At a glance | |
---|---|
Product | Linksys Linksys AP Clustering () |
Summary | Clustering capability for Linksys business series access points |
Pros | • Easy to configure • Good online help |
Cons | • Does not load balance • Does not support fast roaming • Limited multi-site admin options |
Typical Price: $250 Buy From Amazon
Introduction
Linksys launched its line of 802.11ac Access Points in 2014. Their flagship model, the LAPAC1750PRO [reviewed], included a clustering feature that allows one Access Point (AP) to act as a controller for other Linksys APs.
In March of 2016, Linksys extended this clustering feature to all its 802.11ac small business APs, which includes the LAPAC1750PRO, LAPAC1750, and LAPAC1200. Clustering is scheduled to be available on Linksys’ 802.11n small business APs, which include the LAPN600 and LAPN300, later in summer 2016.
This review will take a closer look at Linksys’ AP clustering feature.
LAPAC1200
Linksys sent three LAPAC1200s for our review, which were installed in various areas of a two story building. This AC1200 class AP has internal antennas and is housed in a white hexagonally shaped plastic case measuring approximately 9.5″ across by 1.7″ high. The size seems a bit larger than similar APs I’ve tested from other vendors, yet is still manageable. The LAPAC1200 includes mounting hardware, AC power adapter, installation disk and an Ethernet cable.
Here’s a quick summary of the AP’s features
|
|
Installation was basically plug and play. The LAPAC1200 supports Power over Ethernet (PoE), so I powered one of the APs off a ZyXEL GS1100-8HP PoE switch and the other two via their AC power adapters. All three leased an IP address from my router and I was able to connect to the configuration web GUI on each one. There is a single LED on the AP. When the LED is green, the AP is up and running. When the LED is blue, the AP has at least one wireless device connected.
Configuration
I was able to access the LAPAC1200 via Chrome, Firefox, and Microsoft Edge from a Windows 10 PC, as well as via Safari from an iPhone. There is no remote management tool or cloud based portal for the LAPAC1200. Thus, your PC, handheld, or tablet either needs to be on the AP’s LAN, have routed access to the AP’s LAN, or have VPN access to the AP’s LAN to manage the LAPAC1200.
I logged into each device with the default user name and password and factory reset each one to ensure I was starting out with a clean slate. The LAPAC1200 menu is responsive, with a similar intuitive layout and feel as the Linksys LRT214 and LRT224 small business routers previously reviewed. I like how you don’t have to open a manual to configure a Linksys small business device. Clicking help while anywhere in the Linksys configuration menu brings up useful information on that configuration option in a separate window. The screenshot shows the help menu for the clustering option.
Linksys Help Menu
Linksys also has an Initial Setup Wizard to simplify setup for standalone APs. The Wizard will walk you through setting up the admin password, time and network settings, plus wireless SSIDs and security.
Clustering
With Linksys AP clustering, you have the ability to control up to 16 APs from a single AP. In a Linksys AP cluster, one AP serves as a master, the other APs take configuration updates from the master. The AP serving as master continues to function as an AP. One of the slave APs can also serve as a backup master in case the master fails.
Wireless (mode, SSID, security, rogue AP, scheduler, connection control, advanced, and captive portal), network (rate limit, QoS, Ethernet port, and VLAN), security (user accounts and management access), and management (time, log, discovery, and IGMP) settings on multiple APs can all be configured through the master. Another bonus, there are no license fees to use the clustering feature!
Enabling clustering takes just a few clicks on each AP. Linksys has a nice step by step here. After defaulting all three APs, I set one of the three APs to master and the other two to slave. My three APs automatically found each other and formed a cluster, as shown below. Note, all APs in a cluster must be the same model, and on the same layer 2 broadcast domain, which means they are all on the same default VLAN and IP subnet. This means clustering is limited to APs on the same LAN. (I’ll discuss VLANs toward the end of this review.)
Linksys Clustering
To test Linksys clustering, I configured the 2.4 GHz and 5 GHz radios on the master AP with an SSID (up to 8 SSIDs can be created per radio), set security to WPA2-Personal (WEP, WPA, Enterprise, and RADIUS also supported) and input a passkey. I saw that my wireless configurations were propagated to the slave APs within seconds.
The Linksys wireless menus on each AP allow you to configure SSIDs, as well as other wireless settings, such as setting auto-channel (default) or a statically setting a specific channel. I set my SSID and wireless security settings on the master AP to be propagated to the slave APs, and otherwise left the channel settings on each AP at default.
The cluster menu also has a Channel Management option. The cluster channel management option is designed to reduce channel interference between devices in a cluster, as well as with devices outside the cluster. This is disabled by default, so I enabled it. However, wireless transmit power is controlled individually on each AP, not as part of the cluster channel management option. As you can see in the below screenshot, my cluster of three APs, all physically within Wi-Fi range of each other, are on different 2.4 GHz and 5 GHz channels, effectively allowing for maximum use of Wi-Fi bandwidth.
Channel Management
Other key features of Linksys AP clustering are the ability to see the status/health of all APs in the cluster, view all connected wireless users (Linksys AP clustering is targeted at deployments with 10-100 wireless users), as well as deploy a captive portal (discussed below) for Wi-Fi security.
Linksys AP clustering does not support load balancing (distributing clients among APs) or fast / seamless roaming between APs. In my mind, load balancing may be less needed for a small network, but seamless roaming is a desirable feature in a multi-AP environment.
Captive Portal
Another key feature included in the Linksys small business APs is the captive portal feature. With a captive portal, guest Wi-Fi access can be managed with various authentication methods (no authentication, password only authentication, local user name and password authentication, and RADIUS user name and password authentication) through a customizable web page. In addition, Linksys’ captive portal provides tools to control guest Wi-Fi users network utilization.
Linksys has a nice how-to for captive portal setup, which I followed to set up a captive portal on the master AP with a customized web page and local user name/password authentication. My configurations were propagated to the slave APs, allowing guest Wi-Fi access throughout the coverage area of all three APs. Below is a screenshot of my test captive portal, prompting guest Wi-Fi users to authenticate with a user name and password, which I configured in the master AP.
Linksys Captive Portal
The captive portal menu on the master AP has a client information page that shows a list of guest Wi-Fi clients. An additional captive portal tool allows limiting guest Wi-Fi users’ connection time from 0-24 hours. Connection controls, which I’ll cover next, allow you to further limit guest Wi-Fi access by applying schedules, QoS and rate limit settings to the guest SSID.
Connection Control
Each SSID on the LAPAC1200 can have several controls applied to manage Wi-Fi activity, including a scheduler, rate limiting and QoS. The scheduling tool allows you to create up to 16 different schedule profiles, each with up to four different time rules (based on day of week, weekdays, or weekends, as well as start and stop time of day) to enable/disable an SSID. In the below configuration, I created a schedule called “testschedule” that enables Wi-Fi from 8 a.m. to 8 p.m. Monday through Friday and 10 a.m – 5 p.m on Saturday and Sunday, as shown below.
Scheduling Options
A rate limit can also be applied, controlling bandwidth utilization by SSID. I ran a test where I did a speed test on my guest SSID before and after applying a rate limit. Before I applied the rate limit, my upload and download speed on the guest SSID (about 30′ from the AP) were about 3 Mbps up and 8 Mbps down. After I applied a rate limit of 1 Mbps on both upload and download to my guest SSID, my speed on the guest SSID was about 1 Mbps up and down as shown below.
Rate Limiting
802.1p QoS markings can be applied per SSID to allow for packet prioritization in your network switches or routers. Wi-Fi Multimedia (WMM) support, which applies voice (highest), video, best effort, and background (lowest) priorities, is enabled by default on each SSID, but can be disabled. Note, WMM requires the wireless client also supports WMM.
Wireless
Up to 8 SSIDs can be configured on both the 2.4 GHz and 5 GHz radios. The 2.4 GHz radio can be set to G-Only, N-Only, B/G-Mixed, or B/G/N-Mixed (default). The 5 GHz radio can be set to N/A-Mixed, N-Only, AC-Only, or A/N/AC-Mixed (default). Both radios can be set to a specific channel or to auto channel (default).
The advanced settings menu on the LAPAC1200 allows for enabling isolation between SSIDs (blocking connectivity between SSIDs) and band steering (directing clients to 5 GHz if the client supports 5 GHz); and setting channel bandwidth (20 MHz and 20/40MHz on the 2.4 GHz radio, 20/40/80MHz, 20/40 MHz, and 20 MHz on the 5 GHz radio.) Additional advanced wireless settings include guard interval, CTS protection mode, beacon interval, DTIM interval, RTS threshold, fragmentation threshold, and output power on both the 2.4 GHz and 5 GHz radios. Below is screenshot of the wireless advanced settings menu.
Wireless Advanced Settings
Band steering is a useful option as it pushes 802.11a and 802.11ac clients to the 5 GHz band, maximizing wireless bandwidth. After enabling band steering on the LAPAC1200 cluster, I noticed my laptop which supports 802.11a/b/g/n, switched from the 2.4GHz radio to the 5 GHz radio as expected.
The LAPAC1200 allows for up to 8 SSIDs per radio for a total of 16 SSIDs. Creating an SSID template, referred to as a WLAN Group by other vendors, is not an option.
A useful feature on the LAPAC1200 for scanning neighboring wireless networks is Rogue AP Detection. When enabled on each radio, the LAPAC1200 will display all SSIDs, including SSIDs broadcast by other members of its own cluster. When Rogue AP Detection is enabled, the LAPAC1200 runs a scan to detect other SSIDs. Additional scans must be triggered by clicking the Refresh button on the Rogue AP Detection menu. Linksys reports that Rogue AP scans run without impacting current client connections.
By default, all detected SSIDs are listed as untrusted. You can manually select an SSID as trusted. Marking an SSID as trusted or untrusted is simply a label. The below screenshot shows detected SSIDs on the 5 GHz radio. The SSIDs at the bottom, MDC10, are the SSIDs broadcast by the other LAPAC1200 in the cluster, which I marked as trusted.
Rogue APs
The LAPAC1200 also supports WDS (wireless distribution system) and Workgroup Bridge modes. Neither mode is supported in a cluster configuration. WDS mode allows you to expand a wireless network by linking APs wirelessly instead of connecting them to Ethernet cables. WDS mode is useful to extend a wireless network to areas where you don’t have wired Ethernet cables. Workgroup Bridge mode allows you to use APs to form a wireless bridge between two wired networks. This is a useful solution when trying to connect two networks without running an Ethernet cable between them.
Networking
IPv4 and IPv6 addresses can be dynamically or statically assigned to the LAN interface. The LAPAC1750Pro has two Gigabit ports, allowing for creation of a LAG (Link Aggregation Group ) for additional bandwidth to the wired network. The LAPAC1750 and LAPAC1200 have only one Gigabit Ethernet port.
While the term 802.1q is not mentioned in the Linksys manual or spec sheets, it appears the LAPAC1200 supports 802.1q VLAN tagging. VLAN configuration options are to enable VLAN tagging and specify the untagged and management VLAN, show below.
VLAN Configs
Once VLAN functionality is enabled, the next step is to assign specific SSIDs to VLAN IDs. With the LAPAC1200 connected to an 802.1q enabled trunk supporting the assigned VLANs, traffic from an SSID will be tagged with its corresponding VLAN ID, except SSID traffic assigned to the untagged VLAN. The end result is wireless traffic can be separated not only by SSID, but by VLAN.
Analytics
The Client Sessions option in the cluster menu lists the wireless clients connected to each AP and SSID. Online time, link rate, signal level, bytes transmitted and received, and transmit and receive rate are shown. The screenshot below displays wireless users connected to my test AP cluster, showing the IP, location and SSID of the AP, the MAC address of each user and network statistics.
Wireless Client View
To see what is going on in each AP’s radio, you need to go the wireless client option in the system status menu on each individual AP. The system status menu on each AP also provides a statistics display, showing total packet counts, bytes, dropped packets and bytes, and errors by radio and SSID, as shown below.
Statistics
This arrangement isn’t ideal. It would be better if misbehaving APs with high amounts of retries or dropped packets were visible from the master AP and settable alarms / alerts would be even better.
System log messages can be viewed on the AP or downloaded for more detailed analysis. The LAPAC1200 can also be configured to send log messages as email alerts, and support SNMP. Log messages can be enabled by type: Unauthorized Login Attempt, Authorized Login, System Error Messages, and Configuration Changes.
Log and Email Settings
Log messages will be emailed to the configured email address based on the Log Queue Length (default = 20) and the Log Time Threshold (default 600 seconds) values selected in the Email Alert settings. The screenshots show my email and log alert settings, as well as an email alert sent on an Authorized Login.
Email Alert
The Diagnostics menu has a simple ping tool and a packet capture tool. With the packet capture tool, traffic going in and out the Ethernet port, a specific wireless radio, or a specific SSID can be analyzed. By enabling the packet capture feature, shown in the screenshot below, a .pcap file is saved to your hard drive allowing you to analyze packet flows via Wireshark from your PC.
Packet Capture Options
Closing Thoughts
Linksys’ approach to AP controllers is interesting compared to several other solutions I’ve reviewed. Linksys’ clustering allows one AP to act as a controller for up to 16 APs. The Linksys AP acting as controller can also serve as an AP. Ubiquiti’s UniFi solution provides a free PC based application that can control one to “thousands” of UniFi APs. Edimax’s NMS is a similar solution to Linksys, where a single AP can act as a controller for up to 8 Edimax APs. The Edimax AP serving as a controller can also function as an AP.
The below table summarizes Linksys Clustering, Ubiquiti UniFi, and Edimax NMS controller features
Feature | Linksys | Ubiquiti | Edimax | Note |
---|---|---|---|---|
Guest Portal | Y | Y | N | 1 |
Seamless Roaming | N | Y | Y | |
Remote Management | N | Y | N | 2 |
Channel Management | Y | N | Y | 3 |
Rogue AP | Y | Y | Y | |
Power Management | N | N | Y | 4 |
Max APs | 16 | “thousands” | 8 | |
Email Alerts | Y | Y | Y | |
Analytics | Y | Y | Y | |
Band Steering | Y | Y | N | |
WLAN Groups | N | Y | Y | |
Connection Controls | Y | Y | Y | 5 |
Summary Table
Notes
1) Edimax does offer a Guest Portal feature with their appliance based NMS, but not with the built-in NMS.
2) Linksys and Edimax APs must be on the same LAN as the controller, so remote management is not part of the controller. But remote management is possible using a VPN solution.
3) All the APs in this table have Channel Management features, but only the Linksys and Edimax have Channel Management features within their controller solutions.
4) All the APs in this table have wireless Power Management features, but only the Edimax has Power Management features in their controller solution.
5) Connection controls in this table references features such as rate and bandwidth limiting, QoS, and wireless scheduling.
From a network scalability standpoint, Ubiquiti’s UniFi has a big advantage. The UniFi solution can support and manage significantly more APs at multiple sites. For a smaller deployment with localized control, which is the target market for Linksys, I think Linksys has an advantage over Edimax with support for 16 vs. 8 APs and its more responsive configuration menus. From a cost standpoint, Ubiquiti has lower cost 3×3 and 2×2 802.11ac APs than Linksys and Edimax.
Managing multiple sites with Linksys APs is still quite manageable if the APs are behind Linksys LRT2x4 routers which support an easy to use OpenVPN solution. But Linksys gets a "N" in the table above because easy remote management isn’t really built into the product.
Taking it all into account, my overall impression of the Linksys’ AP clustering solution is positive. I find Linksys configuration menus intuitive and easy to use. The LAPAC1200 performance in my small network was stable and consistent. In my mind, lower priced Linksys APs would be a clear winner for Linksys’ small network target markets.