draytek seminar in greece, session 2

1

Control the Network

Henry Lo

Application Engineer

Seminar

2

Outline

• Content Security Management (CSM)- Web Content Filter with DNS Filter - APP Enforcement

• User Management- Customized Login Page Logo - Create Accounts for Accommodations

• AP Management- Setup, Configure, and Maintenance - Management Methods

• WiFi Airtime Fairness• Bandwidth Management

3

Outline





4

Web Content Filter

www.google.com

www.google.com

CYREN Server

Search Engines & PortalsPass

www.facebook.comwww.facebook.com

Social Networkingblock

5

Web Content Filter

6

Web Content Filter

7

Web Content Filter

8

DNS Filter

• To filter HTTPS websites• Based on the filtering conditions of WCF and UCF

9

APP Enforcement

11

Apply CSM to Firewall• For all LAN Clients

- Firewall >> General Setup >> Default Rule

12

Apply CSM to Firewall• For Certain LAN

Clients- Firewall >> Filter

Setup >> Data Filter

13

• Configurable Message

Show Blocking Message

14

Monitor Activities with Syslog

15

Outline





16

Customized Login Logo

17

Customized Login Logo

18

Accounts for Guests• Create Accounts for Rooms

19

• Create User Group for accounts

Accounts for Guests

20

• Apply to Firewall — Request User Login for Guests

Accounts for Guests

21

Outline

• Content Security Management (CSM)- URL Content Filter with DNS Filter - Web Content Filter with DNS Filter - APP Enforcement


• AP Management- Plug-n-Play Setup, Configuration Provision, and Maintenance - Wireless LAN Management Methods


22

AP Management

• Plug-n-Play Setup• AP Configuration Provision• AP Maintenance • Wireless LAN Management

- Traffic Graph for each AP - AP Load Sharing - AP Roaming

23

Plug-n-Play Setup

PoE on Switch AP Plug-n-Play

24

• Before connection• After connection• Router provides DHCP Address to AP

Plug-n-Play Setup

25

AP Configuration Provision

26

• Apply to Device

AP Configuration Provision

27

AP Maintenance

• Choose an Action

28

AP Traffic Graph

29

• Define the Overload Indicator

AP Load Balance/Sharing

30


• By Traffic

Traffic: 32 MbpsLimit: 32 Mbps


32


• Force Overload Disassociation



16 Mbps 16 Mbps

10 Mbps10 Mbps

0 Mbps Idel

33

AP Roaming

• Pre-Authentication — Rome to Next• PMK Cache — Rome Back

34

Outline





35

• Theory:

- Channel Can be Accessed by Only One Station at a Time (802.11)

- Each Station has Equal Priority to Access the Channel (802.11e)

8 Stations

12.5%

12.5%

12.5%

12.5% 12.5%

12.5%

12.5%

12.5%

20 Stations

Airtime Fairness

36

Test Environment Setup

Link Rate 130Mbps

Link Rate 65Mbps

Doors Keep Close

AP900192.168.38.2/24

110120130140150160170

210

PC, JPerf Client

JPerf ServersTest Direction: LAN to WLAN

37

Without AirTimeFairness

Test 1 Test 2 Test 3 Average

192.168.38.110 1.17 1.78 1.84 1.60

192.168.38.120 7.26 7.18 7.58 7.34

192.168.38.130 8.59 8.25 8.70 8.51

192.168.38.140 4.37 3.46 3.68 3.84

192.168.38.150 7.22 7.06 7.13 7.14

192.168.38.160 6.93 6.81 7.83 7.19

192.168.38.170 1.68 1.57 1.75 1.67

Sub Total 37.22 36.11 38.51 37.28

192.168.38.210 5.49 5.83 5.46 5.59

Total 42.71 41.94 43.97 42.87

Without AirTime Fairness

Link Rate65 Mbps

Link Rate130 Mbps

38

Some Stations May Feel the


“Stall”

39

Without AirTime Fairness• Theory: Each Station has

Equal Probability to Use AirTime - But Some Stations may be Good at

Occupying the AirTime

Theory

12.50%

12.50%

12.50%

12.50% 12.50%

12.50%

12.50%

12.50%

• Test Result without AirTime Fairness

Without Airtime Fairness

21013.35%

1703.88%

16016.70%

15016.60%

1408.93%

13019.77%

12017.05%

1103.72%

40

With AirTime Fairness

41

With AirTimeFairness

Test 1 Test 2 Test 3 Average

192.168.38.110 4.75 4.70 4.57 4.67

192.168.38.120 5.71 5.59 5.68 5.66

192.168.38.130 9.09 9.21 8.21 8.84

192.168.38.140 5.21 5.14 5.37 5.24

192.168.38.150 8.34 8.53 8.45 8.44

192.168.38.160 9.52 9.23 9.41 9.39

192.168.38.170 3.30 3.29 3.42 3.34

Sub Total 45.92 45.69 45.11 45.57

192.168.38.210 4.64 4.80 4.54 4.66

Total 50.56 50.49 49.65 50.23


Link Rate65 Mbps

Link Rate130 Mbps

42


“Stall”

• Stations have More Equalized Performance - Assuming they have the same hardware speed, more equalized

performance can be related to more equalized AirTime

43


2109.26%170

6.64%

16018.65%

15016.76%

14010.41%

13017.76%

12011.25%

1109.28%


21013.35%

1703.88%

16016.70%

15016.60%

1408.93%

13019.77%

12017.05%

1103.72%

Comparison in BetweenIndividual Ratio

44

• 22.24% Improvement

Clients with 130Mbps Link Rate

WithoutAirTime Fairness

WithAirTime Fairness

Difference Improvement

192.168.38.110 1.60 4.67 3.07 191.88%

192.168.38.120 7.34 5.66 -1.68 -22.89%

192.168.38.130 8.51 8.84 0.33 3.88%

192.168.38.140 3.84 5.24 1.4 36.46%

192.168.38.150 7.14 8.44 1.3 18.21%

192.168.38.160 7.19 9.39 2.2 30.60%

192.168.38.170 1.67 3.34 1.67 100.00%

Sub Total 37.28 45.57 8.29 22.24%

192.168.38.210 5.59 4.66 -0.93 -16.64%

Total 42.87 50.23 7.36 17.17%20

25.2

30.4

35.6

40.8

46

Without With

45.57

37.28

45

• -16.64% Deduction

Client with 65Mbps Link Rate

0

1.4

2.8

4.2

5.6

Without With

4.66

5.59




192.168.38.110 1.60 4.67 3.07 191.88%

192.168.38.120 7.34 5.66 -1.68 -22.89%

192.168.38.130 8.51 8.84 0.33 3.88%

192.168.38.140 3.84 5.24 1.4 36.46%

192.168.38.150 7.14 8.44 1.3 18.21%

192.168.38.160 7.19 9.39 2.2 30.60%

192.168.38.170 1.67 3.34 1.67 100.00%

Sub Total 37.28 45.57 8.29 22.24%

192.168.38.210 5.59 4.66 -0.93 -16.64%

Total 42.87 50.23 7.36 17.17%

46

• 17.17% Improvement

Overall

30

35.5

41

46.5

52

Without With

50.23

42.87




192.168.38.110 1.60 4.67 3.07 191.88%

192.168.38.120 7.34 5.66 -1.68 -22.89%

192.168.38.130 8.51 8.84 0.33 3.88%

192.168.38.140 3.84 5.24 1.4 36.46%

192.168.38.150 7.14 8.44 1.3 18.21%

192.168.38.160 7.19 9.39 2.2 30.60%

192.168.38.170 1.67 3.34 1.67 100.00%

Sub Total 37.28 45.57 8.29 22.24%

192.168.38.210 5.59 4.66 -0.93 -16.64%

Total 42.87 50.23 7.36 17.17%

Summary of AirTime Fairness

47

• Improve Overall WiFi Performance, in Most Cases - Stations with Good Link Rate get Increased - Stations with Poor Link Rate get Decreased

• Hint: In Central AP Management >> Load Balance, set Force Overload Disassociation as by single Strength

48

Outline





49

Bandwidth Management

• Bandwidth Limit• Session Limit• QoS

50

Bandwidth Limit

51

• Default – if no specified rule for this IP address• Auto Adjustment to utilize bandwidth

• Check Data Flow Monitor

Bandwidth Limit

52

Bandwidth Limit

53

• Specified rule for IP address(es)

Bandwidth Limit

54

Bandwidth Limit

55

Session Limit

56

QoS

57

QoS

58

• Give Bandwidth Ratio

QoS

59

• Check QoS Status• Flexible Bandwidth Allocating

- “Others” is eligible to use more bandwidth when possible

QoS

60

Q&A

draytek seminar in greece, session 2

Technology

ap management plugn

ap ap load sharing ap

mbps traffic

ap traffic graph

accounts accounts

mbps limit

switch ap plugn

traffic traffic