Looking suggestions for a setup for public wifi and about 100 devices support

VDNimp · Sep 10, 2015

Hello to the community. Even though I was a member long ago for some reason my account has been “lost”.

I want to ask your opinion for a wifi network setup for about 100 devices. I want to make a decent setup for my cafeteria only for my customers (no business hardware will be connected to it). The inside area is about 4300 square feet / 400 square meter, flat area and almost without any obstacles and outside area about 2150 square feet / 200 square meter.

I need to make a separate network with separate internet line. I think that 100 devices for the rush hours is a good number (actually I think that it could be around 80). I don’t care to provide separate passwords for each customer. The only feature that I really care about is to let me choose the amount of bandwidth/device.

I am thinking keep my ISP’s modem router and turn it to modem and add a good wifi router for inside area and an access point for the outside area. The budget I have to work with is around 400$ for the router and about 100$ for the access point.

Do you have any suggestions for a good router?

g90814 · Sep 10, 2015

You'd be hard pressed to accommodate 100+ devices with only one access point.

You might want to look into Ubiquiti access points, and set up 3-4 of them. You would still need a good router to connect them to the network.

VDNimp · Sep 10, 2015

That’s why I am asking suggestions for a wireless router. 100 devices will be connected to both (wifi router and access point) I believe that we are talking about max 80 devices inside and 20 outside.I will use access point for signal range extension because the only place I can put the router is inside the cafeteria at the back.

P.S. There is also a general public wifi network outside provided from the construction owner, so there is no much demand for wifi access form the customers there.

bill001g · Sep 10, 2015

You will never get it to work with just 2 wireless devices. It actually depends on what the users are doing but the maximum normally recommended is 10 users per device.

VDNimp · Sep 10, 2015

I am thinking that it is possible by reading some devices specs. For example the MikroTik RB2011UiAS-2HnD-IN. It says that it can support up to 100 users. And for the outside area 1 or 2 Ubiquitι Picostation Μ2 HP. For example MikroTik at the back of the cafe, 1 Picostation somewhere close to the door and 1 Picostation outside. MikroTik, specs mention that it has 4.1dpi antenna (so it should be ok for about 65f/20m) and it has an interface that allows you to manage bandwidth per user.

But as I mentioned already, “in the spec”. I haven’t ever used any product from this company. So I am looking some suggestions for devices that someone actually knows them and have seen for what they're cabled to support.

Do not forget that we are talking about a simple public hotspot that will offer enough bandwidth for facebook, chatting, internet surfing e.t.c.. Not for downloading or for actual business class connection. Just the basics.

bill001g · Sep 10, 2015

Go read design documents on the cisco,aviya or HP sites. I am sure some second or third level company can do better.......ya sure.

Ubiquiti stuff is pretty good but if you read their document they too would never recommend the density you are proposing.

Now if you can't afford to do it correctly then just buy whatever you can afford and live with it.

VDNimp · Sep 10, 2015

bill001g :

bill001g, I am not saying OK the specs say’s that it can handle 100 devices so it will. I said “in the spec” and I am asking for hardware suggestions. With a good router you could use less devices so less cables e.t.c. and that’s the reason I don’t want many access points. As about cheap, to find an economic solution doesn’t mean that I am not willing to spend the amount I have to. But cisco and dell routers designed for big amount of connections come with a tone of other features that I won’t use. I know that I could also add a RADIUS server for personal passwords e.t.c. but I do not need them. So why should I buy them.

Furthermore, I have the impression that the router is more important than the APs. Because the AP isn’t responsible for more than the 10 to 20 devices that is connected to it. The router does all the heavy work. So If the router have enough processing power and RAM the APs will only need to “support” it. There are many APs out there and the most of them do the job and they are not expensive. The router is what it worries me and I need suggestions and opinions about specific models. And any suggestion about specific AP that works well with it is also welcomed and Much appreciated!

Do you have any specific devices in mind?

bill001g · Sep 10, 2015

The AP is actually doing a tremendous amount of work compared to the router. Now if you are going to run 10 AP then the load with be distributed and you will not have a huge issue. This is part of the reason you need so many AP. All the encryption,authentication and all error correction as well as all the basic radio tranmission is handled by the AP. The ubiquiti line is pretty good when you can't afford enterprise class equipment. It is one of the few that has a central management system that is free. It of course is lacking some features.

All the router does pretty much is NAT. The router size is pretty much based on the total amount of traffic. To a point the more users and sessions that are open will place more load on the router because it has more to keep track. It really depend how big the internet connection is. If you are talking about some large 1g connection then it will kinda hard to find a router. If you are talking in the 100meg range then even many of the consumer routers should be able to handle that.

VDNimp · Sep 11, 2015

Obviously I got something wrong.

The internet connection is a simple 18Mbps ADSL2. And I am thinking to limit every connection to 300Kbps-400Kbps.

So to summarize, you are suggesting for 80-100 devices just for basic internet usage (internet surfing, chatting and not heavy usage like torrent download and streaming) to make a setup with one wired router and 6 to 8 Ubiquiti APs. Am I right?

The bandwidth limitation will be made by the router or the APs? And what router do you think it would be best for this setup?

Ubiquiti Picostation 2 have any amount of device limitation settings (for example to set maximum connected devices per Pico to 15-20)?

A setup with a Draytek Vigor 2830 Router, 6 Ubiquiti Picostation 2, and 2 Cisco SG100D-08 Switches to plug the APs (4 insides to first and 2 for outside to the second one) would be enough?

bill001g · Sep 11, 2015

I know nothing about that router but 18m is not a lot and most routers should handle that in general but the 18m will likely not be enough.

The number of users per AP is not something easily controlled, the ubiquiti software may help but if you say limit it to some number then you will get users complaining the system does not work.
This is where you need the high end (ie $10,000+) controllers that companies like cisco have. These can dynamical adjust the power of the AP which causes the end machines to select different AP to a point.

I think you need to really ask do you actually expect to have 80 device active if you do 18m will never be enough. Simple web pages have so much graphics in them and even simple video eats a lot.

Looking back I missed your requirement to limit the traffic rates. That feature by itself is going to make it extremely difficult to find a router that will work. This feature is normally done in a device called a traffic shaper. F5 from bigip is a example of a commercial one.

Now some routers/firewalls have the ability to limit traffic rates but almost all are static in nature. Only a true traffic shaper can you put in a simple rule that says limit each ip to a certain rate and have it dynamically generate the rules. Most other device you would have to say

192.168.1.1 limit xxx
192.168.1.2 limit xxx
....
192.168.1.?? limit xxx

This is extremely tedious to do and most devices do not allow you to put in a lot of these rules. Many of the consumer routers I have see are limited to say 10-15 rules. Even on equipment that has no configuration limit you have to remember ever packet must flow though all these rules so you will quickly run into a cpu limitation.

I suspect the only way you are going to get this function it to build your own traffic shaper. A dual nic pc running firewall software like pfsense might be able to do it. I have never looked into the limitation it has for traffic shaping. Commercial equipment has specialized chips to assist with function like this.

Still 18m is extremely small amount of bandwidth for that amount of users.

VDNimp · Sep 11, 2015

The cafeteria is located inside the city’s park, inside a small complex and I am limited by contract to have only one ISP and the ISP isn’t able to provide me a VDSL connection (50-48Mbps,100Mbps is offered only to big companies, only in specific areas and I am not anywhere near it). Even the complex’s wifi cannot provide a decent bandwidth to the free wifi connections. It is something around 2000kbps/ device the good days. Furthermore, I cannot make outdoor changes or even demand an extra line. So I don’t have any other choice as for the internet line.

I mention Draytek because it is widely mentioned in many reviews for small to midrange applications and its ability for bandwidth limitation rules and VLAN function. And you are right. It doesn’t dynamically calculate the demand and offer. It seems to have a standard field to enable and place a standard limit. That I cannot understand is if it that limit is appalling to each device or to each AP. But even it has a dynamic function, the fact that the password will be common for everyone and changed once a month, in a public place, is making it easy for someone to use it for some “naughty” reasons. And I don’t want to add a RADIUS because as I notice in other similar businesses, customers find it difficult to use registration or they demand some kind of printed password, they lose it all the time and it became a pain for the employee. Maybe the 400-500kbps isn’t enough. Maybe it should be around 1000Kbps and pray…

You are absolutely right about the cisco, hp, e.t.c. As I can understand you have experience from “Big Boys” companies and large scale networks. But small business, like mine, cannot afford that kind of budgets (10000$+) for something that cannot be actually used to its full potential (as I mention before, I cannot do anything about the internet line and it is not money issue) so that’s why I am struggling to have the best results with the actual facts…

bill001g · Sep 11, 2015

If we ignore the internet speed and the issue with too many user on the AP both which it seems you can't fix.

The your best option for restriction of the users is going to be with a firewall. The only affordable options is to buy a fairly powerful pc that has 2 ethernet ports in it and do it yourself. It should not be super expensive because you can used the video including in the processor and you do not need any fancy ssd and you do not even need to pay for a OS. All you really need is 4-8g of memory and a fairly fast cpu.

The common one people load is called pfsense but there are a couple of other linux based firewall distributions. You can easily stop most thing you do not want with fairly simple firewall rules. Just a rule that only allows http and https will stop most guys. This will prevent a lot of the video streaming, games and especially torrent.

Since you will use this as your main router (of course you need a dsl router on the connection but it will do nothing else but dsl) you can actually see all the mac addresses. You can use the option to limit total traffic so once someone say downloads 1g of traffic in say a day or a week you can block them for some period of time. This tends to be a simpler option than trying to limit the rates.

The other thing you can do with this server/firewall is run what is called a captive portal. This is how a hotel makes you log in one time and agree to something and you get access only for a certain period of time. This is another program you load...I don't know if it part of pfsense distribution or not.

Of course the guys who have actual skills can get past a lot of this the script kiddies will not.

VDNimp · Sep 11, 2015

Thank you very much bill001g! I hadn’t thought the firewall at all. I’ll make a research right away. You were very helpful!

As for the time limits and logins I think I shouldn’t add it. People know that they are outside of the capital and this are expected problems… Even though until now I am changing the password every month and it is written on the receipt you do not imagine how many people ask for help because the receipt program place it in quotation marks and they add them too! Imagine what will happen if I make it more complicate…

capt_taco · Sep 11, 2015

VDNimp :

I may be late to the party here, but I will say I have that exact model Microtik router in my house and it can certainly handle more than the average router. I've got 14-16 devices connected to it at all times, and it has been as many as ~25 devices at once when other people have been using it. It has never had any issues handling that many, although I've never had 100 at a time. (And the signal strength is among the best I have ever seen).

Having said that, if I understand it right, there is a hard limit of 18 Mbps for your Internet connection, so you may have to scale down your ambitions. That's not going to be enough to support 80 or 100 users regardless; more like half that, and even then only assuming their usage is somewhat staggered.

Search

Looking suggestions for a setup for public wifi and about 100 devices support

VDNimp

Reputable

bill001g

g90814

Honorable

VDNimp

Reputable

bill001g

Titan

VDNimp

Reputable

bill001g

Titan

VDNimp

Reputable

bill001g

Titan

VDNimp

Reputable

bill001g

Titan

VDNimp

Reputable

bill001g

Titan

VDNimp

Reputable

capt_taco

Splendid

TRENDING THREADS

Latest posts

Moderators online

Share this page