What kind of equipment for coding school of 100+ people (Netgear vs Ruckus vs...)

[heythisisdave]

Hey SNB - not sure if this is the right forum to discuss this type of setup but really been struggling with poor wifi last few weeks.

Users:
- 75-100 people right now
- 1.5x devices per person
- Everyone on Wifi

Usage type:
- Web browsing/email mostly
- Occasionally will see 20-30 people doing video streaming
- Occasional VOIP calls over Skype (2-3 people)
- Software development (installing libraries from online sources can be network heavy)

Current setup:
- WAN: Verizon FIOS, 150/50 service in Downtown Manhattan
- 2X Netgear R7000s, one in AP mode and one serving as main Router and Access Point

Usually things are OK with the Netgears and we're able to do things like stream Google Hangouts, do voice calls and browse the web without too many problems. However, occasionally everyone will drop out for a short moment or the entire network will slow down. I also have no way of figuring out the problem as the Netgear tools aren't so great.

Things I've looked at:
- I'm getting a pfSense 2440 box to serve as the new Router and considering using the Netgear's as Access Points
- I'm currently trying out a Ruckus XClaim Xi-3 access point. I was really excited about this as I heard great things about it but if I don't have Line of Sight it's really choppy. With Line of Sight it's pretty good and their cloud management solution is very intuitive.
- I've tried Ubiquiti solutions before (the UAPs) and had a rough time getting them to perform well, even at 10-15 clients they'd start dropping significantly
- I'm considering a 1-2 Ruckus 710s instead of the Xclaims but that's about $2K so want to exhaust other options.
- I'm considering using different firmware on the Netgear R7000s (AsusWRT or DDWRT perhaps)?

Am I thinking about the difference between the Netgear R7000s and the Ruckus correctly? Am I just paying for "enterprise" or is the difference real? Also, what can I use to identify the problem, is it Wifi, Routing, the core WAN connection?

 

[netwrks]

You could be running out of bandwidth, which could be on the reason's for the network stall. For the R7000's, have a look at this firmware. http://www.linksysinfo.org/index.php?threads/asuswrt-merlin-on-netgear-r7000.71108/ ~ Yes, the R7000's are also good AP's.

EDIT: this FW has real logging for the R700's, as opposed to the stock firmware, so you will be able to see what is going on the 7000's.
For routers there's also Microtik, and Ubiquiti. If you have a networking background, should be easy for install configuration.

 

[heythisisdave]

Thanks netwrks - I'll try that FW on the boxes when I get in on Monday. I'm hoping the pfSense will let me monitor total bandwidth usage - considering getting a 100/100 dedicated but that's quite a bit pricier than the 150/50 FIOS.

 

[System Error Message]

I suggest you use mikrotik or pfsense as your main router and the netgears as APs. Adding more APs especially for 5 Ghz will reduce bottlenecks if not everyone is on the same AP. 2 APs are not enough for 150 devices.

Netgear makes good hardware but their firmware isnt as good so try merlin firmware for it. Aside from Ruckus, mikrotik do have APs and very cheap indoor ones and since they all use routerOS it gives you a lot of control which you can use to reduce or eliminate unnecessary traffic or perform a layer 2 QoS which can help a bit during high loads.

If you run out of internet bandwidth you will need to do a QoS and mikrotik has the most options for QoS and you can combine many different configurations, pfsense has better features and in general is a better router but whichever choice you make you will need QoS.

 

[heythisisdave]

Hi

I suggest you use mikrotik or pfsense as your main router and the netgears as APs. Adding more APs especially for 5 Ghz will reduce bottlenecks if not everyone is on the same AP. 2 APs are not enough for 150 devices.

Netgear makes good hardware but their firmware isnt as good so try merlin firmware for it. Aside from Ruckus, mikrotik do have APs and very cheap indoor ones and since they all use routerOS it gives you a lot of control which you can use to reduce or eliminate unnecessary traffic or perform a layer 2 QoS which can help a bit during high loads.

If you run out of internet bandwidth you will need to do a QoS and mikrotik has the most options for QoS and you can combine many different configurations, pfsense has better features and in general is a better router but whichever choice you make you will need QoS.

Thanks for the advice.

What kind of devices by Microtik are comparable to the R7000 Access point? Their product suite is a bit confusing to understand (seems like lots of components rather than "boxes").

With the pfSense 2440 is there a nice scalable AP to add to my solution mix of 2 R7000s?

 

[System Error Message]

Use the filter when searching through mikrotik. They have a demo of what its like at demo.mt.lv . You cant make changes but you can see what it takes to configure it.

For dedicated routing going with their newer MIPS based routers are fast enough for your connection unless you use VPN. PPC based routerboards dont slow down as much when you add configs and some complication and can perform VPN at your connection speed which is something that no premium consumer router can give you especially at their price point. You can also buy the OS and run it on an x86 machine which will perform much better. If you want a core router to perform CPU based L2 switching with configurations you can try the CCR but the only limitation of the CCR is that your configs need to take advantage of their multicore architecture which means dividing up traffic into their own rules instead of having many rules that involve all traffic. The CCR can perform fast with hundreds to thousands unrelating QoS and firewall rules.

For mikrotik indoor wireless theres the 9xx series (just filter for wifi, SFP) but you will need the case for them which is cheaper to use a plastic or plexiglass case rather than the metal ones they offer. Their indoor APs are cheap for like $80 or less but mikrotik can be complicated to setup for wifi but it can be rewarding considering the amount of configuration you can do and the features.

Its not hard to scale APs especially for 5 Ghz but its difficult on 2.4. If you plan to have many APs you will need to configure 2.4 for crowded wifi while 5Ghz wont have any issue as you can stuff 10 APs into a small area if you like so configure the 5 Ghz for performance. As long as the APs you use will keep functioning and wont free you can use them. The only downside to mikrotik is that they dont have a cloud management system but you can copy paste configs and their winbox software will work on layer2, layer 3 IPv4 and IPv6 so if you have layer 2 access you can see the device on winbox and connect to it.

If you can go with enterprise hardware than be sure to go with it. Ubiquiti APs dont do well with many clients because they lack the hardware resource. Mikrotik indoor APs 9xx series have MIPS CPUs 3x faster than the ones in Uibiquiti APs and a lot of RAM so they will handle more clients, loads and configs than again managing and configuring mikrotik isnt as easy that you may prefer Ruckus instead if you're going to have many APs.

 

[thiggins]

For your requirement, you need a step above consumer equipment. I'm amazed two R7000s are doing as well as you say they are handing 75+ simultaneous clients.

You need a system capable of doing load balancing, band steering, airtime fairness and bandwidth limiting to keep things running smoothly, especially if you have 30 people streaming video simultaneously.

You should have a separate router and multiple dual-band APs. Newer AC gear tends to have better wireless schedulers, so should be able to handle more simultaneous clients. But for 75- 100 people, you may need around 4 APs. If you have multiple rooms, the # will go up because 5 GHz signals don't go as far as 2.4 GHz.

Xclaim gear claims to meet your requirements in terms of features. We just reviewed the Xi-3 and CloudManager.

The main issue is lack of good support options. All they have are Forums.

Edimax APs are less expensive. They have a multi-AP system that uses one AP as a controller we reviewed. They also support fast roaming.

 

[heythisisdave]

For your requirement, you need a step above consumer equipment. I'm amazed two R7000s are doing as well as you say they are handing 75+ simultaneous clients.

You need a system capable of doing load balancing, band steering, airtime fairness and bandwidth limiting to keep things running smoothly, especially if you have 30 people streaming video simultaneously.

You should have a separate router and multiple dual-band APs. Newer AC gear tends to have better wireless schedulers, so should be able to handle more simultaneous clients. But for 75- 100 people, you may need around 4 APs. If you have multiple rooms, the # will go up because 5 GHz signals don't go as far as 2.4 GHz.

Xclaim gear claims to meet your requirements in terms of features. We just reviewed the Xi-3 and CloudManager.

The main issue is lack of good support options. All they have are Forums.

Edimax APs are less expensive. They have a multi-AP system that uses one AP as a controller we reviewed. They also support fast roaming.

Hi thiggins - thanks for the reply and for running this great resource. That's what's really surprised me about the R7000s is that they've held up so well and everytime I try out a more expensive solution, it seems to do much worse. Right now I have a Xi-3 (configured with CloudManager) right next to Netgear R7000 and when I go to my office, I get constant drops with the Xi-3 (no line of sight) but the R7000 is fine and blazing along. My only tool for testing really is speedtest.net but I get much higher numbers with the R7000 than with the Xi-3. However, when I have line of sight the speed is comparable.

I don't know if the crazy antennae on the R7000 actually make a difference but it appears to have much better range than the Ruckus Xi-3. Also, if I look at specs it seems like the R7000s would have much more processing power than the Xi-3s.

That's why I've become a bit cynical about "enterprise" versus consumer. I've come to feel that it's some nice management tools but generally poorer Wifi capabilities...

My next thing to try out is having two R7000s act as APs connected to a pfSense box handling all routing. If I remember pfSense correctly, it should give me more info into how much peak bandwidth is being used and let me limit bandwidth per client (I suspect that some torrenting is occurring but can't verify right now).

 

[thiggins]

Consumer routers are all about maximizing range because people typically have only one, especially when they're paying $300 for it.

APs, on the other hand, don't focus on having maximum range, because they are used in multiples. In fact, when pros tune WLAN installations, they typically reduce transmit power to minimize co-channel interference.

If your R7000s really are handling your 100+ clients well and the main problem is range, then get another one to cover the dead spot, convert them all to APs and get a dedicated wired-only router in place.

But my guess is that at some point, you're going to want/need more control over the things I mentioned in my first response. I don't think the R7000s will do that for you.

 

[heythisisdave]

Ahh - that makes more sense (that enterprise APs don't care about range). I hadn't thought that that would be the trade-off but all my experiences are starting to make more sense.

The R7000s have great range, the main problem I have with them right now that I can't really monitor them to see what's going on or control other things like bandwidth use per client. That's why I'm getting the pfSense to replace using one of the R7000s as the router. I'm hoping the type of control that I can get with the pfSense will let me continue to use the R7000s rather than getting probably 3-4 Xi3's to replace them (to cover all the spots I'd need).

Thanks again for the advice. Curious - if I want to hire someone who knows what they're doing to come and help me with this, what would I look for? I've found people online but they usually want to diagnose it remotely (which makes me go: huh?)

 

[thiggins]

I don't think Pfsense or any other router is going to give you the control you need, because you need it at the AP level if you need to control per client bandwidth use. If you're ok with bandwidth limiting at the AP level, then the router can help.

If you're hiring someone, you want them local and they need to make house calls.

 

[stevech]

Non-line of sight (NLOS)_, no matter the AP brand - is limited by laws of physics of course.
What are the received signal strengths at the client devices for some of the NLOS clients? Take an average as you move about in the desired coverage area.
Look for -75 dBm or more positive.

I (we) can remotely help you some, gratis since it's education (right?).
Provide
Floor plan sketch or dupe of fire exit drawings. Annotate dimensions.
photos / videos of areas
# floors
Atriums and where they are
Annotate drawings with where desired coverage is to be.

Summarize demand for capacity from the WiFi by area, e.g., is there a room with more users and/or user activities that place more traffic loads?

Any heavy streaming video use via WiFi.

 

[L&LD]

You may want to try the XVortex RMerlin fork on your R7000's and consider the suggestion of adding another one too. This may be all that is needed for your performance needs to be met, for now.

 

[System Error Message]

Incase the R7000s with RMerlin firmware doesnt give enough control you will need to use routerboards to provide control as they can provide more control on the AP itself when coupled with hotspot/radius and you can use the script to generate or remove QoS/firewall rules based on users connecting.

Pfsense will provide internet control and firewall but if you find your network coming to a halt not because of internet than you will need to fine control on the AP and within your network. I suggest using RADIUS authentication if you can for your wifi since it can prevent unautherised users from using your network and free up some bandwidth and resource.

 

[netwrks]

I run the R7000 in AP mode, with Xvortex / Merlin FW. In AP mode, there is no QoS / shaping, which really should be done on a router anyway.

As a thought.. For an increased WAN bandwidth solution, consider purchasing a router that supports dual WAN connectivity, and renting a second FIOS link, (or other ISP) and run dual WAN at the school. From looking at the pfsense site, their product supports Dual WAN, if that is the direction you are going in.

 

[heythisisdave]

Thanks for all the advice. I saw that Tomato has more router level features for traffic management and am testing both of those on our test R7000s right now.

After doing more research, sounds like QoS is more what I need that bandwidth limits. I want to optimize for VOIP and video broadcast, followed by web and then anything else. Will try that at both the tomato on R7000 and pfSense level and report back.

I continue to read great things about the Ruckus R700/710 but given what thiggins said above (that the range on these aren't great intentionally) that's a 3k investment to match what I'm almost getting from the two Netgears.


Sent from my iPhone using Tapatalk

 

[netwrks]

Beware... Running QoS on the 7000's take a performance hit, as it disables Cut Through Forwarding (CTF). Consider moving QoS out to the pfsense.

 

[heythisisdave]

I just tried the AsusWRT Merlin on the R7000 and was not getting as good range as I got with the default FW (this was at my house, not at the school itself). I tried a bunch of Tx levels (it lets you configure it). I'm going to try default R7000 (2X) with a pfSense running QOS and see what happens.

 

[L&LD]

Did you leave the mode to Auto and test different channels for highest throughput?

Don't assume that the setting you previously used are still the best for the new firmware.

I just tried the AsusWRT Merlin on the R7000 and was not getting as good range as I got with the default FW (this was at my house, not at the school itself). I tried a bunch of Tx levels (it lets you configure it). I'm going to try default R7000 (2X) with a pfSense running QOS and see what happens.

 

[System Error Message]

Beware... Running QoS on the 7000's take a performance hit, as it disables Cut Through Forwarding (CTF). Consider moving QoS out to the pfsense.

You really need an enterprise router like pfsense on a x86 box with intel/marvel NICs or a mikrotik CCR. Both will perform QoS for internet very well, fast and give you a lot more control such as being able to combine per user, bandwidth limits and priorities all at the same time. RouterOS can also be installed on x86 so you dont need to buy a routerboard but you will need to check hardware compatibility.

Currently the popular dual core ARM consumer routers will only perform either bandwidth or priority based QoS but not both which means you cant use bandwidth control for users and at the same time prioritise VOIP and web over other things.

The mikrotik CCR can be used with a script to auto generate and remove QoS rules per user (but you must use some kind of user authentication such as RADIUS, hotspot, PPPOE) and can handle thousands of users with thousands of QoS rules to handle each of them very fast.

Try to see if Ruckus has APs with cloud based load balancing where the APs load balance users per AP in a small area which may make the investment worth it if they do even if they lack range. Alternatively if you want range mikrotik routerboard 9xx series have very high transmit power that will give you range and you can use standard or better antennas with them if you like.