Your setup would instantly put the tenants at risk from each other since they would all be on the same lan / same subnet.
It will take a more sophisticated router/firewall to be able to track data usage per port and it will need to have policies that allow you to either cut off or restrict internet access when that port reaches the threshold.
mikrotik only seems to be able to do this per user which will be an admin nightmare to you with the constantly changing devices.
Think about the math. You have 10gig per unit per month. That is approx. .33gig per day. How many devices in the unit? Lets say 5. Now you take that .33 and divide it by 5 with results of .066gig per device per day.
The unaddressed issue is bandwidth control. You can't just let one tenant take up all the bandwidth which means you need QoS. How much bandwidth up/down does the building have?
If you want easy then put in routers instead of AP's in each unit that have quota management of the internet connection.
You would set the quota to 10gb for each with warnings at 9.5gig to give them a heads up they are about to run out.
Set each one to have its own SSID/ unique password and set the dhcp scope to a limited amount of devices like 15 with 72 hour leases
SSID = Unit 1 Subnet 192.168.1.0/24
SSID = Unit 2 Subnet 192.168.2.0/24
SSID = Unit 3 Subnet 192.168.3.0/24
The advantages of this are as follows:
1. You never have to add devices to the routers. They can do that [though you would never give them the admin password to the router] by inputting their ssid and password.
2. Quota of 10gb per month would be automatic
3. Each units lan network is secure from the other units lan networks.
These routers would connect to the central microtek which will handle the QoS per router wan mac address.
Configure QoS example:
Lets say you have a 100 down 25 up internet connection. You would configure each to have 12.5/3.125 mbps this way everyone gets a equal share of the bandwidth.
Edited by Wand3r3r, 08 November 2016 - 11:26 AM.