For WISPs, you can pretty much forget operating in the 2.4 GHz range if you expect reliability or throughput anywhere other than the Sahara Desert. 5.8 GHz is relatively uncongested, but demands near-perfect line of sight and can still run in to interference issues in urban environments or when sharing towers with other WISPs. (Seriously, you guys. Play nice.) That being said, Ubiquiti does have some attractive features, good flexibility, and nice equipment for the price. Their claims of quick ROI aren't too unrealistic.
I always thought that many places where a WISP is actually practically, the 2.4ghz band isn't a real concern. Talking lower population areas that don't have competitive cable/fiber internet available. I highly doubt these areas are very congested at all.
A quick bleg for people using Ubiquiti kit: How are you guys handling the DHCP/NAT server for all the base stations?
The simplest way to do things would be to run each base station in BRIDGE mode, and then use Windows Internet Connection Sharing to share a connection from the public internet to the Ubiquiti LAN. But that very rapidly hits you up against the Windows 20 connection limit for connection sharing.
Attempt 2 would be to use each Ubiquiti AP in ROUTER mode, again connected to Windows Internet Connection Sharing. Now we have a DOUBLE NAT setup, with both the Windows box and each base station running NAT, which should still work, but we're still severely constrained because we're limited to 20 base stations.
Attempt 3 would be to use a Mac rather than Windows as the Ubiquiti management machine. As far as I can tell, Mac Internet Sharing has no legal limit to the number of devices connected, but is technically limited in the sense that it shares a 255.255.255.0 subnet, so only has 252 addresses available. (I imagine this can probably be worked around by dicking around with config files to use a 255.255.0.0 subnet instead).
Attempt 4 would be to use a Linux box to perform the connection sharing, but this becomes messy because now you have one box running the Ubiquiti manager [which is Mac/Win software only] and a separate box running the DHCP/NAT.
So I'd be curious to know how people have handled this. I have a big project which could make use of about 45 Ubiquiti base stations, but I'm a little worried to go forward until I have a clear idea of how this aspect of the config is handled. I must say I'm a little surprised that Ubquiti don't discuss this (as far as I can tell) anywhere in either their official docs or on their Wiki.
(a) Even though there will be a large number of base stations (large volume to cover) the actual traffic will not be very high (15 to 30Mbps max). So we don't need the performance of a dedicated router.
(b) Routers seem to come with their own sets of legal limitations on the number of clients. I don't know Cisco's range very well, but as far as I can tell they want to charge me around $2000 for a router that can handle say 1500 clients (so in the BRIDGE mode I discussed above, not the ROUTER mode).
(c) I'm always worried when using dedicated routers because, to put it bluntly, the consumer models generally seem to be crap, while the enterprise models are crazy expensive. The consumer models seem to require rebooting once a week. (Unlike switches which are simple enough that it's hard to screw up, routers seem to require software that is very prone to resource leaks.)
Do you have a suggestion for a cheap dedicated router that would meet our needs? We don't need high performance (2x100Mbps ethernet ports would be fine), managed capabilities, or any other fancy enterprise stuff. What we DO need is - ability to handle about 1500 devices simultaneously connected OR - ability to handle about 50 devices simultaneously connected AND not to complain about DOUBLE NAT.
The Ubiquiti EdgeRouter Lite for example is cheap enough to be acceptable ($100), and offers more performance than we need BUT - has complaints about reliability and needing to reboot frequently - does not state anywhere if it has limitations on the number of DHCP/NAT clients/connections supported.
We use draytek routers with our ubiquiti kit. 2860 or 2925 are both good choices and enable you to do multi LAN for fail over. If you are having thousands of base stations, what are you doing about the fact that with it set up as one big LAN everyone is going to be able to see everyone else's network shares, network printers, etc? Are you not offering your end users publicly routable IP addresses?
Thanks for the Draytek suggestion. They look like they're pretty much what we need. I'll have to figure out the appropriate model, but the number of NAT sessions supported looks right, and I assume (correct me if I'm wrong) that that translates into being able to support enough hosts.
The deployment target is the public WiFi for a hotel, and the plan is to configure things so that no-one can see anyone else. There will not be network shares, network printers, publicly visible IP addresses.
Switching is HW, and switches tend to either work or their failure is obvious. Routing and especially NAT and DHCP are SW functionality and in many implementations tend to leak resources (RAM, ports, whatever) requiring you to have to reboot the NAT/DHCP server every so often.
This ubiquity stuff is in the million packet per second class of gear, that means it uses dedicated hardware asics to do packet switching. You will NEVER see a software based router (like any consumer router or any router platform that runs on commodity pc hardware) get anywhere near the million packet/sec benchmark. Totally different class of gear dude. You are asking amateur questions on a page regarding enterprize gear. If you are considering a deployment that would necessitate gear at this level, then you should also have a much higher knowledge level to go along with it.
Why do you insist on assuming that you understand our deployment target better than we do? Our target bandwidth is 15Mbps. A PPC Mac can easily route that, as evidenced by using internet sharing on it. We are buying the UniFi 2.4GHz bgn boxes, not the high end 5Ghz ac boxes.
We will probably buy a Draytek box because it gives us a few other advantages, but you would do well to realize that not everyone in the world requires data center hardware and performance. (And don't try to save your butt by now telling me that you know better than we do that 15Mbps will not meet our needs. Do you know the country where we are deploying? Do you know the target market?)
I can't imagine depending on a Mac or Windows client like that. For an old reliable router, you could get an HP 7102dl for $60 or so on ebay. I don't know current HP routers.
Is the connection sharing limit a factor in Windows server software? I am not totally understanding what the restrictions here are. I mean if you are throwing out 20 of these devices you can't afford Windows server? Windows server can run on crappy hardware.
I know from experience you can setup any IP address range you want for DHCP on Windows server. If you're just running DHCP and DNS any hardware you get (Intel) is overkill.
None of your approaches are a good idea. Wou want to use a routed topology behind a single NAT gateway for internet access. if you have 45+ ap's and several clients on each one, and everything is in a single broadcast domain you will kill your wireless with broadcast traffic! You need to segment the network into several routable subnets which wont pass broadcast traffic, and utilize different IP subnets. This way every device could connect to any other device (if you wanted them to, or you could use firewall rules at each router level to block traffic that you don't want), and you will not have a major broadcast storm going on all the time.
Also do not do a double NAT setup. This is a dumb solution only used by people who dont know what they are doing
And Windows ICS, REALLY? This has to be a joke. I mean for a setup like this you could probably get away with a high end soho router or a pc based router like pfSense.
I'm 95% sure the WISP a friend of mine's parents use is 2.4ghz: Based around 802.11b with high gain directional antennas. Their neighbors include a lot of farmers; so the spectrum is relatively uncluttered.
In the South Texas region wisps are extremely common with 3 or more covering one specific area or town. Our problem down here is ATT and/or Verizon don't upgrade their infrastructures to go beyond dsl, if they even do dsl. We are talking about towns in the 1500-10000 population range. Don't even bother mentioning cable, it has been shutdown so hard for the last 10 years it isn't really an option.
We have an old radio tower which we lease to a wisp. We discuss alot of the problems/issues he has. With that said, the 2.4Ghz band is extremely congested. With at 3 different wisps operating over a town of 8000, there is only so much room. To add to the congestion is the issue with most home routers operating in the range too. Granted most of Ubiquiti radios will be up on a mast/outside, it still provides more backnoise. The wisp here started with 5Ghz first, and while this proved relatively uncongested, things have changed over the last few years. With other providers jumping on the bandwagon. It is still better than the 2.4Ghz, but congestion is rapidly growing in this band. The potential saving grace is the licensed 3Ghz band, however the existing radios are just downstepping from a 5Ghz band, causing interference/congestion when located on the same towers as 5Ghz radios.
There is no question Ubiquiti has changed the game with their radios. They are reliable, affordable and the only reason I have a connection better than isdn at the office and the only option for a serious connection at my house.
Talking about speeds, our provider here is feeding his bases with a 200Mbps fiber line, and offer up to 20Mbps to the customer. I regularly attain the 20Mbps so bandwidth from my perspective is quite adequate.
Quick mention of routers. I believe they are using Microtik routers. I have seen them and even looked these guys up. They have their own hardware/software. Their new router is even using a 36-core Tilera processor! Since I typically do my gaming at night, I can report pings consistently staying within the 40-60ms range to most servers. I know Cisco routers are top notch, but they definitely are not price disruptive and may not provide the performance/features that other lesser known guys offer.
We’ve updated our terms. By continuing to use the site and/or by logging into your account, you agree to the Site’s updated Terms of Use and Privacy Policy.
21 Comments
Back to Article
tech.kyle - Monday, October 21, 2013 - link
For WISPs, you can pretty much forget operating in the 2.4 GHz range if you expect reliability or throughput anywhere other than the Sahara Desert. 5.8 GHz is relatively uncongested, but demands near-perfect line of sight and can still run in to interference issues in urban environments or when sharing towers with other WISPs. (Seriously, you guys. Play nice.)That being said, Ubiquiti does have some attractive features, good flexibility, and nice equipment for the price. Their claims of quick ROI aren't too unrealistic.
Duwelon - Monday, October 21, 2013 - link
I always thought that many places where a WISP is actually practically, the 2.4ghz band isn't a real concern. Talking lower population areas that don't have competitive cable/fiber internet available. I highly doubt these areas are very congested at all.name99 - Tuesday, October 22, 2013 - link
A quick bleg for people using Ubiquiti kit:How are you guys handling the DHCP/NAT server for all the base stations?
The simplest way to do things would be to run each base station in BRIDGE mode, and then use Windows Internet Connection Sharing to share a connection from the public internet to the Ubiquiti LAN. But that very rapidly hits you up against the Windows 20 connection limit for connection sharing.
Attempt 2 would be to use each Ubiquiti AP in ROUTER mode, again connected to Windows Internet Connection Sharing. Now we have a DOUBLE NAT setup, with both the Windows box and each base station running NAT, which should still work, but we're still severely constrained because we're limited to 20 base stations.
Attempt 3 would be to use a Mac rather than Windows as the Ubiquiti management machine. As far as I can tell, Mac Internet Sharing has no legal limit to the number of devices connected, but is technically limited in the sense that it shares a 255.255.255.0 subnet, so only has 252 addresses available. (I imagine this can probably be worked around by dicking around with config files to use a 255.255.0.0 subnet instead).
Attempt 4 would be to use a Linux box to perform the connection sharing, but this becomes messy because now you have one box running the Ubiquiti manager [which is Mac/Win software only] and a separate box running the DHCP/NAT.
So I'd be curious to know how people have handled this. I have a big project which could make use of about 45 Ubiquiti base stations, but I'm a little worried to go forward until I have a clear idea of how this aspect of the config is handled. I must say I'm a little surprised that Ubquiti don't discuss this (as far as I can tell) anywhere in either their official docs or on their Wiki.
chaos215bar2 - Tuesday, October 22, 2013 - link
Is there some reason you don't want to use a decent dedicated router for an installation large enough to require 45 base stations?name99 - Tuesday, October 22, 2013 - link
(a) Even though there will be a large number of base stations (large volume to cover) the actual traffic will not be very high (15 to 30Mbps max). So we don't need the performance of a dedicated router.(b) Routers seem to come with their own sets of legal limitations on the number of clients. I don't know Cisco's range very well, but as far as I can tell they want to charge me around $2000 for a router that can handle say 1500 clients (so in the BRIDGE mode I discussed above, not the ROUTER mode).
(c) I'm always worried when using dedicated routers because, to put it bluntly, the consumer models generally seem to be crap, while the enterprise models are crazy expensive. The consumer models seem to require rebooting once a week. (Unlike switches which are simple enough that it's hard to screw up, routers seem to require software that is very prone to resource leaks.)
Do you have a suggestion for a cheap dedicated router that would meet our needs?
We don't need high performance (2x100Mbps ethernet ports would be fine), managed capabilities, or any other fancy enterprise stuff. What we DO need is
- ability to handle about 1500 devices simultaneously connected OR
- ability to handle about 50 devices simultaneously connected AND not to complain about DOUBLE NAT.
The Ubiquiti EdgeRouter Lite for example is cheap enough to be acceptable ($100), and offers more performance than we need BUT
- has complaints about reliability and needing to reboot frequently
- does not state anywhere if it has limitations on the number of DHCP/NAT clients/connections supported.
rtho782 - Tuesday, October 22, 2013 - link
We use draytek routers with our ubiquiti kit. 2860 or 2925 are both good choices and enable you to do multi LAN for fail over. If you are having thousands of base stations, what are you doing about the fact that with it set up as one big LAN everyone is going to be able to see everyone else's network shares, network printers, etc? Are you not offering your end users publicly routable IP addresses?name99 - Tuesday, October 22, 2013 - link
Thanks for the Draytek suggestion. They look like they're pretty much what we need. I'll have to figure out the appropriate model, but the number of NAT sessions supported looks right, and I assume (correct me if I'm wrong) that that translates into being able to support enough hosts.The deployment target is the public WiFi for a hotel, and the plan is to configure things so that no-one can see anyone else. There will not be network shares, network printers, publicly visible IP addresses.
rtho782 - Thursday, October 24, 2013 - link
Ah, that makes sense, I was assuming some kind of WISP.In our testing we've found the 2830 more reliable than a Cisco 861w
schneeb - Tuesday, October 22, 2013 - link
You're complaining about consumer grade hardware and suggesting substituting it for consumer grade software? Networking is hardware.name99 - Tuesday, October 22, 2013 - link
Switching is HW, and switches tend to either work or their failure is obvious.Routing and especially NAT and DHCP are SW functionality and in many implementations tend to leak resources (RAM, ports, whatever) requiring you to have to reboot the NAT/DHCP server every so often.
extide - Tuesday, October 22, 2013 - link
This ubiquity stuff is in the million packet per second class of gear, that means it uses dedicated hardware asics to do packet switching. You will NEVER see a software based router (like any consumer router or any router platform that runs on commodity pc hardware) get anywhere near the million packet/sec benchmark. Totally different class of gear dude. You are asking amateur questions on a page regarding enterprize gear. If you are considering a deployment that would necessitate gear at this level, then you should also have a much higher knowledge level to go along with it.name99 - Saturday, October 26, 2013 - link
Why do you insist on assuming that you understand our deployment target better than we do?Our target bandwidth is 15Mbps. A PPC Mac can easily route that, as evidenced by using internet sharing on it. We are buying the UniFi 2.4GHz bgn boxes, not the high end 5Ghz ac boxes.
We will probably buy a Draytek box because it gives us a few other advantages, but you would do well to realize that not everyone in the world requires data center hardware and performance.
(And don't try to save your butt by now telling me that you know better than we do that 15Mbps will not meet our needs. Do you know the country where we are deploying? Do you know the target market?)
extide - Tuesday, October 22, 2013 - link
You should look into pfSense for your routing and firewall needs. It can handle all of that no problem.sligett - Tuesday, October 22, 2013 - link
I can't imagine depending on a Mac or Windows client like that. For an old reliable router, you could get an HP 7102dl for $60 or so on ebay. I don't know current HP routers.eanazag - Tuesday, October 22, 2013 - link
Is the connection sharing limit a factor in Windows server software? I am not totally understanding what the restrictions here are. I mean if you are throwing out 20 of these devices you can't afford Windows server? Windows server can run on crappy hardware.I know from experience you can setup any IP address range you want for DHCP on Windows server. If you're just running DHCP and DNS any hardware you get (Intel) is overkill.
extide - Tuesday, October 22, 2013 - link
None of your approaches are a good idea. Wou want to use a routed topology behind a single NAT gateway for internet access. if you have 45+ ap's and several clients on each one, and everything is in a single broadcast domain you will kill your wireless with broadcast traffic! You need to segment the network into several routable subnets which wont pass broadcast traffic, and utilize different IP subnets. This way every device could connect to any other device (if you wanted them to, or you could use firewall rules at each router level to block traffic that you don't want), and you will not have a major broadcast storm going on all the time.Also do not do a double NAT setup. This is a dumb solution only used by people who dont know what they are doing
And Windows ICS, REALLY? This has to be a joke. I mean for a setup like this you could probably get away with a high end soho router or a pc based router like pfSense.
chrnochime - Tuesday, October 22, 2013 - link
What I though too. Not sure why he doesn't list segmenting into routable subnets as an option. Admin overhead, too many subnets to deal with perhaps?blwest - Thursday, October 24, 2013 - link
Sounds like you need to hire an expert.DanNeely - Tuesday, October 22, 2013 - link
I'm 95% sure the WISP a friend of mine's parents use is 2.4ghz: Based around 802.11b with high gain directional antennas. Their neighbors include a lot of farmers; so the spectrum is relatively uncluttered.CecileWamsley - Monday, October 28, 2013 - link
my Aunty Eleanor got a nice twelve month old Suzuki Kizashi by part time working online from home... try this site... http://smal.ly/8wUo2ICBM - Tuesday, October 22, 2013 - link
In the South Texas region wisps are extremely common with 3 or more covering one specific area or town. Our problem down here is ATT and/or Verizon don't upgrade their infrastructures to go beyond dsl, if they even do dsl. We are talking about towns in the 1500-10000 population range. Don't even bother mentioning cable, it has been shutdown so hard for the last 10 years it isn't really an option.We have an old radio tower which we lease to a wisp. We discuss alot of the problems/issues he has. With that said, the 2.4Ghz band is extremely congested. With at 3 different wisps operating over a town of 8000, there is only so much room. To add to the congestion is the issue with most home routers operating in the range too. Granted most of Ubiquiti radios will be up on a mast/outside, it still provides more backnoise. The wisp here started with 5Ghz first, and while this proved relatively uncongested, things have changed over the last few years. With other providers jumping on the bandwagon. It is still better than the 2.4Ghz, but congestion is rapidly growing in this band. The potential saving grace is the licensed 3Ghz band, however the existing radios are just downstepping from a 5Ghz band, causing interference/congestion when located on the same towers as 5Ghz radios.
There is no question Ubiquiti has changed the game with their radios. They are reliable, affordable and the only reason I have a connection better than isdn at the office and the only option for a serious connection at my house.
Talking about speeds, our provider here is feeding his bases with a 200Mbps fiber line, and offer up to 20Mbps to the customer. I regularly attain the 20Mbps so bandwidth from my perspective is quite adequate.
Quick mention of routers. I believe they are using Microtik routers. I have seen them and even looked these guys up. They have their own hardware/software. Their new router is even using a 36-core Tilera processor! Since I typically do my gaming at night, I can report pings consistently staying within the 40-60ms range to most servers. I know Cisco routers are top notch, but they definitely are not price disruptive and may not provide the performance/features that other lesser known guys offer.