Netgate SG-1000 microFirewall

Author Topic: Can Wifi APs get overwhemed by torrent connections ..?  (Read 310 times)

0 Members and 1 Guest are viewing this topic.

Offline ashima

  • Full Member
  • ***
  • Posts: 138
  • Karma: +2/-0
    • View Profile
Can Wifi APs get overwhemed by torrent connections ..?
« on: February 04, 2018, 11:47:46 pm »
Greetings to all,

   Wish  to discuss an upcoming scenario with high density / high population wifi devices in a small area.


Scenerio is for a  Hostel Accomodation,  wireless APs  are needed to be  installed in the coming week.
Each floor has too many 4inch brick walls (5-6) , hence planning several APs on each floor.


ISP available are :-  ISP-A Broadband 150 Mbps, ISP-B Broadband 80 Mbps , ISP-C Broadband 40 Mbps.
                      ( Upload & download speeds being the same in all the 3 ISPs )


Wi-Fi Access Points :-  Considering to  use Ubiquiti unifi ap ac lite   x  21 Numbers spread across 4 floors.
                        Open for suggestion if Ubiquiti unifi ap ac pro  would be more appropriate.
                        What would your comments be on Engenius EAP1200h . . ?


WiFi Coverage :- No Coverage Issues , -55 db  to -45 db. On Laptop the wifi signal shows 4/5  or  5/5 bars.


Networking : CAT6 , Gigabit switches.
             ISP-A (150Mbps) segmented for 3 Floors.
             ISP-B ( 80Mbps) segmented for 1 Floor.
             ISP-C ( 40Mbps) as a failover for  either ISP-A or ISP-B


Firewall :  pfsense configured with Captive Portal , 190 User Logins with Bandwidth Capped at 4Mbps per user login.
            with limit of 2 device per user login.
            Configured to run Captive Portal.    ( Squid is not required )


Each Access Point expected to receive max 30-40 concurrent device connections (Laptops & Mobiles).





Doubt - 1 :  will this desktop hardware be sufficient  for the job of  pfsense box ?
             AMD A-Series APU A4-6300 3.x GHz  - Dual Core  or
             AMD A-Series APU A8-7600 3.x GHz  - Quad Core (open for suggestions)
             
             8GB DDR3 Ram,  160GB SATA HDD x 2 Nos  ( RAID 0 - zfs mirror )
             5 GbE LAN Ports


Doubt - 2 :  In a particular area of the property,

We have a doubt about  several users  connect to the same WiFi AP simultaneously in a partucular area may use file torrenting on their laptops.  Since we have seen in the past,  a simple torrent file usually opens 40-50 connections & about 1000 half open connections.
Will this become an issue  &  other users within the same WiFi AP  experience disruptive internet performance  ?
Several users using torrent ( within same AP )  can  over whelm the WiFi AP's capacity to handle  per client connection ?

Also, that we do not wish to block torrents in the network.

Essentially, even thought the signals are strong, and the head count of users is just 20 at a given time,
but several users using torrent can  spoil the user experience in that area,  over whelming the particular WiFi-AP.

 

Regards,
Ashima


Offline Derelict

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 9763
  • Karma: +1103/-311
    • View Profile
Re: Can Wifi APs get overwhemed by torrent connections ..?
« Reply #1 on: February 05, 2018, 12:42:16 am »
Put a limiter on them so they can't monopolize the bandwidth.

You generally do not have to worry about client density in such an environment (given decent wi-fi gear) because the physical obstructions (walls, etc) mean that not enough clients can reach each AP so as to overwhelm them.

It sounds like many of your questions are better-suited for the wi-fi vendor of your choice. (based on past experience I would pick ubiquiti over engenius and ruckus over either).

190 users is nothing as far as pfSense is concerned, but pfSense captive portal has no way to limit a user to just two devices. It is either one or as many as they want per login. You could use a single-device voucher portal and give each user two.

Anything with a 3GHz clock should be fine. Use Intel NICs. Broadcom-based server NICs (such as pulls from Dell servers) have never given me a problem either.
Las Vegas, Nevada, USA
Use this diagram to describe your issue.
The pfSense Book is now available for just $24.70!
Do Not PM For Help! NO_WAN_EGRESSTM

Offline ashima

  • Full Member
  • ***
  • Posts: 138
  • Karma: +2/-0
    • View Profile
Re: Can Wifi APs get overwhemed by torrent connections ..?
« Reply #2 on: February 07, 2018, 09:56:56 am »

Thank you Derelict for replying, would need a suggestion .


     For the discussed location what are your thoughts about :-

    1.   Ubiquity Unifi AP AC Lite   vs   Tp-Link EAP 245.

    2.   Ubiquity Unifi AP AC Pro   vs   Tp-Link EAP 330.



regards,
Ashima

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 15094
  • Karma: +1408/-206
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: Can Wifi APs get overwhemed by torrent connections ..?
« Reply #3 on: February 07, 2018, 10:02:56 am »
TP link wouldn't even make bottom of the long list. There is no chance would use tplink even if they were FREE...
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.4.2-RELEASE-p1 (work)
1x SG-4860 2.4.2-RELEASE-p1 (home)

Offline Derelict

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 9763
  • Karma: +1103/-311
    • View Profile
Re: Can Wifi APs get overwhemed by torrent connections ..?
« Reply #4 on: February 07, 2018, 02:26:37 pm »
At the very least: s/tplink/dlink/
Las Vegas, Nevada, USA
Use this diagram to describe your issue.
The pfSense Book is now available for just $24.70!
Do Not PM For Help! NO_WAN_EGRESSTM

Offline NogBadTheBad

  • Sr. Member
  • ****
  • Posts: 491
  • Karma: +45/-0
    • View Profile
Re: Can Wifi APs get overwhemed by torrent connections ..?
« Reply #5 on: February 07, 2018, 02:37:27 pm »
You might be better looking at the Ubiquity UAP-AC-IW or UAP-AC-IW-PRO in wall models,  if you need to provide ethernet into each room.

https://inwall.ubnt.com/

I'd be tempted to use the Ubiquity for the captive portal / guest control, vouchers can be created quite easily via an app on a smart phone or via a web page on a PC, it even supports different payment types if required.

ISP-A (150Mbps) segmented for 3 Floors.
ISP-B ( 80Mbps) segmented for 1 Floor.
ISP-C ( 40Mbps) as a failover for  either ISP-A or ISP-B


Are you going to have 2 different SSIDs, one for guests on floors 1 - 3 and the other for floor 4, if you just have the one SSID they'll have problems if they roam between the floors as the internet address will change between the floors.

If you have two the user's will moan when the have to connect to the other SSID :)
« Last Edit: February 07, 2018, 03:03:32 pm by NogBadTheBad »

Offline ashima

  • Full Member
  • ***
  • Posts: 138
  • Karma: +2/-0
    • View Profile
Re: Can Wifi APs get overwhemed by torrent connections ..?
« Reply #6 on: February 08, 2018, 01:29:07 am »


 Thank you all for replying. So a big NO to TPlink.

@NogBadTheBad,   All the three ISPs will be connected to pfsense. All the Aps will be connected to this box.

The first  200 dhcp clients will use ISP A the next 50 clients will use ISP B. So depending upon the ip address ISP will be decided by pfsense.

Will be using same SSID across.

Is there any thing else I need to take care.

Regards,
Ashima

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 15094
  • Karma: +1408/-206
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: Can Wifi APs get overwhemed by torrent connections ..?
« Reply #7 on: February 08, 2018, 05:04:06 am »
"The first  200 dhcp clients will use ISP A the next 50 clients will use ISP B."

Huh??  So if your client 201 your golden you get isp all to your self with all the bandwidth... But if your 200 its going to blow because your sharing bandwidth with 199 others?

Why would you not load share across all the isp connections?
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.4.2-RELEASE-p1 (work)
1x SG-4860 2.4.2-RELEASE-p1 (home)

Offline ashima

  • Full Member
  • ***
  • Posts: 138
  • Karma: +2/-0
    • View Profile
Re: Can Wifi APs get overwhemed by torrent connections ..?
« Reply #8 on: February 08, 2018, 05:30:40 am »

 @johnpoz,

Well, there will be an upload and download speed restriction through captive portal / freeradius for every user.

I guess this would prevent any one of them  eat up the entire bandwidth. Is there any thing else I need to take care.

I am not load balancing as ISP A is at 150 Mbps  Up/Down and ISP B is at 30 Mbps up/down and ISP C is at 15Mbps/40Mbps Up/Down

So I thought ip based routing would be better. Am I right on this concept ?

Regards,
Ashima

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 15094
  • Karma: +1408/-206
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: Can Wifi APs get overwhemed by torrent connections ..?
« Reply #9 on: February 08, 2018, 07:31:35 am »
Never understand the point of such connections... Why would you not have your isp connections close in performance... I can understand maybe having a connection slower for a "backup" link that is cheaper than primary..  Those 3 widely different speeds seems very odd at best..

Wouldn't it be better to say get 2 connections from the A isp so you had a total of 300 up/down to work with?
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.4.2-RELEASE-p1 (work)
1x SG-4860 2.4.2-RELEASE-p1 (home)

Offline ashima

  • Full Member
  • ***
  • Posts: 138
  • Karma: +2/-0
    • View Profile
Re: Can Wifi APs get overwhemed by torrent connections ..?
« Reply #10 on: February 09, 2018, 01:26:44 am »

 @johnpoz

   Yes we can take 2 connections from same ISP. My doubt :

Since Its a broadband connection 150 Mbps dn & up both ways ,  the contention ratio  is expected to be  1:16  & having same gateway  unlike  a Leased Line Connection  with contention ratio  1:1  or  1:2 .

Are  there any issues  that you perceive    &   foresee to crop up . . . ?

regards,
Ashima