headers
Ron Wallace | 1 Aug 2006 05:37

Re: [WISPA] I need Mikrotik Help

Thanks Larry, that is very useful.  I shall follow all of the advice I get.
-----Original Message-----
From: Larry Yunker [mailto:leyunker <at> wispadvantage.com]
Sent: Monday, July 31, 2006 11:36 AM
To: 'WISPA General List'
Subject: Re: [WISPA] I need Mikrotik Help

Ron,
 
When the number of active connections for any single user exceeds about 10 to 15 simultaneous connections, you generally have one of two things occurring.  Either the subscriber has been infected by some sort of virus/spyware or the customer is running some sort of peer-to-peer networking software (i.e. Kaaza, winMX, Limewire, Bittorrent, etc, etc, etc). 
 
Either of these situations will result in increased latency and decreased overall available network throughput on the Canopy systems.  On the Tranzeo system, the effect is far worse.  Since Tranzeo is 802.11b based, there is no polling mechanism to ensure timely delivery of packets.  the effect of a continuous streams of outbound traffic is dropped packets.  Dropped packets means timed-out web pages and dropped email sessions.  It gets far worse when you start dealing with games and VoIP.  Even 1% packet loss can result in unusable games.  Likewise, the very slightest IP interruption can make VoIP sessions experience jitter, echoing, and garbled signal.
 
It is important that you determine the specific customers that are causing the excessive streams.  Look at the ports in use and the destination addresses.  Determine if the traffic is likely P-t-P or an infection.  If it's P-t-P, you should be able to control the volume of the traffic by using the P-t-P throttling mechanisms available through the Mikrotik software.  If it's an infection, you should disassociate the user from your AP's until the infection can be resolved.  If you simply firewall the outbound traffic, you probably won't solve anything.  Many infections cause the PC to continuously send out packets regardless of whether those packets ever arrive at a valid destination.  Therefore, the infection will keep sending/flooding your AP even if you block the subscriber from successfully reaching the internet via a Mikrotik firewall.
 
Larry Yunker
Network Consultant
WISP Advantage 
 
----- Original Message -----
Sent: Monday, July 31, 2006 6:24 AM
Subject: [WISPA] I need Mikrotik Help

To all,
 
I have some abusive users, when I look at IP Firewall Connections I find a some users with over a hundred (100) instances listed in the source address column.  I think its flooding my network.  I have 2 T1's and 81 users.  We're growing faster than I can install new customers.
 
I am using Canopy 900, Canopy 2.45, & Tranzeo 2.45.  I have activated the SM, SNMP, BOOTP Server and Client filters on the canopy devices.
 
How can I limit the number of active instances of these abusive users on the Mikrotik?
 
Ron Wallace
Hahnron, Inc.
220 S. Jackson Dt.
Addison, MI 49220

Phone: (517)547-8410
Mobile: (517)605-4542
e-mail: rwallace <at> newgenet.net
rwallace <at> tigernet.bz

--
WISPA Wireless List: wireless <at> wispa.org

Subscribe/Unsubscribe:
http://lists.wispa.org/mailman/listinfo/wireless

Archives: http://lists.wispa.org/pipermail/wireless/
<div>
<div>Thanks Larry, that is very useful.&nbsp; I shall follow all of the advice I get.</div>
<blockquote>-----Original Message-----<br>From: Larry Yunker [mailto:leyunker <at> wispadvantage.com]<br>Sent: Monday, July 31, 2006 11:36 AM<br>To: 'WISPA General List'<br>Subject: Re: [WISPA] I need Mikrotik Help<br><br>
<div>Ron,</div>
<div>&nbsp;</div>
<div>When the number of active connections for any single user exceeds about 10 to 15 simultaneous connections, you generally have one of two things occurring.&nbsp; Either the subscriber has been infected by some sort of virus/spyware or the customer is running some sort of peer-to-peer networking software (i.e. Kaaza, winMX, Limewire, Bittorrent, etc, etc, etc).&nbsp; </div>
<div>&nbsp;</div>
<div>Either of these situations will result in increased latency and decreased overall available network throughput on the Canopy systems.&nbsp; On the Tranzeo system, the effect is far worse.&nbsp; Since Tranzeo is 802.11b based, there is no polling mechanism to ensure timely delivery of packets.&nbsp; the effect of a continuous streams of&nbsp;outbound&nbsp;traffic&nbsp;is dropped packets.&nbsp; Dropped packets means timed-out web pages and dropped email sessions.&nbsp; It gets far worse when you start dealing with games and VoIP.&nbsp; Even 1% packet loss can result in unusable games.&nbsp; Likewise, the very slightest IP interruption can make VoIP sessions experience jitter, echoing, and garbled signal.</div>
<div>&nbsp;</div>
<div>It is important that you determine the specific customers that are causing the excessive streams.&nbsp; Look at the ports in use and the destination addresses.&nbsp; Determine if the traffic is likely P-t-P or an infection.&nbsp; If it's P-t-P, you should be able to control the volume of the traffic by using the P-t-P throttling mechanisms available through the Mikrotik software.&nbsp; If it's an infection, you should&nbsp;disassociate the user from your AP's until the infection can be resolved.&nbsp; If you simply firewall the outbound traffic, you probably won't solve anything.&nbsp;&nbsp;Many infections cause the PC to continuously send out packets regardless of&nbsp;whether those packets ever arrive at a valid destination.&nbsp; Therefore, the infection will keep&nbsp;sending/flooding your AP even if you block the subscriber from successfully reaching the internet via&nbsp;a Mikrotik firewall.</div>
<div>&nbsp;</div>
<div>Larry Yunker</div>
<div>Network Consultant</div>
<div>WISP Advantage&nbsp;</div>
<div><a href="mailto:Larry.Yunker <at> wispadvantage.com" target="_blank">Larry.Yunker <at> wispadvantage.com</a></div>
<div>&nbsp;</div>
<blockquote>
<div>----- Original Message ----- </div>
<div>From: <a title="rwallace <at> newgenet.net" href="mailto:rwallace <at> newgenet.net" target="_blank">Ron Wallace</a> </div>
<div>To: <a title="wisp <at> part-15.org" href="mailto:wisp <at> part-15.org" target="_blank">wisp <at> part-15.org</a> ; <a title="wireless <at> wispa.org" href="mailto:wireless <at> wispa.org" target="_blank">wireless <at> wispa.org</a> </div>
<div>Sent: Monday, July 31, 2006 6:24 AM</div>
<div>Subject: [WISPA] I need Mikrotik Help</div>
<div><br></div>
<div>To all,</div>
<div>&nbsp;</div>
<div>I have some abusive users, when I look at IP Firewall Connections I find a&nbsp;some&nbsp;users with over a hundred (100) instances listed in the source address column.&nbsp; I think its flooding my network.&nbsp; I have 2 T1's and 81 users.&nbsp; We're growing faster than I can install new customers.</div>
<div>&nbsp;</div>
<div>I am using Canopy 900, Canopy 2.45, &amp; Tranzeo 2.45.&nbsp; I have activated the SM, SNMP, BOOTP Server and Client filters on the canopy devices.</div>
<div>&nbsp;</div>
<div>How can I limit the number of active instances of these abusive users on the Mikrotik?</div>
<div>&nbsp;</div>Ron Wallace <br>Hahnron, Inc. <br>220 S. Jackson Dt. <br>Addison, MI 49220 <br><br>Phone: (517)547-8410 <br>Mobile: (517)605-4542 <br>e-mail: rwallace <at> newgenet.net <br>rwallace <at> tigernet.bz 
<div></div>
<p>
</p>
<p></p>-- <br>WISPA Wireless List: wireless <at> wispa.org<br><br>Subscribe/Unsubscribe:<br>http://lists.wispa.org/mailman/listinfo/wireless<br><br>Archives: http://lists.wispa.org/pipermail/wireless/<br>
</blockquote>
</blockquote>
</div>
Permalink | Reply | 0 comments |
headers
Ron Wallace | 1 Aug 2006 05:32

Re: [WISPA] I need Mikrotik Help

Thanks John, I have noticed that many of them from one user are in sequence everyother number nnnn2,4,6,8, for example in the destination addr. I'll have a look at that.

>-----Original Message-----
>From: John J. Thomas [mailto:jthomas <at> quarnet.com]
>Sent: Monday, July 31, 2006 09:36 AM
>To: 'WISPA General List'
>Subject: Re: [WISPA] I need Mikrotik Help
>
>
>How many is "some"? They may be boxes that have been compromised with a worm, trojan, virus or spyware. Look closely at the destination ports they are connecting to. If the addresses/ports are in sequence, they may have malware on their PC.
>
>John
>
>>-----Original Message-----
>>From: Ron Wallace [mailto:rwallace <at> newgenet.net]
>>Sent: Monday, July 31, 2006 04:24 AM
>>To: wisp <at> part-15.org, wireless <at> wispa.org
>>Subject: [WISPA] I need Mikrotik Help
>>
>>To all,
>>
>>I have some abusive users, when I look at IP Firewall Connections I find a some users with over a hundred (100) instances listed in the source address column. I think its flooding my network. I have 2 T1's and 81 users. We're growing faster than I can install new customers.
>>
>>I am using Canopy 900, Canopy 2.45, & Tranzeo 2.45. I have activated the SM, SNMP, BOOTP Server and Client filters on the canopy devices.
>>
>>How can I limit the number of active instances of these abusive users on the Mikrotik?
>>
>>Ron Wallace
>>Hahnron, Inc.
>>220 S. Jackson Dt.
>>Addison, MI 49220
>>
>>Phone: (517)547-8410
>>Mobile: (517)605-4542
>>e-mail: rwallace <at> newgenet.net
>>rwallace <at> tigernet.bz
>>
>>
>
>
>--
>WISPA Wireless List: wireless <at> wispa.org
>
>Subscribe/Unsubscribe:
>http://lists.wispa.org/mailman/listinfo/wireless
>
>Archives: http://lists.wispa.org/pipermail/wireless/
>

<div><p>Thanks John, I have noticed that many of them from one user are in sequence everyother number nnnn2,4,6,8, for example in the destination addr. I'll have a look at that.<br><br>&gt;-----Original Message-----<br>&gt;From: John J. Thomas [mailto:jthomas <at> quarnet.com]<br>&gt;Sent: Monday, July 31, 2006 09:36 AM<br>&gt;To: 'WISPA General List'<br>&gt;Subject: Re: [WISPA] I need Mikrotik Help<br>&gt;<br>&gt;<br>&gt;How many is "some"? They may be boxes that have been compromised with a worm, trojan, virus or spyware. Look closely at the destination ports they are connecting to. If the addresses/ports are in sequence, they may have malware on their PC.<br>&gt;<br>&gt;John <br>&gt;<br>&gt;&gt;-----Original Message-----<br>&gt;&gt;From: Ron Wallace [mailto:rwallace <at> newgenet.net]<br>&gt;&gt;Sent: Monday, July 31, 2006 04:24 AM<br>&gt;&gt;To: wisp <at> part-15.org, wireless <at> wispa.org<br>&gt;&gt;Subject: [WISPA] I need Mikrotik Help<br>&gt;&gt;<br>&gt;&gt;To all,<br>&gt;&gt;<br>&gt;&gt;I have some abusive users, when I look at IP Firewall Connections I find a some users with over a hundred (100) instances listed in the source address column. I think its flooding my network. I have 2 T1's and 81 users. We're growing faster than I can install new customers.<br>&gt;&gt;<br>&gt;&gt;I am using Canopy 900, Canopy 2.45, &amp; Tranzeo 2.45. I have activated the SM, SNMP, BOOTP Server and Client filters on the canopy devices.<br>&gt;&gt;<br>&gt;&gt;How can I limit the number of active instances of these abusive users on the Mikrotik?<br>&gt;&gt;<br>&gt;&gt;Ron Wallace <br>&gt;&gt;Hahnron, Inc. <br>&gt;&gt;220 S. Jackson Dt. <br>&gt;&gt;Addison, MI 49220 <br>&gt;&gt;<br>&gt;&gt;Phone: (517)547-8410 <br>&gt;&gt;Mobile: (517)605-4542 <br>&gt;&gt;e-mail: rwallace <at> newgenet.net <br>&gt;&gt;rwallace <at> tigernet.bz <br>&gt;&gt;<br>&gt;&gt;<br>&gt;<br>&gt;<br>&gt;-- <br>&gt;WISPA Wireless List: wireless <at> wispa.org<br>&gt;<br>&gt;Subscribe/Unsubscribe:<br>&gt;http://lists.wispa.org/mailman/listinfo/wireless<br>&gt;<br>&gt;Archives: http://lists.wispa.org/pipermail/wireless/<br>&gt;</p></div>
Permalink | Reply | 501 comments |
headers
Ron Wallace | 1 Aug 2006 05:40

Re: [WISPA] I need Mikrotik Help

How many? 2 maybe 4, not many.  but one has generated over 500 boxes in the firewall connections listing.

>-----Original Message-----
>From: John J. Thomas [mailto:jthomas <at> quarnet.com]
>Sent: Monday, July 31, 2006 09:36 AM
>To: 'WISPA General List'
>Subject: Re: [WISPA] I need Mikrotik Help
>
>
>How many is "some"? They may be boxes that have been compromised with a worm, trojan, virus or spyware. Look closely at the destination ports they are connecting to. If the addresses/ports are in sequence, they may have malware on their PC.
>
>John
>
>>-----Original Message-----
>>From: Ron Wallace [mailto:rwallace <at> newgenet.net]
>>Sent: Monday, July 31, 2006 04:24 AM
>>To: wisp <at> part-15.org, wireless <at> wispa.org
>>Subject: [WISPA] I need Mikrotik Help
>>
>>To all,
>>
>>I have some abusive users, when I look at IP Firewall Connections I find a some users with over a hundred (100) instances listed in the source address column. I think its flooding my network. I have 2 T1's and 81 users. We're growing faster than I can install new customers.
>>
>>I am using Canopy 900, Canopy 2.45, & Tranzeo 2.45. I have activated the SM, SNMP, BOOTP Server and Client filters on the canopy devices.
>>
>>How can I limit the number of active instances of these abusive users on the Mikrotik?
>>
>>Ron Wallace
>>Hahnron, Inc.
>>220 S. Jackson Dt.
>>Addison, MI 49220
>>
>>Phone: (517)547-8410
>>Mobile: (517)605-4542
>>e-mail: rwallace <at> newgenet.net
>>rwallace <at> tigernet.bz
>>
>>
>
>
>--
>WISPA Wireless List: wireless <at> wispa.org
>
>Subscribe/Unsubscribe:
>http://lists.wispa.org/mailman/listinfo/wireless
>
>Archives: http://lists.wispa.org/pipermail/wireless/
>

<div><p>How many? 2 maybe 4, not many.&nbsp; but one has generated over 500 boxes in the firewall connections listing.<br><br>&gt;-----Original Message-----<br>&gt;From: John J. Thomas [mailto:jthomas <at> quarnet.com]<br>&gt;Sent: Monday, July 31, 2006 09:36 AM<br>&gt;To: 'WISPA General List'<br>&gt;Subject: Re: [WISPA] I need Mikrotik Help<br>&gt;<br>&gt;<br>&gt;How many is "some"? They may be boxes that have been compromised with a worm, trojan, virus or spyware. Look closely at the destination ports they are connecting to. If the addresses/ports are in sequence, they may have malware on their PC.<br>&gt;<br>&gt;John <br>&gt;<br>&gt;&gt;-----Original Message-----<br>&gt;&gt;From: Ron Wallace [mailto:rwallace <at> newgenet.net]<br>&gt;&gt;Sent: Monday, July 31, 2006 04:24 AM<br>&gt;&gt;To: wisp <at> part-15.org, wireless <at> wispa.org<br>&gt;&gt;Subject: [WISPA] I need Mikrotik Help<br>&gt;&gt;<br>&gt;&gt;To all,<br>&gt;&gt;<br>&gt;&gt;I have some abusive users, when I look at IP Firewall Connections I find a some users with over a hundred (100) instances listed in the source address column. I think its flooding my network. I have 2 T1's and 81 users. We're growing faster than I can install new customers.<br>&gt;&gt;<br>&gt;&gt;I am using Canopy 900, Canopy 2.45, &amp; Tranzeo 2.45. I have activated the SM, SNMP, BOOTP Server and Client filters on the canopy devices.<br>&gt;&gt;<br>&gt;&gt;How can I limit the number of active instances of these abusive users on the Mikrotik?<br>&gt;&gt;<br>&gt;&gt;Ron Wallace <br>&gt;&gt;Hahnron, Inc. <br>&gt;&gt;220 S. Jackson Dt. <br>&gt;&gt;Addison, MI 49220 <br>&gt;&gt;<br>&gt;&gt;Phone: (517)547-8410 <br>&gt;&gt;Mobile: (517)605-4542 <br>&gt;&gt;e-mail: rwallace <at> newgenet.net <br>&gt;&gt;rwallace <at> tigernet.bz <br>&gt;&gt;<br>&gt;&gt;<br>&gt;<br>&gt;<br>&gt;-- <br>&gt;WISPA Wireless List: wireless <at> wispa.org<br>&gt;<br>&gt;Subscribe/Unsubscribe:<br>&gt;http://lists.wispa.org/mailman/listinfo/wireless<br>&gt;<br>&gt;Archives: http://lists.wispa.org/pipermail/wireless/<br>&gt;</p></div>
Permalink | Reply | 7 comments |
headers
Ron Wallace | 1 Aug 2006 05:42

Re: [WISPA] Outstanding Networking Trainer Needed

Marlon is right-on here, since I have started to grow I can barely keep up with the wireless and the installs.  And the tech support.

>-----Original Message-----
>From: Marlon K. Schafer (509) 982-2181 [mailto:ooe <at> odessaoffice.com]
>Sent: Monday, July 31, 2006 12:30 PM
>To: 'WISPA General List'
>Subject: Re: [WISPA] Outstanding Networking Trainer Needed
>
>Tell your client to just hire his router work done. Routers can be managed
>from anywhere in the world.
>
>He should focus on his wireless and customers. Those things can't be done
>from the outside :-)
>
>Marlon
>(509) 982-2181 Equipment sales
>(408) 907-6910 (Vonage) Consulting services
>42846865 (icq) And I run my own wisp!
>64.146.146.12 (net meeting)
>www.odessaoffice.com/wireless
>www.odessaoffice.com/marlon/cam
>
>
>
>----- Original Message -----
>From: "Chuck" <chuck <at> hdwireless.net>
>To: "'WISPA General List'" <wireless <at> wispa.org>
>Sent: Friday, July 28, 2006 2:40 PM
>Subject: RE: [WISPA] Outstanding Networking Trainer Needed
>
>
>> Butch Evans ?
>>
>> Chuck Moses
>> HIGH DESERT WIRELESS BROADBAND COMMUNICATION
>> 16922 Airport Blvd # 3
>> Mojave CA 93501
>> 661 824 3431 office
>> 818 406 6818 cell
>>
>>
>> -----Original Message-----
>> From: wireless-bounces <at> wispa.org [mailto:wireless-bounces <at> wispa.org] On
>> Behalf Of Jack Unger
>> Sent: Friday, July 28, 2006 1:18 PM
>> To: WISPA General List
>> Subject: [WISPA] Outstanding Networking Trainer Needed
>>
>> An ISP client of mine that I just provided wireless training for has
>> asked me to recommend an instructor who could train them in Cisco router
>> fundamentals, administration, and networking. I'd like to recommend
>> someone to them who:
>>
>> 1. Can travel to the east coast to deliver a training course on-site for
>> three professional-grade ISP employee/managers.
>>
>> 2. Is an accomplished and experienced router/networking trainer.
>>
>> 3. Possesses a friendly, flexible, down-to-earth teaching style (like
>> mine) :)
>>
>> 4. Is dedicated, conscientious, and has a passion for empowering the
>> class to succeed (again, like me) :)
>>
>> If you are, or if you know of such an individual, I'd appreciate it if
>> you would let me know off-list, on-list, or via the telephone.
>>
>> Thanks in advance from your humble wireless servant,
>> jack
>>
>> --
>> Jack Unger (junger <at> ask-wi.com) - President, Ask-Wi.Com, Inc.
>> Serving the License-Free Wireless Industry Since 1993
>> Author of the WISP Handbook - "Deploying License-Free Wireless WANs"
>> True Vendor-Neutral WISP Consulting-Training-Troubleshooting
>> Phone (VoIP Over Broadband Wireless) 818-227-4220 www.ask-wi.com
>>
>>
>>
>>
>> --
>> WISPA Wireless List: wireless <at> wispa.org
>>
>> Subscribe/Unsubscribe:
>> http://lists.wispa.org/mailman/listinfo/wireless
>>
>> Archives: http://lists.wispa.org/pipermail/wireless/
>>
>> --
>> WISPA Wireless List: wireless <at> wispa.org
>>
>> Subscribe/Unsubscribe:
>> http://lists.wispa.org/mailman/listinfo/wireless
>>
>> Archives: http://lists.wispa.org/pipermail/wireless/
>>
>
>--
>WISPA Wireless List: wireless <at> wispa.org
>
>Subscribe/Unsubscribe:
>http://lists.wispa.org/mailman/listinfo/wireless
>
>Archives: http://lists.wispa.org/pipermail/wireless/
>

<div><p>Marlon is&nbsp;right-on here,&nbsp;since I have started to grow I can barely keep up with the wireless and the installs.&nbsp; And the tech support.<br><br>&gt;-----Original Message-----<br>&gt;From: Marlon K. Schafer (509) 982-2181 [mailto:ooe <at> odessaoffice.com]<br>&gt;Sent: Monday, July 31, 2006 12:30 PM<br>&gt;To: 'WISPA General List'<br>&gt;Subject: Re: [WISPA] Outstanding Networking Trainer Needed<br>&gt;<br>&gt;Tell your client to just hire his router work done. Routers can be managed <br>&gt;from anywhere in the world.<br>&gt;<br>&gt;He should focus on his wireless and customers. Those things can't be done <br>&gt;from the outside :-)<br>&gt;<br>&gt;Marlon<br>&gt;(509) 982-2181 Equipment sales<br>&gt;(408) 907-6910 (Vonage) Consulting services<br>&gt;42846865 (icq) And I run my own wisp!<br>&gt;64.146.146.12 (net meeting)<br>&gt;www.odessaoffice.com/wireless<br>&gt;www.odessaoffice.com/marlon/cam<br>&gt;<br>&gt;<br>&gt;<br>&gt;----- Original Message ----- <br>&gt;From: "Chuck" &lt;chuck <at> hdwireless.net&gt;<br>&gt;To: "'WISPA General List'" &lt;wireless <at> wispa.org&gt;<br>&gt;Sent: Friday, July 28, 2006 2:40 PM<br>&gt;Subject: RE: [WISPA] Outstanding Networking Trainer Needed<br>&gt;<br>&gt;<br>&gt;&gt; Butch Evans ?<br>&gt;&gt;<br>&gt;&gt; Chuck Moses<br>&gt;&gt; HIGH DESERT WIRELESS BROADBAND COMMUNICATION<br>&gt;&gt; 16922 Airport Blvd # 3<br>&gt;&gt; Mojave CA 93501<br>&gt;&gt; 661 824 3431 office<br>&gt;&gt; 818 406 6818 cell<br>&gt;&gt;<br>&gt;&gt;<br>&gt;&gt; -----Original Message-----<br>&gt;&gt; From: wireless-bounces <at> wispa.org [mailto:wireless-bounces <at> wispa.org] On<br>&gt;&gt; Behalf Of Jack Unger<br>&gt;&gt; Sent: Friday, July 28, 2006 1:18 PM<br>&gt;&gt; To: WISPA General List<br>&gt;&gt; Subject: [WISPA] Outstanding Networking Trainer Needed<br>&gt;&gt;<br>&gt;&gt; An ISP client of mine that I just provided wireless training for has<br>&gt;&gt; asked me to recommend an instructor who could train them in Cisco router<br>&gt;&gt; fundamentals, administration, and networking. I'd like to recommend<br>&gt;&gt; someone to them who:<br>&gt;&gt;<br>&gt;&gt; 1. Can travel to the east coast to deliver a training course on-site for<br>&gt;&gt; three professional-grade ISP employee/managers.<br>&gt;&gt;<br>&gt;&gt; 2. Is an accomplished and experienced router/networking trainer.<br>&gt;&gt;<br>&gt;&gt; 3. Possesses a friendly, flexible, down-to-earth teaching style (like<br>&gt;&gt; mine) :)<br>&gt;&gt;<br>&gt;&gt; 4. Is dedicated, conscientious, and has a passion for empowering the<br>&gt;&gt; class to succeed (again, like me) :)<br>&gt;&gt;<br>&gt;&gt; If you are, or if you know of such an individual, I'd appreciate it if<br>&gt;&gt; you would let me know off-list, on-list, or via the telephone.<br>&gt;&gt;<br>&gt;&gt; Thanks in advance from your humble wireless servant,<br>&gt;&gt; jack<br>&gt;&gt;<br>&gt;&gt; -- <br>&gt;&gt; Jack Unger (junger <at> ask-wi.com) - President, Ask-Wi.Com, Inc.<br>&gt;&gt; Serving the License-Free Wireless Industry Since 1993<br>&gt;&gt; Author of the WISP Handbook - "Deploying License-Free Wireless WANs"<br>&gt;&gt; True Vendor-Neutral WISP Consulting-Training-Troubleshooting<br>&gt;&gt; Phone (VoIP Over Broadband Wireless) 818-227-4220 www.ask-wi.com<br>&gt;&gt;<br>&gt;&gt;<br>&gt;&gt;<br>&gt;&gt;<br>&gt;&gt; -- <br>&gt;&gt; WISPA Wireless List: wireless <at> wispa.org<br>&gt;&gt;<br>&gt;&gt; Subscribe/Unsubscribe:<br>&gt;&gt; http://lists.wispa.org/mailman/listinfo/wireless<br>&gt;&gt;<br>&gt;&gt; Archives: http://lists.wispa.org/pipermail/wireless/<br>&gt;&gt;<br>&gt;&gt; -- <br>&gt;&gt; WISPA Wireless List: wireless <at> wispa.org<br>&gt;&gt;<br>&gt;&gt; Subscribe/Unsubscribe:<br>&gt;&gt; http://lists.wispa.org/mailman/listinfo/wireless<br>&gt;&gt;<br>&gt;&gt; Archives: http://lists.wispa.org/pipermail/wireless/<br>&gt;&gt; <br>&gt;<br>&gt;-- <br>&gt;WISPA Wireless List: wireless <at> wispa.org<br>&gt;<br>&gt;Subscribe/Unsubscribe:<br>&gt;http://lists.wispa.org/mailman/listinfo/wireless<br>&gt;<br>&gt;Archives: http://lists.wispa.org/pipermail/wireless/<br>&gt;</p></div>
Permalink | Reply | 501 comments |
headers
Marlon Schafer (509-982-2181 | 1 Aug 2006 08:07

[WISPA] Chicago tower

Anyone know who's this is?

marlon
Permalink | Reply | 7 comments |
headers
Rick Harnish | 1 Aug 2006 14:46

RE: [WISPA] Chicago tower

Marlon,  

I think we need a leeeeeeeeeeettle bit more information.  There are a lot of
people and a lot of towers in Chicago.  

Rick Harnish
President
OnlyInternet Broadband & Wireless, Inc.
260-827-2482
Founding Member of WISPA

-----Original Message-----
From: wireless-bounces <at> wispa.org [mailto:wireless-bounces <at> wispa.org] On
Behalf Of Marlon Schafer (509-982-2181)
Sent: Tuesday, August 01, 2006 2:07 AM
To: WISPA General List
Subject: [WISPA] Chicago tower

Anyone know who's this is?

marlon

--

-- 
WISPA Wireless List: wireless <at> wispa.org

Subscribe/Unsubscribe:
http://lists.wispa.org/mailman/listinfo/wireless

Archives: http://lists.wispa.org/pipermail/wireless/
Permalink | Reply | 6 comments |
headers
Jeff Broadwick | 1 Aug 2006 14:41
Picon

RE: [WISPA] frame size and fps - Mikrotik large packets


Hi Tom,

Ran this past engineering:

> Vlan is level two information. A VLAN packet has a different type in the
Ethernet header, which is read by the card driver. So a VLAN aware driver will
allow a packet which physical size is 1518 bytes long (1500 bytes of payload +
2*6 of ethernet address + 2 bytes of type/len + 4 bytes VLAN  extra info)
instead of the normal 1514.

Yep.  Typically, drivers will allow even larger packets than this, too, since
they'll allow frames with bridge headers, too.

> On the other hand, IPSec (more precisely ESP and AH) are IP protocols.  I.e.
the ethernet drivers knows nothing about it. And an IPSec packet can be
transported in an ethernet packet, a vlan packet or over a ppp connection. It is
IP. Plus, the overhead of IPSec is a lot more than 4 bytes, more 40 bytes or so,
but I don't remember the exact value.

It's about 32-36, depending on the packet and without compression, for an ESP
packet.

> So my recollection is as followed:
>
> - the unpatched drivers on our Linux box were dumb and would simply drop
packets that where too big.

That used to be the case, but has been resolved by the community.  Of course,
commercial vendors that run Linux solved this long ago, too.  A Linux system
will display and use the proper MTU.

> But this has no bearing on IPSec. This is a different ball games. And that's
why I was asking the question: what is it for? To create tunnels for you and
they need to have 1500 MTU? Or to create tunnels for the customers and it is
then a non-issue: they'll have to deal with the lower MTU size of the IPSec
tunnel and most of the time it just works (thanks to path MTU discovery).

As an expansion on that point, PMTU is just as important--if you have a
bottleneck somewhere in the middle of the network that only accepts a smaller
packet, you'll encounter problems.  MTU path discovery can help, but it is
unreliable and not always available.

> To clarify. The MTU is only the size of the payload. It doesn't take into
account the Ethernet header. Of course, the IP header, TCP/UDP header, etc. are
considered payload for ethernet and indeed counted in the ethernet payload.

This is incorrect.  The MTU is the size of the packet less non-TCP headers, as
you mentioned above.  It considers the entire packet with all headers attached.
The MSS is the value that you are defining here--the size of the allowable
payload.  The MSS is negotiated during the SYN and SYN/ACK phases of TCP.

> There are two MTU to consider. The MTU of the underlying ethernet interface
and the MTU of the VLAN interface itself. The second MTU is the "effective" MTU,
the one seen by application, networks, using this interface. The first MTU is
the one of the hardware interface.

I think that calling the second value an MTU is a misnomer.  The IPSec interface
has an MTU that is an actual MTU (not an "effective" one), and it will be lower
than either the VLAN or Ethernet interface upon which that VPN rides.

> The trick used by StarOS is to reduced the "effective" MTU.

I think the term you are searching to find is MSS.  Either way, the result is
the same: you get less payload so that the packet (headers+payload) fits within
a "normal" MTU.

> Therefore, gaining 4 bytes off the payload to expand the header into it,
without the underlying interface having to be aware of it. If it was possible,
leaving the effective MTU at the same value and increasing the underlying
interface MTU by 4 bytes would have the same effect.

Exactly, though just to be clearer, you're talking about dropping the MSS, which
would lower the MTU as well (all other things being equal).

> The proper VLAN aware drivers show 1500 MTU for both the underlying interface
and the VLAN interface but it treats VLAN packets with caution, so as not to
truncate or drop them because of their longer size.

If that's true, then it isn't a "proper VLAN aware driver."  The MTU should be
set correctly and not just show 1500 and use something else.

> >  I know the gigabit ports would, but not the Mikrotik 100mbps ports?

Actually, not all GigE ports will have jumbo frames enabled.  It's not a safe
assumption that your packets won't get fragmented on a GigE port.

> > So I'm not even sure how to test :-)

> You have to prevent or detect fragmentation to know what's going on.  With
ping, the option '-M do' will set the DF flag (don't fragment).

> The test is to see that without fragmentation, you can ping with '-s 1468' and
not with '-s 1472'. This would indicate a VLAN MTU issue.

> Sniffing with tcpdump, where appropriate, is also very informative. In
particular look at the flags: [DF] means that the don't fragment flag is set,
[+] means that the more fragment to come flag is set (i.e. the message is
fragmented). Examples:

> # sudo tcpdump -i eth4 -l -n -v icmp
> tcpdump: listening on eth4, link-type EN10MB (Ethernet), capture size
> 68 bytes
> 19:05:27.714176 IP (tos 0x0, ttl  64, id 12940, offset 0, flags [DF],
> length: 1500) 10.0.162.1 > 10.0.162.3: icmp 1480: echo request seq 0
> 19:05:27.761057 IP (tos 0x0, ttl  32, id 56852, offset 0, flags [DF],
> length: 1500) 10.0.162.3 > 10.0.162.1: icmp 1480: echo reply seq 0
> 19:05:43.667823 IP (tos 0x0, ttl  64, id 62485, offset 0, flags [+],
> length: 1500) 10.0.162.1 > 10.0.162.3: icmp 1480: echo request seq 0
> 19:05:43.667834 IP (tos 0x0, ttl  64, id 62485, offset 1480, flags 
> [none],
> length: 21) 10.0.162.1 > 10.0.162.3: icmp
> 19:05:44.665582 IP (tos 0x0, ttl  64, id 52822, offset 0, flags [+],
> length: 1500) 10.0.162.1 > 10.0.162.3: icmp 1480: echo request seq 256
> 19:05:44.665592 IP (tos 0x0, ttl  64, id 52822, offset 1480, flags 
> [none],
> length: 21) 10.0.162.1 > 10.0.162.3: icmp
> 19:09:11.485566 IP (tos 0x0, ttl  64, id 25938, offset 0, flags [+],
> length: 1500) 10.0.162.1 > 10.0.162.4: icmp 1480: echo request seq 768
> 19:09:11.485576 IP (tos 0x0, ttl  64, id 25938, offset 1480, flags 
> [none],
> length: 21) 10.0.162.1 > 10.0.162.4: icmp
> 19:09:11.492506 IP (tos 0x0, ttl  64, id 18866, offset 0, flags [+],
> length: 1500) 10.0.162.4 > 10.0.162.1: icmp 1480: echo reply seq 768
> 19:09:11.492811 IP (tos 0x0, ttl  64, id 18866, offset 1480, flags 
> [none],
> length: 21) 10.0.162.4 > 10.0.162.1: icmp

This is the best suggestion for finding the problem, if you know which node it
is causing trouble (or suspect).  You can also use other tools like tcpspray to
make sure that the problem isn't ICMP-specific (or different for ICMP than TCP).

Jeff

Tom DeReggi
RapidDSL & Wireless, Inc
IntAirNet- Fixed Wireless Broadband

--
WISPA Wireless List: wireless <at> wispa.org

Subscribe/Unsubscribe:
http://lists.wispa.org/mailman/listinfo/wireless

Archives: http://lists.wispa.org/pipermail/wireless/
Permalink | Reply | 9 comments |
headers
Marlon K. Schafer (509) 982-2181 | 1 Aug 2006 16:57

Re: [WISPA] Municipal Broadband - A Growing Threat (to Telcos)

What the government should do is just stay the hell out of the way and stop 
taxing those of us that work our fannies off so that they can give it to 
those that won't.

These projects aren't about access to anyone guys.  They are about getting 
names in the paper.  In the end they will fail.  Most of them anyway.  And 
ALL of the ones that have a free internet component.  Nothing the government 
ever does is free.  The closest example I can think of to free wifi would be 
a city park.  But the park doesn't require any investment from the user so 
that probably doesn't fit either.

Marlon
(509) 982-2181                                   Equipment sales
(408) 907-6910 (Vonage)                    Consulting services
42846865 (icq)                                    And I run my own wisp!
64.146.146.12 (net meeting)
www.odessaoffice.com/wireless
www.odessaoffice.com/marlon/cam

----- Original Message ----- 
From: "Tom DeReggi" <wirelessnews <at> rapiddsl.net>
To: "WISPA General List" <wireless <at> wispa.org>
Sent: Monday, July 31, 2006 1:06 PM
Subject: Re: [WISPA] Municipal Broadband - A Growing Threat (to Telcos)

> Thats the big thing government forgets to realize, that the costly part of 
> FREE wifi to deliver is End user infrastructure and support, not 
> deployment of the transport network.  Thats why I believe many Government 
> projects will not be successful. I can give you a perfect example.  I 
> almost had some contracts for broadband to street cameras in DC, and my 
> intent was going to broadcast FREE wifi from every camera location.  The 
> broadband to camera contract revenue would have justified the cost for me 
> to pay for the Wireless deployment, and did not require the full bandwidth 
> of the radios for the project.  It was only going to cost me an extra $110 
> per site (one time) to add a SR2s to layer on top the WiFi capabilty 
> portion.  Where the real cost was, was the end user CPE or Outdoor 
> antenna, tech support, and buying computers, etc.  The plan was maybe I'd 
> set up a 900 number for the support, or pre-paid support hours via the web 
> portal. Politically it would have also been good, maybe even press 
> worthly, "those annoying fines from traffic cameras, now gives back to the 
> commmunity with FREE Wifi."
>
> What the government should be doing is providing grants or loans for free 
> end user equipment. Then Third Party WISPs would flock in grand numbers, 
> to provide the transport network.
> Or tax credits for builders thatinclude structure wiring, or allow 
> easements for central wireless backhaul to the building. What doesn't add 
> up to me on Free Wifi is the Governement tries to find a Internet provider 
> to pay for it, through the benefits of advertising or access to eye ball 
> traffic. But if a Marketing company were to give PCs to the End user, what 
> better way would there be to control eye balls of the end user. The ISP 
> doesn't need to control the transport network to control the end user, if 
> they control them via the PC.  I think they are making the wrong 
> partnerships. There are also many assets that  are needed such as assets 
> of the property owners, and that isn;t available unless property 
> owners/managers are included in on the deal somewhere.
>
> Tom DeReggi
>
>
>
>> Peter R. wrote:
>>
>>> Most RFP's I have reviewed including Atlanta are hot for someone to come 
>>> in and give away free wi-fi, especially to schools and the under-served 
>>> sections of town.
>>>
>>> There are a couple of  problems:
>>> 1) How do you monetize that?
>>> 2) Most of the under-served don't have computers
>>>
>>> The only real threat to the telcos and cablecos is that the cheap users 
>>> will use the free system, so some of their revenues will decrease. But 
>>> so will support costs. And I am sure at some point they will stop 
>>> maintaining and/or upgrading low revenue facilities, furthering the 
>>> Digital Divide. But that won't stop them from collecting USF monies.
>>>
>>> There are monies available to build these networks if the governments 
>>> could get it together:
>>> Quality of Life grants; Homeland Security funding; USF monies for 
>>> libraries and schools - and those are just the ones off the top of my 
>>> pointed beanie.
>>>
>>> It's all coming to a head. Between now and 2009, lots of turbulence to 
>>> come. Much of it hangs on the lame telecom re-write and  how much of a 
>>> push-over Martin will be. If he gets a spine, it could be a great 
>>> economic revival.
>>>
>>> - Peter
>>>
>>>
>>> Dawn DiPietro wrote:
>>>
>>>> All,
>>>>
>>>> As quoted from the article;
>>>>
>>>> "“The competitive impacts of municipal broadband will be especially 
>>>> threatening to incumbents to the extent that muni nets can be cost- 
>>>> justified
>>>> by increased efficiencies, cost savings and other ‘internal’ or social 
>>>> benefits captured by local governments, schools, and other public 
>>>> institutions,”
>>>> the report states."
>>>>
>>>> While some understand the cost savings these networks can bring others 
>>>> are still focused on the "free wifi cloud" for the population in these 
>>>> areas. There needs to
>>>> be more focus on the fact that there are so many other benefits to 
>>>> these municipal networks such as water meter reading, public safety 
>>>> communications etc. For
>>>> these applications to work a robust network has to be built with the 
>>>> following in mind low latency, 99999 reliability, high capacity, and so 
>>>> on. Cost savings for
>>>> local government, businesses and residential should also be factored 
>>>> into the equation for services such as telecommunications times X 
>>>> number of phone lines just
>>>> for government offices and broadband access for all schools. I 
>>>> understand that this is only the tip of the ice burg and there are so 
>>>> many other applications and cost savings for these networks. My point 
>>>> is that the network has to be built robust enough to be able to support 
>>>> it all including a wifi cloud.
>>>>
>>>> Thanks to Jack for bringing this article to the list. :-)
>>>>
>>>> Regards,
>>>> Dawn DiPietro
>>>>
>>>> http://www.telecommagazine.com/newsglobe/article.asp?HH_ID=AR_2244
>>>>
>>
>> ---
>> ---
>>
>> -- 
>> WISPA Wireless List: wireless <at> wispa.org
>>
>> Subscribe/Unsubscribe:
>> http://lists.wispa.org/mailman/listinfo/wireless
>>
>> Archives: http://lists.wispa.org/pipermail/wireless/
>
> -- 
> WISPA Wireless List: wireless <at> wispa.org
>
> Subscribe/Unsubscribe:
> http://lists.wispa.org/mailman/listinfo/wireless
>
> Archives: http://lists.wispa.org/pipermail/wireless/
>
Permalink | Reply | 2 comments |
headers
Marlon K. Schafer (509) 982-2181 | 1 Aug 2006 16:53

Re: [WISPA] Chicago tower

OY!!!!  I pulled a Roger!  grrrr

http://cgi.ebay.com/180-radio-antenna-communication-tower-and-1-8-acres_W0QQitemZ270012114121QQihZ017QQcategoryZ15825QQrdZ1QQcmdZViewItem

That help?
Marlon
(509) 982-2181                                   Equipment sales
(408) 907-6910 (Vonage)                    Consulting services
42846865 (icq)                                    And I run my own wisp!
64.146.146.12 (net meeting)
www.odessaoffice.com/wireless
www.odessaoffice.com/marlon/cam

----- Original Message ----- 
From: "Rick Harnish" <rharnish <at> onlyinternet.net>
To: "'WISPA General List'" <wireless <at> wispa.org>
Sent: Tuesday, August 01, 2006 5:46 AM
Subject: RE: [WISPA] Chicago tower

> Marlon,
>
> I think we need a leeeeeeeeeeettle bit more information.  There are a lot 
> of
> people and a lot of towers in Chicago.
>
> Rick Harnish
> President
> OnlyInternet Broadband & Wireless, Inc.
> 260-827-2482
> Founding Member of WISPA
>
>
>
> -----Original Message-----
> From: wireless-bounces <at> wispa.org [mailto:wireless-bounces <at> wispa.org] On
> Behalf Of Marlon Schafer (509-982-2181)
> Sent: Tuesday, August 01, 2006 2:07 AM
> To: WISPA General List
> Subject: [WISPA] Chicago tower
>
> Anyone know who's this is?
>
> marlon
>
> -- 
> WISPA Wireless List: wireless <at> wispa.org
>
> Subscribe/Unsubscribe:
> http://lists.wispa.org/mailman/listinfo/wireless
>
> Archives: http://lists.wispa.org/pipermail/wireless/
>
> -- 
> WISPA Wireless List: wireless <at> wispa.org
>
> Subscribe/Unsubscribe:
> http://lists.wispa.org/mailman/listinfo/wireless
>
> Archives: http://lists.wispa.org/pipermail/wireless/
>
Permalink | Reply | 4 comments |
headers
Carl A Jeptha | 1 Aug 2006 15:57
Picon

Re: [WISPA] Chicago tower

He's a farmboy, the implication of more than one tall Structure in the 
same place might be a little tough for him. ;-)

You have a Good Day now,

Carl A Jeptha
http://www.airnet.ca
office 905 349-2084
Emergency only Pager 905 377-6900
skype cajeptha

Rick Harnish wrote:
> Marlon,  
>
> I think we need a leeeeeeeeeeettle bit more information.  There are a lot of
> people and a lot of towers in Chicago.  
>
> Rick Harnish
> President
> OnlyInternet Broadband & Wireless, Inc.
> 260-827-2482
> Founding Member of WISPA
>
>
>
> -----Original Message-----
> From: wireless-bounces <at> wispa.org [mailto:wireless-bounces <at> wispa.org] On
> Behalf Of Marlon Schafer (509-982-2181)
> Sent: Tuesday, August 01, 2006 2:07 AM
> To: WISPA General List
> Subject: [WISPA] Chicago tower
>
> Anyone know who's this is?
>
> marlon
>
>
Permalink | Reply | 0 comments |

Gmane