terça-feira, 1 de dezembro de 2015

Mikrotik - Multiple Virtual AP Problem

  Isto aconteceu comigo, resolvi da maneira descrita. Fica a dica....

Multiple Virtual AP Problem

by dominicbatty » Thu Oct 11, 2012 5:37 pm
I have an RB751G-2HnD with an active wireless connection as follows.

name="wireless" mtu=1500 mac-address=D4:CA:6D:67:C0:71 arp=enabled
interface-type=Atheros AR92xx mode=ap-bridge ssid="abaca-hidden"
frequency=2412 band=2ghz-b/g/n channel-width=20/40mhz-ht-above
scan-list=default wireless-protocol=802.11 antenna-mode=ant-a
wds-mode=disabled wds-default-bridge=none wds-ignore-ssid=no
bridge-mode=enabled default-authentication=yes default-forwarding=yes
default-ap-tx-limit=0 default-client-tx-limit=0 hide-ssid=no
security-profile=default compression=no

under this interface I have two virtual AP as follows.

name="abaca-secure" mtu=1500 mac-address=D6:CA:6D:67:C0:71 arp=enabled
interface-type=virtual-AP master-interface=wireless
ssid="abaca-secure-dom" wds-mode=disabled wds-default-bridge=none
wds-ignore-ssid=no bridge-mode=enabled default-authentication=yes
default-forwarding=yes default-ap-tx-limit=0 default-client-tx-limit=0
hide-ssid=no security-profile=abaca-secure

name="abaca-guest" mtu=1500 mac-address=D6:CA:6D:67:C0:71 arp=enabled
interface-type=virtual-AP master-interface=wireless
ssid="abaca-guest-dom" wds-mode=disabled wds-default-bridge=none
wds-ignore-ssid=no bridge-mode=enabled default-authentication=yes
default-forwarding=yes default-ap-tx-limit=0 default-client-tx-limit=0
hide-ssid=no security-profile=abaca-guest

I am seeing some very strange results. If I enable each Virtual AP on it's own I can connect to them without any problem, get an IP address and get internet access. They are stable and work perfectly.

However, if I enable both Virtual AP together then I cannot connect to either interface, and only one interface is being shown as advertised to wireless clients, the interface shown is not always the same but only ever one at a time. I have two RB751G-2HnD devices both configured identically and both showing the same problem so I don't believe it's a hardware issue.

I'm running 5.20 but have also tried 6.0 rc1.

Any ideas?

Thanks, Dominic.

Re: Multiple Virtual AP Problem

by dominicbatty » Thu Oct 11, 2012 5:59 pm
I've resolved this problem.

When you create the first Virtual AP it offsets bit 2 of the MAC address of the primary wireless interface to create a unique MAC address for the Virtual AP. It does this each time you create a brand new Virtual AP giving each one an individual MAC address.

However, what I did was open Virtual AP1, use the copy function to create Virtual AP2 and they both then had the same MAC address which is what caused all my problems.

Mikrotik ... perhaps it should warn you if a user tries to create two Virtual AP with the same MAC address given the complications and issues it can cause.

Re: Multiple Virtual AP Problem

by Hotz1 » Thu Oct 11, 2012 9:48 pm
dominicbatty wrote:I've resolved this problem. When you create the first Virtual AP it offsets bit 2 of the MAC address of the primary wireless interface to create a unique MAC address for the Virtual AP. It does this each time you create a brand new Virtual AP giving each one an individual MAC address. However, what I did was open Virtual AP1, use the copy function to create Virtual AP2 and they both then had the same MAC address which is what caused all my problems...

I'm wondering if this would explain a problem that I was going to report. Suppose you have a single-radio, single-Ethernet routerboard. Two VAPs (with different SSIDs) are defined on the radio, two VLANs defined on the Ether port, and two bridges, each of which has one of the VAPs and one of the VLANs as ports. So, traffic associated with one SSID winds up going out on one VLAN, and traffic associated with the other SSID goes out on the other VLAN. (At the other end of the Cat5, a second routerboard implements the hotspot interface for one VLAN, and just DHCP for the latter.)

With this configuration, I noticed that the two bridges had the same MAC by default, because they were inheriting not the (different) MAC addresses of the VAPs, but the (same) MAC addresses of the VLANs. However, using the admin-mac setting to give the bridges different addresses didn't seem to help, because I still could not reliably connect to either VAP.

The thing is, in the course of debugging I made sure the VAPs had different MAC addresses. But I'm wondering if the act of "Copy"ing VAPs (which I undoubtedly did) leaves behind some internal identifier that causes a conflict even after the MACs are made different. I'll have to go through the steps again, confirm the problem, then delete one of the

Fonte:  (transcrevi do link abaixo, pois vai que desaparece)
http://forum.mikrotik.com/viewtopic.php?t=66314

0 comentários: