Page 2 of 3

Re: Guaranteed traffic for leadership?

Posted: Thu Sep 27, 2018 11:48 am
by russellhltn
lajackson wrote:
russellhltn wrote:The filtering is set at the firewall level, not the zone level.

Actually, the SP zone used for FHCs has a different filtering level than the USER zone the members use. It is the USER zone that changes when an STS changes the filtering level.

I do not know how the FAC zone filtering works.

I stand corrected.

But, unless the strictest filtering cuts down the traffic enough to allow connection, restricting just some of the traffic (the general membership) isn't going to work either. At some point you may have to start turning off APs. They can be controlled individually from TM.

Re: Guaranteed traffic for leadership?

Posted: Thu Sep 27, 2018 1:05 pm
by Mikerowaved
JamesAnderson wrote:The machines there are normally in the FHC zone, and FHCs have wifi.

FHC's don't normally have their own WiFi. If they do, they use their own consumer AP with different login credentials than the rest of the building.

Re: Guaranteed traffic for leadership?

Posted: Thu Sep 27, 2018 1:25 pm
by russellhltn
Mikerowaved wrote:FHC's don't normally have their own WiFi. If they do, they use their own consumer AP with different login credentials than the rest of the building.

Yet another variation.

Re: Guaranteed traffic for leadership?

Posted: Fri Sep 28, 2018 2:22 pm
by johnshaw
I'd love to see what use-cases this SP has that is impacting the ability to do his calling that doesn't also apply to members of the wards unable to do their callings. I don't have much sympathy to be honest. If I were this STS I'd say, well, the intention is that you download anything you need before you come to church to do your callings. It would be tongue-in-cheek but he is literally the only person that can affect the speed of internet in the meetinghouse.

Re: Guaranteed traffic for leadership?

Posted: Fri Sep 28, 2018 4:24 pm
by russellhltn
johnshaw wrote:I'd love to see what use-cases this SP has that is impacting the ability to do his calling that doesn't also apply to members of the wards unable to do their callings.

I'd imagine it has to do with LCR. We haven't heard yet what the ISP bandwidth is. Perhaps this building just shouldn't have WiFi - at least not building wide. I'm pretty close to that with my "problem child" unit running on 4G.

Re: Guaranteed traffic for leadership?

Posted: Fri Sep 28, 2018 5:13 pm
by JamesAnderson
We had bottlenecks, until we updated the cabling to the best CAT 5 stuff we could get, also reran some of that and now no spots where we get less bars or other issues causing sluggishness. Did this last year and it is as good or better than most other places that also offer free wifi, and this was before the filtering policies change.

Re: Guaranteed traffic for leadership?

Posted: Sat Oct 06, 2018 7:23 pm
by ebb9
Mikerowaved wrote:It takes FM budget money to hire the contractors, so if funds are tight it may have to be budgeted in for a future year, but this is who the stake president and/or PFR should be dealing with. I applaud your creative thinking, but there's only so much an STS can do. IMO, hard wiring all the ward offices should be the next move.

Indeed, and I've already started contacting PFR/FM group to ask about that, especially given the recent initiative to get rid of land lines where possible.

Mikerowaved wrote:BTW, who is your ISP and what kind of bandwidth are you getting?

AT&T, and speed tests are currently hitting 0.75Mbps up, and anywhere between 8 and 13 Mbps down (probably depends on whether I ran the test when something else was competing for bandwidth).

Re: Guaranteed traffic for leadership?

Posted: Sat Oct 06, 2018 7:56 pm
by ebb9
russellhltn wrote:
johnshaw wrote:I'd love to see what use-cases this SP has that is impacting the ability to do his calling that doesn't also apply to members of the wards unable to do their callings.

I'd imagine it has to do with LCR. We haven't heard yet what the ISP bandwidth is. Perhaps this building just shouldn't have WiFi - at least not building wide. I'm pretty close to that with my "problem child" unit running on 4G.


I have no idea what the ideal bandwidth is for the hammering that a typical congregation places on the system each Sunday. I am aware that I can adjust filter strictness to see if it helps. I also don't know if it is possible to request more bandwidth from AT&T; and even if it is possible, how much it would increase the stake's costs. I don't even know what rate the current contract promises, only that I have measured between 8 and 13 Mbps down.

In subsequent emails with stake leadership, I'm now seeing a slightly different picture for the SP's request - it may be more that he is unable to get a wifi connection at all, rather than a question about getting guaranteed bandwidth (and more an issue because his preferred devices have to use wifi because they don't have ports for wired). He reported that even on a Thursday night high council meeting, when there were not lots of members hitting the wifi like on Sundays, they still spent 10 minutes at the start of the meeting figuring out who could get on the wifi. Or quoting from some of the other emails:

"Can not get my computer to connect to the WiFi while sitting in the Stake Clerks office.
Next, move into the High Council Room. Boom, connects right up.
Next, move into the Stake Presidents office. Our Stake President cannot connect to the WiFi. He is forced to use his personal cell phone as a Hot Spot to access the internet."
and a reply from the FM group:
"The Church is in the process of replacing existing wireless APs with newer Meraki APs. The APs at Duncanville were recently changed, but we will need perform adjustments to take care of the issues you identified. This may take a 2-3 weeks to get back to the Duncanville building as we have 13 other buildings in process, but we will do all we can to address the issue as soon as possible."
with instructions that I shouldn't move the Merakis around myself.

And then, today while troubleshooting General Conference (our satellite reception went down, so I had to enable internet streaming as the backup), I purposefully disabled the wifi through tm.lds.org, at least all of the Meraki units listed, but even with that, I was still picking up an LDSAccess hotspot near the stake offices - so it looks like I do get to chase down a rogue AP. I was too busy today to play with a wifi analyzer on my phone to actually try and locate the rogue hotspot or map out the signal strength in various rooms when the Merakis are enabled, but trust that the FM group will eventually get it right, and that hopefully this is just a temporary problem.

Re: Guaranteed traffic for leadership?

Posted: Sat Oct 06, 2018 11:32 pm
by russellhltn
ebb9 wrote:I have measured between 8 and 13 Mbps down.

Not great, but as long as no one is trying to stream video, it's probably adequate. I'll have to check, but I think our stake center is only 10Mbps and they have up to three wards on the network at the same time.

ebb9 wrote:I'm now seeing a slightly different picture for the SP's request - it may be more that he is unable to get a wifi connection at all,

That's a horse of a different color!

Some of use have used ekahau to do a heat map of the building. (It goes a lot better if you have a floor plan to load up.)

ebb9 wrote:"The Church is in the process of replacing existing wireless APs with newer Meraki APs."

That's true. I haven't tried anything yet to see if they're any better or worse than the old Cisco APs.

ebb9 wrote: I was still picking up an LDSAccess hotspot near the stake offices - so it looks like I do get to chase down a rogue AP.

When FM changed out the APs in our stake center, I was short one. Looking around, it was there and working, just not listed in TM. So, it might not be that "rogue". Just unlisted. Unfortunately, someone will have to get the serial number to get it added to TM.

Re: Guaranteed traffic for leadership?

Posted: Sun Oct 07, 2018 7:43 am
by Biggles
russellhltn wrote:When FM changed out the APs in our stake center, I was short one. Looking around, it was there and working, just not listed in TM. So, it might not be that "rogue". Just unlisted. Unfortunately, someone will have to get the serial number to get it added to TM.

Although this is true for an MR33 that hasn’t been configured via a Church firewall. A previously configured MR33, will have the normal Church SSID visible to a device, but won’t appear in TM until the serial number is added to TM. The act of registering the MR33 causes the Church configuration to be downloaded, on a new install.