Folks, I need some help. I am implementing a wireless network service where my clients have an option to get connected to the internet or alternatively connect to my local network to access some media stuff. I have a hotspot setup on RB450G which serve DHCP to all clients, and clients can decide to browse the net or watch movies on the local network. My setup works but I am faced with some problems which I am not able to solve.

1. All my clients are connected through the same hotspot independent of which service they want, but I have found out that anytime I limit the bandwidth of users for internet browsing, the same bandwidth limits are applied whenever they switch to use the local network. As a matter of fact, I want to be able to apply different bandwidth rules to a user when he wants to browse the net and another bandwidth rule when he switches to use the local network with same account and same hotspot. My question is what will be the best way to approach this scenario? I have read a few things about policy routing and mangled rules but don’t know how to go about them. I am very new to MK.

2. I am also faced with a problem where some times the address on the local server does not get resolved for users to get media pages, but work fine when they use IP to log on. I would want them to only log on the media server using resolved address.

I would really appreciate it if any of you experienced users can give me some clues.

http://mum.mikrotik.com/presentations/U ... xWindt.pdf

Hotspots use dynamically created simple queues. Every time a user logs in an automatic, dynamc simple queue is created that processes all traffic to and from the user's IP address. There are very few provisions for customizing that simple queue process itself.

That link shows how to use queue trees to override the simple queues normally used, including the mangle rules for packet marking, and the creation of the queue tree itself. This works based on the order in which packets are processed inside the router. Queue trees attached to global-in and global-out gets packets before simple queues do, and once a packet has been processed by that queue tree the simple queues ignore it.

In your situation you would have additional mangle rules, though there are two approaches.

In the first - simple - approach you have one set of mangle rules that marks upload and download based on the destination address and identifies traffic going to your local network. Then create queue trees as in the document that sets essentially wire speed rate limits - that way traffic to your local network is sent through that shapes traffic to - say - 1 Gbps, and thus effectively enforces no rate limit at all. All other traffic that doesn't have a destination IP on your local media network doesn't match those mangle rules, and therefore doesn't get packet mark, and falls through to your normal simple queues to be processed as usual. That would effectively exempt some traffic from being rate limited by rate limiting it to the speed possible by the media the information travels on.

Alternatively you could get more fancy and make more mangle rules that packets not destined to your local media network fall through, and mark them as well, but differently. You would then create additional queue trees that enforce Internet rate limits. Queue trees generally are more capable and - if you use PCQ - also faster than simple queues.

It's kind of hard to have an opinion on the name resolution problem with that little information. How are named resolved? WINS? Broadcast NetBIOS? DNS? If WINS or DNS, who or what is the server? How are the records entered and maintained? How do clients reach the server, and how is the server advertised to them?

Wrote it up as a wiki article with examples: http://wiki.mikrotik.com/wiki/PCQ_and_H ... rate_limit

All commands taken from memory so it may need some fixing.

Fewi, thanks a lot for the detailed information. As a newbie to networking and mikrotik most of the explanation you gave really didn’t stick. I am however taking my time to learn and understand the fundamentals of networking and mikrotik.

Now, instead of implementing all that in software, I thought I could spend a little bit more on hardware for the same implementation. However, I am getting a bit confused with respect to my layout. What I need to do is that the APs (RB411AR) will hand out IP addresses to the clients which connect to them. Depending on the address the clients type in their browsers, they are directed either to use the internet or the local server by first of all being authenticated by a hotspot. (the idea is shown in the diagram attached)

My question is that, can I just put one switch in between the APs and the hotspots or I need another router for that.

You Can ADD another Mikrotik Router that will perform all the task.

Hello everybody i got a problem..
I am using 450g and isp give me 10Mbps international bandwidth and 40Mbps local bandwidth...
I need....if guests used international bandwith go through to international bandwidth and if guests used local bandwidth go though local..ple help anybody