Why every ISP should be deploying hAP Lite to customers

This was originally posted at:

So Mikrotik has a very cheap hAP Lite coming out.   This is a 4 port, 2.4 b/g/n router/access point which retails for $21.95. Baltic networks have pre-orders for $18.95.

Why should you deploy this little gem and how? We have found over the years routers account for more than half of the support issues. In some networks, this number is closer to 80-90%. Whether it be a substandard router, one without of date firmware, or poor placement by the customer.

Deployment of the hAP lite can be approached in one of two ways.  Both ways accomplish the same goal for the ISP. That goal is to have a device to test from that closely duplicates what the customer would see. Sure you can run tests from most modern wireless CPE, but it’s not the same as running tests m the customer side of the POE.

Many ISPs are offering a managed router service to their customers.  Some charge a nominal monthly fee, while others include it in the service.  This is a pretty straightforward thing.  The customer DMARC becomes the wireless router.  The ISP sets it up, does firmware updates, and generally takes care of it should there be issues.  The managed router can be an additional revenue stream in addition to providing a better customer experience.  Having a solid router that has been professionally set up by the ISP is a huge benefit to both the provider and the customer.  We will get into this a little later.

The second option lends itself better to a product such as an hAP lite. With the relatively cheap cost you can install one as a “modem” if the customer chooses their own router option.  The actual method of setup can vary depending on your network philosophy.  You can simply bridge all the ports together and pass the data through like a switch.  The only difference is you add a “management ip” to the bridge interface on your network. This way you can reach it.  Another popular method, especially if you are running PPPoE or other radius methods, is to make the “modem” the PPPoE client.  This removes some of the burdens from the wireless CPE onto something a little more powerful.   There are definite design considerations and cons for this setup.  We will go into those in a future article. But for now, let’s just assume the hAP is just a managed switch you can access.

So what are the benefits of adding one of these cheap devices?
-You can run pings and traceroutes from the device.  This is helpful if a customer says they can’t reach a certain web-site.
-Capacity is becoming a larger and larger issue in the connected home.  iPads, gaming consoles, TVs, and even appliances are all sharing bandwidth.  If you are managing the customer router you can see the number of connected devices and do things like Torch to see what they are doing. If a customer calls and says its slow, being able to tell them that little Billy is downloading 4 megs a second on a device called “Billy’s Xbox” can help a customer. It could also lead to an upsell.
-Wireless issues are another huge benefit.  If the customer bought their own router and stuck it in the basement and now their internet is slow you have a couple of tricks to troubleshoot without a truck roll.  If the hAP is in bridge mode simply enable the wireless, set up an SSID for the customer to test with and away you go.  This could uncover issues in the house, issues with their router, or it might even point to a problem on your side.
-Physical issues and ID10T errors can be quickly diagnosed.  If you can’t reach your device it’s either off or a cabling issue.  If you can reach the hAP and the port has errors it could be cabling or POE.

These are just a few benefits you can glean from sticking a $20 Mikrotik device on your customer side network. It becomes a troubleshooting tool, which makes it money back if it saves you a single truck roll. The implementation is not as important as having a tool closer to the customer.  There are several vendors you can order the hAP lite from.  Baltic Networks is close to me so they are my go-to.  http://www.balticnetworks.com/mikrotik-hap-lite-tc-2-4ghz-indoor-access-point-tower-case-built-in-1-5dbi-antenna.html .

This isn’t practical for business and Enterprise customers, but you should already be deploying a router that has these features anyway right?

Router Vulnerability roundup for April 2019

This content is for Patreon subscribers of the j2 blog. Please consider becoming a Patreon subscriber for as little as $1 a month. This helps to provide higher quality content, more podcasts, and other goodies on this blog.
To view this content, you must be a member of Justin Wilson's Patreon at "Access to patro..." or higher tier

What is wifi6?

Many of you may have been hearing about “Wifi6”.  Well what is it exactly? Wifi6 is a standard based on the support of 802.11ax.  So what is 802.11ax?

802.11ax is designed to operate from 1 to 7GHZ.  This means it can be used in 3GHZ as well as the possible upcoming rule changes to the 6ghz space. 802.11ax supports 1024-QAM modulation, which means higher throughput is achievable. As with many new standards, other new protocols come along with this.  WPA3’s biggest selling point is what is called forward secrecy.  We will talk about that in an upcoming post.

Look for 2.4GHZ to make a small comeback. Over the past few years 2.4ghz has become congested and many router manufacturers have pushed 5GHZ as the primary access method on home routers.  Devices like Apple iPhones will prefer 5GHZ over 2.4 due to the higher data rates with 802.11ac which operates in the 5GHZ band. With AX we will see the 2.4GHZ band being utilized in various ways. Chip makers such as Qualcomm have chips which can offer multiple streams across multiple bands at the same time.

Some other features which AX will be superior to AC in are:
Spatial Frequency Reuse.  A term called “coloring” is introduced.  Coloring allows the network to identify internal vs external transmissions. This allows neighboring devices to decide if they can transmit and if they need to adjust power to reliably do it.

Network Allocation Vector (NAV) – This is a WIMAX mechanism being applied to ax.  It is a carrier sensing mechanism designed to avoid collisions with both external and internal networks.

Target Wake Time – This allows better use of beaconing and allows the stations to utilize air time better.

These are just a few of the new things upcoming in wifi6.  If you want to read a vendor-neutral paper on this here is a good link: http://www.ni.com/en-us/innovations/white-papers/16/introduction-to-802-11ax-high-efficiency-wireless.html

As we see more and more manufacturers introduce wifi6 devices we will see devices referred to in 3 categories

  • Wi-Fi 6 to identify devices that support 802.11ax technology
  • Wi-Fi 5 to identify devices that support 802.11ac technology
  • Wi-Fi 4 to identify devices that support 802.11n technology

Look for some more upcoming posts on the new features of wifi6.