Mesh Linked AP

  • 3
  • Question
  • Updated 4 years ago
  • Answered
I have an issue trying to get an AP to appear in the hive as a Mesh connected AP. Currently it is not passing the capwap connectivity stage when it is within signal range of another AP and powered via PoE (ie not physically connected). It should be receiving around -70dBm. It’s setup in a clear channel – I kept the 5 GHz channel as Auto, which I could go back today and force to ensure the neighbouring AP is clear.

I initially connected the AP to the hive via the Ethernet network, uploaded the same config and could successfully connect clients to this AP which queried the RADIUS functioning AP(s) to authenticate. So I’m confident the AP has the correct config like the other APs in the hive. All the APs have their radio button set to allow the 5GHz radio to operate for data and mesh link.

I’m not sure if there’s another step I’ve missed to get this AP online.
Photo of Jason Hills

Jason Hills

  • 78 Posts
  • 3 Reply Likes

Posted 5 years ago

  • 3
Photo of Tash Hepting

Tash Hepting

  • 55 Posts
  • 29 Reply Likes
It sounds like you've hit the right areas... In general, what you need is:

1. All mesh APs need to be configured with the same hive name and hive password. This is typically done by provisioning it on the ethernet like you describe.
2. All mesh APs need to be within RF range of each other. You can verify this with the CLI command "show hive neighbor"
3. Mesh needs to be enabled on at least one of the WiFi interfaces on each AP, all on the same band.
4. The mesh point needs to not have a management IP address from a separate subnet (i.e. don't connect it back to the LAN over ethernet).

Since you have already done these, the first thing I would do is verify the neighbor connectivity with the command in step two. Run it on both APs to verify that they can both see each other. If they can't see each other then start eliminating variables by moving the APs in close proximity to each other and hard-coding the channels to the same channel.

If you're still having problems you may want to call in to support and get some more specific assistance.

Regards,
Tash
Photo of Erick Muller

Erick Muller

  • 35 Posts
  • 8 Reply Likes
Hey Jason,

I had a similar issue after trigger a configuration change on both APs at the same time.

You didn't mention if you actually checked if the mesh point was working, but in my case I saw the white LED in the AP, but for my hive manager the mesh point wasn't online, so I think that was a CAPWAP lost connection.

What I did is to ping the last known IP address for the mesh point and saw that the AP was actually responding. Once I was sure the AP was responding I asked somebody to power cycle the AP, that solved the problem.

I know that probably there is a more elegant solution for that (probably a CAPWAP CLI command) but in order to not provide somebody else with my Hive key that was the fast and secure way to solve the problem.

Hope this helps
Photo of Mike Smith

Mike Smith

  • 13 Posts
  • 1 Reply Like
Jason, did you ever find a resolution to this issue? I am experiencing the exact same thing and am working with support to try and find an answer.
Photo of Jason Hills

Jason Hills

  • 78 Posts
  • 3 Reply Likes
This week I applied some of the excellent advice in this thread and managed to get the Mesh AP up and running.

It would have occurred much much sooner, but I did not have access to APs to test at the time.

My solution also used a standard PoE injector for the mesh AP, which was successful either with the eth0 port set to Admin Up or Down. I prefer to set this to Down so Mesh is always forced and ethernet is never tried.
I set the channel to Auto on both the neighouring ethernet-connected APs as well as the Mesh AP. Expect this will provide max flexibility should the mesh need to go through a different nearby AP. I did not need to enable Bridging as suggested.

The mesh link typically took about 2-3 mins to establish and needed at least -80dBm.

cheers,
Jason
Photo of Jason Hills

Jason Hills

  • 78 Posts
  • 3 Reply Likes
Sorry I didn't end up finding a resolution in time.

Some advice I received recommended to set Eth0 as Bridge Access. However this doesn't make sense to me as this only bridges the Ethernet connected devices to appear in the wireless network.

I have heard from another person trying the same thing that it sometimes would take a long time to find the mesh?

Keen to hear how you get on.
Photo of Tash Hepting

Tash Hepting

  • 55 Posts
  • 29 Reply Likes
Jason - setting ethernet to Bridge Access also influences the mesh discovery. If the AP is getting link from the POE connection (like if it's from a switch), then it's going to try to CAPWAP discover through that ethernet interface and you've got to have your backhaul failover sorted out.

If you set the ethernet port to Bridge Access that shortcuts the whole thing and the AP immediately tries to mesh over the WiFi interface instead.

-Tash
Photo of Erick Muller

Erick Muller

  • 35 Posts
  • 8 Reply Likes
When we talk about setting the Ethernet port to bridge we are talking about the mesh point, right?

This won't be needed if you power the AP from a power supply right?
Photo of Tash Hepting

Tash Hepting

  • 55 Posts
  • 29 Reply Likes
Erick - Yes, the mesh point. Leave the portal as it is - it's ethernet port is where it's supposed to backhaul.

If you are powering the portal through the DC power supply and nothing is plugged in to the ethernet, then yes this is not needed. The key thing is that you need to not have ethernet link up on the mesh point, or if you do have link up you need to configure the system to support meshing in that topology.
Photo of Mike Smith

Mike Smith

  • 13 Posts
  • 1 Reply Like
Wait a second. If you are powering a device via PoE or DC adapter with no switch connectivity, isn't it by definition no longer a Portal device?

It seems like this should either just simply work without a lot of effort, or it should be very well documented so the smallest detail is not missed. I am finding neither is the case.

How does one configure "the system to support meshing in that topology"? Let's say I have a standard AP170 (AP-A), plugged in to the switching network, and another AP170 (AP-B) that is powered by an outdoor PoE injector. I want AP-A to provide mesh connectivity to AP-B on the 2.4Ghz radios, and AP-B will provide access to clients on the 5Ghz radios. What are *ALL* of the required settings to make this work?
Photo of Tash Hepting

Tash Hepting

  • 55 Posts
  • 29 Reply Likes
Mike - The key is whether or not there is link on the Ethernet port. If you are using a POE injector that does not cause link to go up, then everything is fine. If you are plugging it into a POE switch and link goes up on the ethernet port, by default the AP will think it's a portal.

In your topology, as long as the outdoor POE adapter does not provide link, it will just work. I am being careful to specify "link" because not all POE devices are just power.
Photo of Mike Smith

Mike Smith

  • 13 Posts
  • 1 Reply Like
So if I bought this outdoor PoE injector from Aerohive (Microsemi PowerDsine PD-9001GO), what should I expect?

If I remember correctly, the outdoor unit was billed as an Ethernet extender/power injector. With no external link lights, I can't verify for sure, but I would guess that the AP is in fact getting link from the injector, which very well could be the source of the problem here.
Photo of Tash Hepting

Tash Hepting

  • 55 Posts
  • 29 Reply Likes
Mike,

I haven't used the outdoor POE inject yet, so I'm not entirely sure. I will follow up on this but probable won't get a chance to try it out until Monday since I'm not in the office today.

In the mean time you could experiment and try disabling the Eth0 port (admin down) to force the AP to try the Mesh connection first. This is generally preferable to making the port "bridge access" because it prevents unauthorized devices from getting onto your network. Screenshot attached, it's in the Configuration page, devices, click on the AP in question to bring up the AP configuration screen.



If you end up "locking yourself out" of the AP because something else is wrong with the Mesh configuration and you've just turned off the ethernet port, just wait for 15 minutes or so for the configuration to automatically roll back. Or get a paperclick and hold down the reset button for 15 seconds to factory default the AP config and let it find HiveManager again.
Photo of Mike Smith

Mike Smith

  • 13 Posts
  • 1 Reply Like
I built a "power only" net cable to accomplish the same thing. Still no joy yet.

Photo of Tash Hepting

Tash Hepting

  • 55 Posts
  • 29 Reply Likes
Hmm. I'm not sure what is going on then. Are you working with our support group? You should be able to have them mesh up after they get the configuration pushed from HiveManager.

What version of HiveOS are you using?

-Tash
Photo of Edward Nice

Edward Nice

  • 19 Posts
  • 6 Reply Likes
So . . .

What was the final outcome to this story?
Photo of Mike Smith

Mike Smith

  • 13 Posts
  • 1 Reply Like
For us, it was a bit of a mystery. I went 2 weeks without it working. Passed the case up to the Support team and got a ticket going. Found out that 5.1r5 fixed some meshing issues and made sure all of the 170's had it, but it still wouldn't work. Swapped out hardware, still nothing.

Then, I came back from a long weekend, and all of a sudden it was working, everywhere. Not just on my test AP, but all over the campus. Don't have any explanation for it. I wish I had a more concrete answer for you, but right now I have to chalk it up to mystery.
Photo of Jason Hills

Jason Hills

  • 78 Posts
  • 3 Reply Likes
Mike, those mysteries are the most frustrating.

I have a general query regarding the setup and topology limitations of using several AP170s in a 5GHz mesh network.

We plan to develop a ring-based topology in the 5GHz band supporting a camera network. The 2.4GHz radios will be disabled. There will be wired Ethernet back-haul from only one AP170.
I understand that an AP170 can only mesh-connect to only one other AP. i.e. a series of Point to Point links.

In this example, each node will have a single AP170 with a directional yagi orientated to the next node in the ring which consists of a single AP170 with a similar directional yagi pointed back at that AP170, and a second directional yagi pointed to the next node.

My query is, since the AP170 has a single 5GHz radio with two N-connector ports (for spacial-diversity), can I create a linking chain by from one port pointing a yagi to one AP170, and from the other port point a different yagi to another AP170, to form a chain.

My other question is, if there is a spur from the ring, I assume that I would need another AP at this node of the ring to mesh the AP at the spur node. Because the AP170 has both antenna ports utilized in the chain.

Are there any limitations or configuration difficulties with this sort of arrangement? I'm wondering if the APs may decide to create their own paths (depending on the beamwidths of the antennas).

It would be good to use Aerohive for this solution, as the other part of the installation is to provide a small public WiFi access using the 2.4GHz band from some of the AP170s which are nearer to the public area.

Any pointers or caveats would be greatly appreciated.
Photo of Jason Hills

Jason Hills

  • 78 Posts
  • 3 Reply Likes
I am also interested to know the bandwidths people have achieved using pairs of AP170 meshed at 5GHz. Typically distances between nodes is 150 metres in my application.

I'm beginning to think that a self-healing ring topology may not even be possible with the APs, in terms of data changing direction if a Node in the ring is lost.

e.g in a 4 node ring: if the NodeA (Portal) AP -> NodeB -> NodeC -> NodeD
I presume this is basically a 'Line' or 'chain' topology where it Ends at NodeD and is not mesh connected back to the Portal Node, even though NodeD is visible to the Portal NodeA.

Consider If NodeD becomes disconnected from NodeC (because NodeC fails), will the NodeA(Portal) connect to NodeD. However if this occurs then NodeB will no longer be connected to the NodeA (Portal).

I would like any clarification on the self-healing properties of the ring. This would assume that each of the Nodes has adequate signal margin to the adjacent Nodes.

thanks.
Photo of Edward Nice

Edward Nice

  • 19 Posts
  • 6 Reply Likes
I'm not sure were the concept of a ring entered in, or the idea that the AP170 can only mesh to one other device at a time. I've not seen this limitation documented or in our practical experience. I do think that meshing with AP170s has not been entirely stable since 5.1r4a (IMHO).

Meshing is just that, a full mesh, with each AP establishing direct mesh connections to as many other APs as it can communicate to within the parameters required, and limited by your configuration. The APs then intelligently and dynamically select the least cost route to the portal/gateway. If one or more links go down or become less efficient, traffic is automatically routed through the best remaining path.

We have been using AP170s (since 2011) both as Portal and Meshed 'anchors' to support full mesh topologies across 40 acre sites supporting end-point AP350s (dozens) up to 300 meters distant. This is not to say or experience is entirely without issues. There have been many bumps and issues along the way This is not unexpected, as our system has been a build as you go, trial and error, continual improvement approach. Better antennas, better cables, better antenna locations, better base locations, different types of antennas. We didn't have a recipe to follow, so we had to cook it up with trial and error. Then again, we did it all ourselves ;-}

Photo of Mike Smith

Mike Smith

  • 13 Posts
  • 1 Reply Like
Ed, thanks for posting your topology. My concern throughout this process is the inherent requirement of having all of the AP's (maybe one side of your campus) on the same channel for backhaul. It seems like you would be bumping the interference thresholds all the time. What do you see in reality?

Our situation is different in that we still serve clients on our mesh 170's (WiFi phones), so I might be a little more sensitive to blanketing a whole area with the same frequency. But I thought it might be good to get input from others who have done it.
Photo of Edward Nice

Edward Nice

  • 19 Posts
  • 6 Reply Likes
I'm traveling, so forgive my one fingered tap tap tap reply.

Your situation sounds similar to ours. We dedicate the 5 GHz band to supporting the mesh, and the 2.4 GHz to client connections which include our ASCOM WiFi phones.

DISCLAIMER: Meshing seems to be a dark art. The following is my current 'reciepe'.

We have AP170s mounted on the main building as Portals, and AP350s mounted in the attic spaces of the Twin-Single homes. The AP170s have 16 dbi Ubiquity 5 GHz sector antennas with 6 inch cables, the AP350s have 10 or 13 dbi Ubiquity 5 GHz omni antennas or 16 dbi sector antennas with 6' cables depending on the distance to the base portal.

The Ubiquity antennas are dual polarity, and the cables need to be the highest quality you can find. The antenna cables need to be consistently connected with vertical polarity to ant0 and horizontal to ant1. If using AP350, you may want to limit chaining to 2x in the radio profile. Also turning off background scanning in the 5 side, and possibly WIPS will keep things calm.

We set the 5 GHz radio channels to auto as advised by Aerohive Engineering (which is counter intuitive, but does help), but have had to specify a Channell on the bases to keep the mesh from meandering about the channel range and trying to mesh to dead-ends. Yes, on our larger campus we do peg a different channel on opposite sides of the building.

As far as flooding the spectrum, this is not a problem (don't know why, I'm not an engineer, here's my humble opinion), airtime is allocated to each mesh point dynamically just as mant clients are supported by a single AP.

Time for breakfast, more to follow.