applied to all current-generation adopted UniFi APs on the latest firmware.

 

Should also reiterate the need for client-side support for this to work properly.

 

As an aside, Ubiquiti equipment can get quite expensive, but it's not an system that needs all-Ubiquiti parts to get up and running. Plus, you can add components later on. For a time, I ran the UniFi Controller on a computer, but had the unfortunate experience of losing the configuration after the system crashed. An RPi3B was the replacement, which also allowed me to run PiHole. But the reason I eventually invested in a CKGen2 was for peace of mind: when you have power loss, your UniFi Controller on an RPi can get corrupt. The shutdown is not graceful. Adding a UPS also ensured that firmware upgrades don't get interrupted due to a blackout/brownout, leaving me with some pretty expensive frisbees!

 

BTW, there's always the UDM (non-Pro) if you want a single all-in-one device (including UniFi Controller) to start with, then add UAP-AC-Lites as the need arises.

[Zerxal]

2 hours ago, brwainer said:

Where are you seeing that UAP-AC-Lite do not support fast roaming? They certainly do. That feature is available across all current Unifi APs.

https://help.ui.com/hc/en-us/articles/115004662107-UniFi-Fast-Roaming

 

"NOTE: The UAP-AC and UAP-AC v2 are the onlymodels that do not support Fast Roaming. The rest of the AC range of products do support Fast Roaming. Find the UAP-AC (both versions) model in the 1st Gen column of this article."

 

1 hour ago, Falcon1986 said:

Fast roaming is activated in the UniFi Controller, which is then applied to all current-generation adopted UniFi APs on the latest firmware.

 

Should also reiterate the need for client-side support for this to work properly.

 

As an aside, Ubiquiti equipment can get quite expensive, but it's not an system that needs all-Ubiquiti parts to get up and running. Plus, you can add components later on. For a time, I ran the UniFi Controller on a computer, but had the unfortunate experience of losing the configuration after the system crashed. An RPi3B was the replacement, which also allowed me to run PiHole. But the reason I eventually invested in a CKGen2 was for peace of mind: when you have power loss, your UniFi Controller on an RPi can get corrupt. The shutdown is not graceful. Adding a UPS also ensured that firmware upgrades don't get interrupted due to a blackout/brownout, leaving me with some pretty expensive frisbees!

 

BTW, there's always the UDM (non-Pro) if you want a single all-in-one device (including UniFi Controller) to start with, then add UAP-AC-Lites as the need arises.

I need all of the AP's if I get this system. I will have many slow points in my house or areas with no WiFi at all.

[Falcon1986]

1 hour ago, Zerxal said:

https://help.ui.com/hc/en-us/articles/115004662107-UniFi-Fast-Roaming

 

"NOTE: The UAP-AC and UAP-AC v2 are the onlymodels that do not support Fast Roaming. The rest of the AC range of products do support Fast Roaming. Find the UAP-AC (both versions) model in the 1st Gen column of this article."

The UAP-AC and UAP-AC v2 are both EoL devices. They’re not the same as the UAP-AC-Lite. Ubiquiti doesn’t even list them for sale on their website.

 

1 hour ago, Zerxal said:

I need all of the AP's if I get this system. I will have many slow points in my house or areas with no WiFi at all.

Post a sketch of the house’s floor plan including points of ethernet connectivity, modem, existing APs and areas you find slow.

[brwainer]

2 hours ago, Zerxal said:

"NOTE: The UAP-AC and UAP-AC v2 are the onlymodels that do not support Fast Roaming. The rest of the AC range of products do support Fast Roaming. Find the UAP-AC (both versions) model in the 1st Gen column of this article."

The UAP-AC-Lite is a Generation 2 AP. It is not the same as the ones listed there. Those ones are square shaped.

[Zerxal]

7 hours ago, Falcon1986 said:

The UAP-AC and UAP-AC v2 are both EoL devices. They’re not the same as the UAP-AC-Lite. Ubiquiti doesn’t even list them for sale on their website.

 

Post a sketch of the house’s floor plan including points of ethernet connectivity, modem, existing APs and areas you find slow.

Terrible little sketch I drew up in paint. I’ll see if I can draw a better one on my iPad tomorrow. https://imgur.com/a/ioslX9Z

 

Red is proposed access point locations, orange is the single location where I have a direct Ethernet connection and a switch downstairs. The top left AP on floor 1 is using direct Ethernet since I have run a cable under my heaters there for my Apple TV.