Community discussions

MikroTik App
  4. RouterOS
  5. General

Hotspot + Radius + ECMP

Post Reply
 
DarthLodis
just joined
Topic Author
Posts: 18
Joined: Sun Aug 24, 2008 12:34 am

Hotspot + Radius + ECMP

Tue Feb 03, 2009 1:55 pm

Someone can give me an idea of how can i get all this working?
i have a dedicated link and a adsl, i want that all the traffic for the radius server just out from the dedicated link, cause the radius is on another city, ive tryed mark-routing but didnt work.
In this case, its better use ECMP to load balance or anyone has another suggestion?
ah im using mkt 3.10

Well, just a simple traffic from http, out for my adsl link, doest work, or im doing all wrong, or theres something else
OBS: I know the rules are disabled, i did just to illustrate how im doing my configs.

/ ip firewall mangle
0 X chain=prerouting action=mark-routing new-routing-mark=http passthrough=yes
src-address=10.0.0.0/24 dst-port=80 protocol=tcp

/ip firewall nat
0 D chain=dstnat action=jump jump-target=hotspot hotspot=from-client

1 I chain=hotspot action=jump jump-target=pre-hotspot

2 D chain=hotspot action=redirect to-ports=64872 dst-port=53 protocol=udp

3 D chain=hotspot action=redirect to-ports=64872 dst-port=53 protocol=tcp

4 D chain=hotspot action=redirect to-ports=64873 hotspot=local-dst dst-port=80 protocol=tcp

5 D chain=hotspot action=redirect to-ports=64875 hotspot=local-dst dst-port=443 protocol=tcp

6 D chain=hotspot action=jump jump-target=hs-unauth hotspot=!auth protocol=tcp

7 D chain=hotspot action=jump jump-target=hs-auth hotspot=auth protocol=tcp

8 D chain=hs-unauth action=return dst-address=201.xxx.xxx.xxx

9 D chain=hs-unauth action=return dst-address=10.0.0.1

10 D chain=hs-unauth action=return dst-address=200.xxx.xxx.xxx

11 D chain=hs-unauth action=redirect to-ports=64874 dst-port=80 protocol=tcp

12 D chain=hs-unauth action=redirect to-ports=64874 dst-port=3128 protocol=tcp

13 D chain=hs-unauth action=redirect to-ports=64874 dst-port=8080 protocol=tcp

14 D chain=hs-unauth action=redirect to-ports=64875 dst-port=443 protocol=tcp

15 I chain=hs-unauth action=jump jump-target=hs-smtp dst-port=25 protocol=tcp

16 D chain=hs-auth action=redirect to-ports=64874 hotspot=http protocol=tcp

17 I chain=hs-auth action=jump jump-target=hs-smtp dst-port=25 protocol=tcp

18 X ;;; place hotspot rules here
chain=unused-hs-chain action=passthrough

19 ;;; masquerade hotspot network
chain=srcnat action=masquerade src-address=10.0.0.0/24

/ ip route
# DST-ADDRESS PREF-SRC GATEWAY-STATE GATEWAY DISTANCE INTERFACE
0 A S 0.0.0.0/0 reachable 200.xxx.xxx.xxx 1 bridge1
1 X S 0.0.0.0/0 192.168.254.254 1
2 ADC 10.0.0.0/24 10.0.0.1 0 AP
3 ADC 192.168.254.0/24 192.168.254.2 0 ether1
4 ADC 200.199.117.72/29 200.xxx.xxx.xxx 0 bridge1
Top
 
User avatar
sergejs
MikroTik Support
MikroTik Support
Posts: 6697
Joined: Thu Mar 31, 2005 3:33 pm
Location: Riga, Latvia
Contact:
Contact sergejs

Re: Hotspot + Radius + ECMP

Tue Feb 03, 2009 3:33 pm

I think you can use the following solution,
- route all the traffic over high speed connection;
- route RADIUS traffic over low speed connection, add mark-routing rules to chain=output for the RADIUS traffic, add route to the low speed connection with routing-mark.
Top
Post Reply
  4. RouterOS
  5. General