Established Member
Posts: 1,067
Registered: ‎04-30-2009
Kudos: 180
Solutions: 4

How to shape 2 customers connected to separate ports on a nanostation.

I have a nanostation in station mode connected to one of our access points.  It's set up as a router.  The wlan is the wan and lan0 and lan1 are set up as separate interfaces with separate subnets.  One customer connects to one ethernet port and the other one the 2nd.

When I set up the customers in ucrm and connect them to the proper interface on the nanostation under services , ucrm doesn't know how to set up shaping.  

 

I was wondering if I was missing something?  Or if it's just not possible.

Established Member
Posts: 1,067
Registered: ‎04-30-2009
Kudos: 180
Solutions: 4

Re: How to shape 2 customers connected to separate ports on a nanostation.

Bump

Ubiquiti Employee
Posts: 3,923
Registered: ‎12-10-2015
Kudos: 1380
Solutions: 299

Re: How to shape 2 customers connected to separate ports on a nanostation.

Hi @popcorrin currently we don't support this kind of shaping. The recommended shaping is on the gateway router. Besides, more ucrm's features won't work properly unless all your clients have unique IPs (e.g. for netflow or suspension), in other words, the only NAT you use in your network should be the NAT on your gateway router.
Established Member
Posts: 1,067
Registered: ‎04-30-2009
Kudos: 180
Solutions: 4

Re: How to shape 2 customers connected to separate ports on a nanostation.


@UBNT-Petr wrote:
Hi @popcorrin currently we don't support this kind of shaping. The recommended shaping is on the gateway router. Besides, more ucrm's features won't work properly unless all your clients have unique IPs (e.g. for netflow or suspension), in other words, the only NAT you use in your network should be the NAT on your gateway router.

Bridging our radios opens up issues that we don't want to be susceptible to.  Also, a bunch of queues on our gateway router become cpu intensive and we would rather our network is running as smooth as possible.  Don't want to induce any unnecessary bottlenecks.

Established Member
Posts: 994
Registered: ‎07-23-2015
Kudos: 536
Solutions: 55

Re: How to shape 2 customers connected to separate ports on a nanostation.

[ Edited ]

@popcorrin, this is true regarding queues and I also do not suggest moving shaping to the Edgerouter. However, a bridged network is much more transparent to the customer and reduces the overhead associated with double-NAT. I would suggest moving to a deployment model where you leverage a dedicated service device (wireless station) per customer. This way there is a one to one mapping of service to hardware device and your suspension/rate-limiting/etc. features can follow that hardware device.

Please don't forget to kudo helpful posts and mark accepted solutions accordingly!
jcm.me - Personal Site | Joyn.Tech - Consulting Site

Add Auto-Provisioning Support to UNMS
Add DAI/IP Source Guard to Edgeswitches
Established Member
Posts: 1,067
Registered: ‎04-30-2009
Kudos: 180
Solutions: 4

Re: How to shape 2 customers connected to separate ports on a nanostation.

[ Edited ]

@Joyn wrote:

@popcorrin, this is true regarding queues and I also do not suggest moving shaping to the Edgerouter. However, a bridged network is much more transparent to the customer and reduces the overhead associated with double-NAT. I would suggest moving to a deployment model where you leverage a dedicated service device (wireless station) per customer. This way there is a one to one mapping of service to hardware device and your suspension/rate-limiting/etc. features can follow that hardware device.


I'm not 100% following what you are suggesting but it sounds like it could be similar to what we are doing now.  Typically we keep our cpe in router mode and our routers in bridge mode so that leaves only a single nat firewall. Or if they have their own router then we put it in the dmz.  Works well for us.  

We don't have issues mapping service to hardware devices for the most part.  This particular scenario I brought up in this thread is a unique instance that I was hoping there was a solution for.  Doesn't sound like there is so we will have to handle these manually.  Which we were already doing before ucrm.

Established Member
Posts: 994
Registered: ‎07-23-2015
Kudos: 536
Solutions: 55

Re: How to shape 2 customers connected to separate ports on a nanostation.

[ Edited ]

How is that transparent to the customer? DMZ is just another type of NAT. My suggestion is to put each CPE in bridge mode giving the customer a layer 2 handoff. This way the customer always has an IP directly connected to the upstream Edgerouter -- reducing the need to change settings in the CPE case by case for every customer. The customer has full control of their equipment/network and no business needing to worry about the CPE.

Why do you need to configure these particular customers manually outside of UCRM as opposed to giving each customer a dedicated AirOS device and keeping everything in one UCRM pane of glass?

Please don't forget to kudo helpful posts and mark accepted solutions accordingly!
jcm.me - Personal Site | Joyn.Tech - Consulting Site

Add Auto-Provisioning Support to UNMS
Add DAI/IP Source Guard to Edgeswitches
Established Member
Posts: 1,067
Registered: ‎04-30-2009
Kudos: 180
Solutions: 4

Re: How to shape 2 customers connected to separate ports on a nanostation.

Let's put it this way, there is positive and negatives to all the different methods of connecting the client.  There is no perfect way. We've settled on the way we do it and it works well for us.  Wasn't really looking on doing it differently.  If ucrm can't shape the cpes with 2 ports then we'll deal with it.

Ubiquiti Employee
Posts: 3,923
Registered: ‎12-10-2015
Kudos: 1380
Solutions: 299

Re: How to shape 2 customers connected to separate ports on a nanostation.

Understand, the shaping on CPE is not enabled in the current UNMS, we will start with shaping on ER, but the development continues and I think we could support also the CPE shaping or some kind of split shaping in the future. Besides, don't forget, there is always a way to implement any kind of custom shaping on any device using the UCRM/UNMS API or UCRM Plugins.
Veteran Member
Posts: 5,965
Registered: ‎07-03-2008
Kudos: 1888
Solutions: 140

Split Shaping


@UBNT-Petr wrote:
I think we could support also the CPE shaping or some kind of split shaping in the future.

Split shaping would be very useful, as it works far better than two-way shaping at one end of a wireless link.

Highlighted
Emerging Member
Posts: 57
Registered: ‎08-29-2017
Kudos: 5

Re: How to shape 2 customers connected to separate ports on a nanostation.

Maybe I'm missing something, but we do something very similar all the time.  We don't share a radio with two drops, but we use them as a relay to another customer.  We rate limit to the wired customer and then uncapped to the other port, which feeds our backhaul.  

 

It unfortunately doesn't work through UCRM, but you can manually rate limit each port...  on the NanoStation, go to Network and set Configuration mode to Advanced. Scroll down to Traffic Shaping and set Ingress to the upload speed you want and Egress to the download speed you want in Kbps.  You can also set burst KB on each direction.  Set this on the LAN port that is for each customer.

 

Hope this helps!