Split Bandwidth Per IP/User on Multi Site Ubiquiti Wireless Network - Advice appreciated.

P

purdybread

Active Member
Reaction score
84
Apologies in advance for what may be a long post.

I got called to look at a small wireless network in a rural community. It consists of 5 sites, one of which has got a fibre connection with approx 65mb/20mb. This donor site is serving 4 other sites that have very very poor broadband availability, if any at all. All was running well until the last site was added. This was a family home with a few teenagers, and as you can imagine they are hogging all the bandwidth! The other sites are starting to grumble.

Upon a quick inspection today the client sites have a mixture of nanabeams and nanostations (2 of each) and the donor site has a sector antenna acting as an access point which leads to a tp-link router that handles the IP addresses for the wireless network and the donor site, which then connects to the isp router.

None of the client sites have any guarantee of expected speeds, but some have complained that it has become basically unusable lately, especially in the evenings. One stipulation was that the donor site does have one system on the premises that requires guaranteed bandwidth of approx 10mb/5mb down and up respectively.

One other issue that I did notice is that they all seem to be on the same subnet of 172.16.0.x which I assume raises security and privacy concerns? They will be able to see each other? If this is the case it is certainly not ideal, but I presume subnetting would solve this? (my subnetting knowledge is limited)

My first thoughts are that the TP-Link router is a weak link in the setup and should be replaced immediately, and possibly the sector antenna should be handling the IP addresses?

Initially I though this shouldn't be too complicated, but having done some research this evening, the more I read the more I am confusing myself. I had thought that adding a EdgeRouter would be the first step to take but all the info I read involved a lot of CLI stuff, which is a bit beyond me at the minute. I had also thought it should be possible to split the bandwidth equally, but now I am thinking of a QOS type arrangement, were a site could get more bandwidth if available. Perhaps I am over complicating this for myself!!

I can and certainly will do more research but what I would like to ask is what path would the more experienced than myself take for this?? Any help of advice greatly appreciated.
 
I have to get more details on this....
But we can attack this from 2x approaches..
*A router that is very strong with QoS features, that can help manage the bandwidth better, and even apply "penalties" to bandwidth hogs. Firewall distros such as PFSense, and Untangle...are both very strong in this area. If this is a residential neighborhood client (which I "think" but I'm not sure of based on your post)...Untangle may not be the best candidate for this. Microtik would be another good option.
*Ubiquiti's Unifi lineup also has some good bandwidth management on the controller. Also has good "client isolation mode" features to ensure each wireless client cannot see others (privacy). With the Ubiquiti controller you can set bandwidth caps for specific wireless profiles.
 
I've also done some QOS in EdgeRouters cli and once you learn the basics, it's pretty easy and powerful. There are many templates you can go by and adjust to your liking. You can put a hard limit on the troublemakers or you can guarantee set b/w to each tenant but others can use excess when available.
 
Thanks for the replies.

What extra details would you like YeOldeStonecat and I shall try and provide.

Yeah mostly residential use, a few have home offices, but nothing critical.

"you can guarantee set b/w to each tenant but others can use excess when available."

^^^ This would be ideal.

 
Last edited:
This is a great topic. I am working on a wireless network setup and would love to learn more also. So, Hope you do not mind me tagging a long here. :)
 
coffee said:
This is a great topic. I am working on a wireless network setup and would love to learn more also. So, Hope you do not mind me tagging a long here. :)
Click to expand...

Not at all, the more the merrier

YeOldeStonecat said:
When you say a "site"...what defines a site? A single computer? Or a residence...with an unknown number of devices in it?
Click to expand...

Sorry if my terminology is wrong or misleading, there may of been a glass of vino involved in the first post. A site refers to a building / residence. One is a small gym but I don't believe they offer WiFi to customers. It's for front desk / admin. Others family homes, 2 have small home offices. As said earlier everyone was content until the last house with the teenagers was added. Would imagine there is a lot of torrenting, streaming and the likes going on.

I suppose I will have to learn the CLI stuff at some stage anyway, but also like the idea of maybe getting my hands on some UniFi equipment to have a play about with it. Still confused as best approach lol.

Again thanks for the input guys.
 
If you've not done this before, build a quick pfsense box (perfect for you open source guys) and play with the traffic shaper.
There are lots of tutorials and YouTube videos to show you how to set the up the shaper.
 
altrenda said:
If you've not done this before, build a quick pfsense box (perfect for you open source guys) and play with the traffic shaper.
There are lots of tutorials and YouTube videos to show you how to set the up the shaper.
Click to expand...

Do you mean for the overall objective of splitting the bandwidth, or for limiting certain types of traffic? I suppose limiting torrents etc would be a useful exercise in itself anyway. pfSense has been on my "to do" list for a long time as far as setting it up and having a play about with it, but as with everything on that list its near impossible to find the time.
 
I use the traffic shaper to allocate bandwidth, similar to what it appears you're wanting.

In another case, I limit one workgroups bandwidth during the workday, but give them full access after hours when they transfer large amounts of data.

pfSense is a free way to learn how powerful firewalls work, it's web GUI is easy to understand and there are many online resources to help, both written and video. Untangle is good as well, but there isn't as much support available.

When you get the basics down, it makes moving to a CLI based system, like Venyatta/ Ubiquiti easier to understand.
 
So from the various ideas mentioned it seems I have 3 options. 1. Unifi equipment 2. Learn the CLI stuff for the EdgeRouter, or 3 pfSense.

I would actually like the chance to learn about all three, but I think at this stage I'll throw together a pfSense box and have a play about with it. So its off to youtube now to watch some videos before the inevitable pulling out of hair starts!
 
Ok, that was easier than expected. I went ahead and setup a pfSense box in the office to test it out. I wont go into the details of installing pfSense at this time. For the purposes of the test I set the box up to use a maximum of 15mb/5mb and I used the same network addressing scheme as used at the clients site.

Firstly I done some research on google about the traffic shaper function of pfSense. I found the following article very useful in helping me understand the procedure and terminolgy. I decided that it is the "Flexible Limiter" that would best suit my needs

https://www.reddit.com/r/PFSENSE/comments/3e67dk/flexible_vs_fixed_limiters_troubleshooting_with/

After setting it up I connected it up to 3 devices (one at a time) and started downloading large files to saturate the connection. As you see from the attached pics below the pfSense box split the available bandwitch evenly amoung the connected users, and even with the connection saturated by the downloads I was able to browse on each machine with no difficulty. It appears on paper that this will solve the problem as described in the first post, so the next step is obvoiusly put it into service and monitor. Thanks for the help and suggestions.


pfsense.jpg


2.jpg


3.jpg
 
Have installed the plugin now. Dont see the option for the widget on the dashboard, still useful though. Thanks for the tip.
 
You must log in or register to reply here.

Similar threads

britechguy
Web browser push notifications - how does one selectively block?
Replies
12
Views
455
Porthos
Porthos
timeshifter
How much bandwidth does a business really need?
Replies
8
Views
881
cypress
cypress
DanF
VLANs challenge
Replies
7
Views
468
DanF
DanF
Diggs
Access point traffic?
Replies
4
Views
640
Diggs
Diggs
HCHTech
Comcast Business Service - What am I looking at?
Replies
4
Views
283
Markverhyden
Markverhyden
Back
Top