OC200 4.1.5 1.7.0 Build 20200703 Rel.59609 / 13 Units on MESH EAP225 Outdoor v1 / Voucher-auth

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

OC200 4.1.5 1.7.0 Build 20200703 Rel.59609 / 13 Units on MESH EAP225 Outdoor v1 / Voucher-auth

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
OC200 4.1.5 1.7.0 Build 20200703 Rel.59609 / 13 Units on MESH EAP225 Outdoor v1 / Voucher-auth
OC200 4.1.5 1.7.0 Build 20200703 Rel.59609 / 13 Units on MESH EAP225 Outdoor v1 / Voucher-auth
2020-09-25 18:30:01 - last edited 2020-10-03 17:20:02

I have a network on mesh with OC200 Controller and running Omada SDN with 13 units of  EAP 225 v1 Outdoor on MESH with separate radio 2.4GHz and 5GHz.

I have a concern and issue on using the voucher authentication with the attached settings voucher generated to limit use for only 1 per user on certain times/days etc.

I noticed once the user successfully used the voucher in one radio SSID and tried to change his connection assuming the voucher use for 5ghz radio and they want to change to 2.4GHz it asked again for a voucher to access the internet.

I'm using it on business and I want to limit a single voucher code per device to avoid using on two devices on a single purchase of voucher code. Since my business concept model is a single voucher code per user device, but the challenges now the limitations apply on per connections instead of the per-user device.

Is there's a way we can configure or add an option where we can change device connection 2.4Ghz to 5GHz using a single voucher with a limit 1 usage?

 

Please advise and help.

Many Thanks.

  0      
  0      
#1
Options
1 Accepted Solution
Re:OC200 4.1.5 1.7.0 Build 20200703 Rel.59609 / 13 Units on MESH EAP225 Outdoor v1 / Voucher-auth-Solution
2020-09-29 21:20:16 - last edited 2020-10-03 17:20:02

JhonneL wrote

I do enable my airtime fairness in 2.4GHz and 5GHz separate radio SSID and noticed the increase in air retry times and high drop rate, compare when the airtime fairness is not selected or untick.

 

That's nothing unusual and just is an indicator that AirTime fairness works. You take away the monopoly of slow devices to acquire the radio channel most of the time which leaves more AirTime to faster devices. Slower devices will have packets dropped and will retry transmission. The effect is that slower devices get even a bit a slower, but they don't slow down faster devices anymore.

 

People using slow devices will almost not notice that they got even a bit slower except if they use devices which need a constant bit rate and now cannot acquire the channel for too long. But if you need those clients to work, then you must decide whether it's o.k. to cut AirTime and bandwidth of faster devices and make those artificially slow. The latter is something people note very quickly.

 

It can be compared in some way to setting an AP to 802.11n-only WiFi mode to prevent slow WiFi rates being negotiated between clients and APs. This effectively cuts off slow devices at the edges of the covered area as well as legacy devices.

 

Note: »slow devices« here means devices which might be too far away, have a longer distance to the AP or a weaker signal or are legacy devices (802.11g/a) and therefore negotiate very low WiFi rates with the AP.

 

Monitor the WiFi rates of the devices. Check whether your area is covered by enough APs if you notice low WiFi rates negotiated with modern client devices. If you have weak spots where modern devices negotiate low WiFi rates, you have an issue anyway no matter what your setting of AirTime fairness is.

༺ 0100 1101 0010 10ཏ1 0010 0110 1010 1110 ༻
Recommended Solution
  1  
  1  
#7
Options
8 Reply
Re:OC200 4.1.5 1.7.0 Build 20200703 Rel.59609 / 13 Units on MESH EAP225 Outdoor v1 / Voucher-auth
2020-09-26 13:04:00 - last edited 2020-09-26 13:04:34

Hi @JhonneL,

 

Without wading into the voucher foray -- a topic which I am not qualified to discuss -- one alternative approach would be to turn on band steering (and fast roaming) and create an a single voucher SSID which is bound to both radios (2.4GHz & 5.8GHz)

 

Personally, I'm not a fan of band steering -- because some STA/AP negotiations can be buggy and RF signal edge cases can be suboptimal -- but it seems like this approach would solve your immediate issue.

 

There are some other threads here on the board (under Business Wifi) asking about the ability to bind multiple SSID's to one voucher and how exactly that is supposed to be working.

  0  
  0  
#2
Options
Re:OC200 4.1.5 1.7.0 Build 20200703 Rel.59609 / 13 Units on MESH EAP225 Outdoor v1 / Voucher-auth
2020-09-26 15:48:44

@JSchnee21 Thank you for taking a look at my scenario and concern. Appreciate it.

I have earlier settings with a single SSID (mixed of 2.4GHz/5GHz) I'm having a challenge on this type of settings due to multiples diff. devices with very far technology radio capacity on the majority of mobile devices. I have also band steering and fast roaming from earlier and noticed most end-user is not happy with my internet service speed, feel like I have very congested network loads. From that time I don't have a concern about having a single voucher code limit of one user authentication since there are no obvious connectivity options from the business. While my self is not satisfied on the configuration due to performance issues and feedback pon actual end-user on-site.

 

Then I decided to separate the SSID of 2.4GHz and 5GHz, remove the band steering, and maintain only fast roaming. on which restrict as well the low data rate under 2.4GHz to accept 6mb up, where I maintain the 5ghz radio default settings. From this configuration, I don't have an issue in my network mesh and noticed the good drop rate in ALL EAP225 Outdoor stabilize only on the floor level of scale, then noticeable the retry rate decrease as well not compare on having the legacy data rate (for 2.4GHZ)

From this separate SSID all customer is happy to learn as well selecting the use 5GHz SSID since it gives quality speed on the internet, and by educating them to use it reduce the load for 2.4GHz for those devices with dual-radio capacity. And only use by that user without option for 5GHz.

The concern arises for some other user's confuse having earlier voucher on their device authenticated and for sometimes their device auto change in radio from 5GHz to 2.4Ghz and 2.4GHz to 5GHz required voucher authentication where if they tried to use a limit usage count generated voucher it's not usable of course from its configuration settings.

I have a workaround to manually accept their device from this scenario so they have the flexibility to utilize their voucher validity and manually adjust the duration from its default 7 hrs manual acceptance from the controller client menu. It's quite time-consuming this workaround, while this is only my side gig passive income business machine, i"m having a full time work out of my this business setup. :)

 

Other user experience beneficial on having the flexibility to change their connection SSID for sometimes in long-distance 2.4Ghz is last resort for having access to the internet even in not much speed :) And connectivity and flexibility in access make my customer very satisfied with my network mesh setup compare with my competitor.

I hope my business model and concept been favor in further development in voucher authentication binding for both SSID with separated radio configuration.

I appreciate your time reading this full business scenario and concept/concern form the business service point of view.

 

Best Regards,

JhonneL

 

  0  
  0  
#3
Options
Re:OC200 4.1.5 1.7.0 Build 20200703 Rel.59609 / 13 Units on MESH EAP225 Outdoor v1 / Voucher-auth
2020-09-27 08:54:31 - last edited 2020-09-27 09:00:23

 

JhonneL wrote

I hope my business model and concept been favor in further development in voucher authentication binding for both SSID with separated radio configuration.

 

In my opinion, vouchers from the same portal should work across different SSIDs and radio transmitters. Why? Because you can specify different SSIDs – and in Omada Controller V4.1.5 even wired LAN networks – as parts of the same portal. I'm a developer of Wireless Captive Portals with 15+ years experience and I can acknowledge that every developer implementing authentication schemes thinks about the name spaces (or zones) an authentication method should cover. In Omada Controller versions V3 and V4 you can select multiple SSIDs which are bound to the same portal, thus using the same authentication method (and probably the same auth database, depending on the policy choosen by the developer).

 

In fact, in my company we still use our own Captive Portal software running on the gateway with Omada EAPs, mainly b/c in the past Omada portals could not be used for wired devices such as guest devices connected to EAP-Wall APs by cable and wired surf stations connected to a switch which were very common in public places (note that this has changed finally in OC V4: it will allow portals for wired devices if the switches and the gateway are managed by the Controller). However, we don't provide voucher authentication anymore in our portal, since it's very seldom used in our country where users demand a simpler login scheme.

 

Now, from TP-Link support we learned in this thread that in Omada Controller vouchers covering different SSIDs is not the intention of being able to bind SSIDs to the same portal.

 

A note to the myths about band steering (and AirTime fairness) circulating in this forum amongst some users: band steering and AirTime fairness are extensions which use advanced techniques to increase the bandwidth for devices in business networks, especially if there is a large number of slow and fast devices being used. However, in order for band steering to work as intended you have to take care of many other parameters, the most important is a roughly equivalent coverage of the area for the 5 GHz and 2.4 GHz bands.

 

In a typical home user scenario band steering and AirTime fairness might cause issues with legacy devices or IoT devices with old (or crappy) firmware. This has led to the myth that band steering and AirTime fairness functions in Omada EAPs are buggy. That's wrong, both functions works just fine if you set up things correctly.

 

In Omada Controller band steering needs to be enabled/disabled separately. In such implementations it's very important that if you enable band steering you must assign the radios the same ESSID and the same ESSID-related parameters. If you disable band steering, you must use different ESSIDs, else the devices will cause unnecessary roaming events and disruptions in service.

 

In order to work properly, band steering assumes that the coverage areas on both the 2.4 GHz and 5 GHz bands are the same. If coverage on 5 GHz is significantly weaker compared to coverage for 2.4 GHz, band steering will cause issues. Many networks are still designed with only 2.4 GHz in mind, but do not consider that 5 GHz signals have a much higher attenuation than a 2.4 GHz signal from the same EAP.

 

Thus, make sure that your 5 GHz network has a ~6 dB higher signal than your 2.4 GHz band and ensure that there are enough EAPs to compensate for obstacles depending on building structures (e.g. walls, ceilings) and materials around (e.g. metal surfaces). It is essential to perform measurements with professional measuring tools.

 

If you cannot ensure a roughly equal coverage of 2.4 GHz and 5 GHz bands, then don't enable band steering and don't use Extended Service Sets (ESS) for roaming.

 

And don't take advice from home users literally when it comes to WLAN networks with pro features like band steering and AirTime fairness etc. in business facilities with a large number of users. It's one thing to provide a home with WLAN and quite another thing to equip a large hotel with a realiable and performant WLAN, what requires band steering and AirTime fairness to prevent slow devices from slowing down the faster devices.

༺ 0100 1101 0010 10ཏ1 0010 0110 1010 1110 ༻
  1  
  1  
#4
Options
Re:OC200 4.1.5 1.7.0 Build 20200703 Rel.59609 / 13 Units on MESH EAP225 Outdoor v1 / Voucher-auth
2020-09-27 21:08:21
I really Appreciate R1D2 your shared insights and experience in that area of specialty. I got several realizations from your comment and remarks with the implementation into business point of view. While I will reassess my existing configuration within my network to more optimize more and improve the business experience. Best Regards.
  0  
  0  
#5
Options
Re:OC200 4.1.5 1.7.0 Build 20200703 Rel.59609 / 13 Units on MESH EAP225 Outdoor v1 / Voucher-auth
2020-09-29 18:09:38

@R1D2 Hello, I do enable my airtime fairness in 2.4GHz and 5GHz separate radio SSID and noticed the increase in air retry times and high drop rate, compare when the airtime fairness is not selected or untick. Not sure if that affects my customer for no feedback yet from most of regular voucher internet users. While I can't do on site monitoring and testing since I was in abroad when I implement that project in my home town place.

Any feedback on the airtime fairness settings and experience please?

Appreciate.

  0  
  0  
#6
Options
Re:OC200 4.1.5 1.7.0 Build 20200703 Rel.59609 / 13 Units on MESH EAP225 Outdoor v1 / Voucher-auth-Solution
2020-09-29 21:20:16 - last edited 2020-10-03 17:20:02

JhonneL wrote

I do enable my airtime fairness in 2.4GHz and 5GHz separate radio SSID and noticed the increase in air retry times and high drop rate, compare when the airtime fairness is not selected or untick.

 

That's nothing unusual and just is an indicator that AirTime fairness works. You take away the monopoly of slow devices to acquire the radio channel most of the time which leaves more AirTime to faster devices. Slower devices will have packets dropped and will retry transmission. The effect is that slower devices get even a bit a slower, but they don't slow down faster devices anymore.

 

People using slow devices will almost not notice that they got even a bit slower except if they use devices which need a constant bit rate and now cannot acquire the channel for too long. But if you need those clients to work, then you must decide whether it's o.k. to cut AirTime and bandwidth of faster devices and make those artificially slow. The latter is something people note very quickly.

 

It can be compared in some way to setting an AP to 802.11n-only WiFi mode to prevent slow WiFi rates being negotiated between clients and APs. This effectively cuts off slow devices at the edges of the covered area as well as legacy devices.

 

Note: »slow devices« here means devices which might be too far away, have a longer distance to the AP or a weaker signal or are legacy devices (802.11g/a) and therefore negotiate very low WiFi rates with the AP.

 

Monitor the WiFi rates of the devices. Check whether your area is covered by enough APs if you notice low WiFi rates negotiated with modern client devices. If you have weak spots where modern devices negotiate low WiFi rates, you have an issue anyway no matter what your setting of AirTime fairness is.

༺ 0100 1101 0010 10ཏ1 0010 0110 1010 1110 ༻
Recommended Solution
  1  
  1  
#7
Options
Re:OC200 4.1.5 1.7.0 Build 20200703 Rel.59609 / 13 Units on MESH EAP225 Outdoor v1 / Voucher-auth
2020-10-03 17:19:53

@R1D2 Thank you for a deep and more explanation shared related to my concern. It seems it better effect my network and bandwidth utilization having the airtime fairness enable in all AP 2.4GHz and 5GHz. I noticed my gaming router speedometer (indicator interface from merlin software) shows less bandwidth utilization even on the tplink dashboard shows not much load even we have same number and consumer usage ina a day. so far no complaints. I will keep maintaining my current settings with Airtime fairness, separate radio for 2.4 and 5GHz, fast roam enable and limit legacy device below 6mbps from 2.4GHz radio in configuration. Many thanks again. Best Regards.

  0  
  0  
#8
Options
Re:OC200 4.1.5 1.7.0 Build 20200703 Rel.59609 / 13 Units on MESH EAP225 Outdoor v1 / Voucher-auth
2020-10-04 10:30:46 - last edited 2020-10-04 10:33:28

@JhonneL, you're welcome. Glad that you could solve this issue and your network now performs better. Bonus tip: you can fine-tune AirTime fairness and band steering by setting the min. RSSI levels for clients to be accepted under »Load Balance« (this also requires an equivalent coverage of the 2.4 and 5 GHz bands).

 

All those advanced features are great functions to improve an Omada EAP network even further when used in high density environments.

 

Wish you much success with your WLAN hotspot!

༺ 0100 1101 0010 10ཏ1 0010 0110 1010 1110 ༻
  1  
  1  
#9
Options