Community discussions

MikroTik App
 
sathishsa
Member Candidate
Member Candidate
Topic Author
Posts: 113
Joined: Fri Sep 04, 2009 12:08 am

Transperent Proxy with Hotspot enabled Help

Fri Nov 06, 2009 8:16 pm

Hi,

first of all i appreaciate the professionals who are giving nice support to the co-users of the mikrotik,

My network is maintained by Mikrotik Hotspot , and all the users are enjoying my services to give lot more acceleration speed to webpages i would like to have the transperent proxy, i know how to config it and all

Some of my users are bypassed through Ipbindings in Hotspot,

My question is iam restricting the Internet access to my clients @ 256Kbps, if i enable and configured the transperent proxy the chached webpages will come faster than before , tht means i need the web page content coming from my proxy should not limit @ 256Kbps, is the way the mikrotik works or it will restrict as per the queue specified in the hotspot profile ?


Please help me in getting out of this dialama


Thanks,
Sathsih
 
fewi
Forum Guru
Forum Guru
Posts: 7717
Joined: Tue Aug 11, 2009 3:19 am

Re: Transperent Proxy with Hotspot enabled Help

Fri Nov 06, 2009 9:26 pm

It does rate limit the traffic from the proxy. Unless I'm thinking about this wrong, it should and overriding it is a bad idea.

Consider a client requesting a page that isn't yet in the proxy. The proxy has to fetch it for the client instead of being able to serve it up from cache, but the traffic flow is exactly the same in both scenarios: client makes web request, web request gets redirected to proxy, proxy "does stuff", proxy sends traffic back to the client. So if you override proxy to client traffic and give it a higher rate limit, the client effectively gets the higher rate limit for everything that goes through the proxy since there's no way to distinguish between "from cache" traffic and "fetched from web and now in cache" traffic.

But if you really wanted to you could override with queue trees - global-out gets hit before simple queues.

First, mark the packets from router to client. This assumes the client is behind a router interface called 'hotspot1':
/ip firewall mangle
add action=mark-packet chain=postrouting comment="" disabled=no new-packet-mark=from-proxy out-interface=hotspot1 passthrough=yes src-address-type=local
Then create a queue for this traffic that grants 100mbps each way:
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=100M name=from-proxy packet-mark=from-proxy parent=global-out priority=8 queue=default
 
sathishsa
Member Candidate
Member Candidate
Topic Author
Posts: 113
Joined: Fri Sep 04, 2009 12:08 am

Re: Transperent Proxy with Hotspot enabled Help

Sat Nov 07, 2009 10:02 am

Hi fewi , iam very thankfull for the nice reply, i need some clear instructions please help me , i will explain the senario even clear

My router consists of 2 ethernet cards 1 for wan and the other for hotspot which serves internet to my clients

I need Transperent proxy with cache of the http webpages only

My requirements are All my clents should get webpages too fast tht means port 80 should come without any restriction(it may be from chache if available, or if not available it may be from internet) I need full bandwidth pipe to be served to my clients only for website browsing, but downloading otherfiles and torrents etc should be restricted as specified in the Queue or hotspot profiles

And also please consider whether the above seneario works , i doubt if the client had specifed the port80 in the torrent client ex: bittorrent this will be danger for me tht he gains full pipe access ?

Lot more thanks

Sathish
 
Abdock
Member Candidate
Member Candidate
Posts: 261
Joined: Sun Sep 25, 2005 10:50 pm

Re: Transperent Proxy with Hotspot enabled Help

Sat Nov 07, 2009 2:32 pm

this might not be a complete reply, but when i was searching for the similar solution there was a way to achieve this, u need to patch the cache server, so the cached packets gets marked, and then put a rule in mikrotik to mark and fetch these packets at full speed.

i will see if i can get some details, but you cna try and serch the forum and it should give you some pointers.

Rgds,
 
User avatar
dunga
Member Candidate
Member Candidate
Posts: 254
Joined: Fri Jan 23, 2009 9:51 am
Location: Nigeria

Re: Transperent Proxy with Hotspot enabled Help

Tue Nov 10, 2009 12:01 pm

I am in need of this settings, having Hotspot and Transparent proxy on the same MT router.
It does rate limit the traffic from the proxy. Unless I'm thinking about this wrong, it should and overriding it is a bad idea.

Consider a client requesting a page that isn't yet in the proxy. The proxy has to fetch it for the client instead of being able to serve it up from cache, but the traffic flow is exactly the same in both scenarios: client makes web request, web request gets redirected to proxy, proxy "does stuff", proxy sends traffic back to the client. So if you override proxy to client traffic and give it a higher rate limit, the client effectively gets the higher rate limit for everything that goes through the proxy since there's no way to distinguish between "from cache" traffic and "fetched from web and now in cache" traffic.

But if you really wanted to you could override with queue trees - global-out gets hit before simple queues.

First, mark the packets from router to client. This assumes the client is behind a router interface called 'hotspot1':
/ip firewall mangle
add action=mark-packet chain=postrouting comment="" disabled=no new-packet-mark=from-proxy out-interface=hotspot1 passthrough=yes src-address-type=local
Then create a queue for this traffic that grants 100mbps each way:
/queue tree
add burst-limit=0 burst-threshold=0 burst-time=0s disabled=no limit-at=0 max-limit=100M name=from-proxy packet-mark=from-proxy parent=global-out priority=8 queue=default
Fewi, can u help me with settings on how to achive the above settings because, faster browsing are the good marketing strategies to achieving a very good quality of service for me. i have my Mt router in a PC, with 3 network cards, 1 - wan, others - hotspot and other lan users.

Thanks and hoping to get the configurations setup to achieve it.
 
fewi
Forum Guru
Forum Guru
Posts: 7717
Joined: Tue Aug 11, 2009 3:19 am

Re: Transperent Proxy with Hotspot enabled Help

Tue Nov 10, 2009 4:32 pm

That post contained detailed instructions on how to circumvent all traffic sourced from the router to the hotspot client - which includes the proxy - from having the hotspot bandwidth limit applied to it. Unless you have a specific question I'm afraid all I can do is invite you to read the post you quoted.
 
sathishsa
Member Candidate
Member Candidate
Topic Author
Posts: 113
Joined: Fri Sep 04, 2009 12:08 am

Re: Transperent Proxy with Hotspot enabled Help

Tue Nov 10, 2009 7:46 pm

Please guys iam searching and searching for the solution , please support me to search from your side too,
Because to utilise the cache acceleration my question arisses, if we can restrict bandwidth to the content comin from internet and full pipe access to the cache contents will give the excellent service to the clietns will help lot more in this forum


get me the ies if there is any possiblity if i use another mikrotik in the middle of the present mikrotik and clients


expecting some intresting replys

thanks,
sathishh
 
fewi
Forum Guru
Forum Guru
Posts: 7717
Joined: Tue Aug 11, 2009 3:19 am

Re: Transperent Proxy with Hotspot enabled Help

Fri Nov 13, 2009 7:54 pm

See http://forum.mikrotik.com/viewtopic.php?f=13&t=36565, 'skillful' had a very neat trick to match just cached packets.

Who is online

Users browsing this forum: No registered users and 22 guests