What configuration is required to assign PPPoE queues to queue trees?
When a PPPoE session is checked against radius, radius returns:
Vendor Attribute Data
Standard User-Service Framed-User
Standard Framed-Protocol PPP
Standard Session-Timeout 86400
Mikrotik Mikrotik-Rate-Limit 384k/1024k
Standard Class IEAS480f19552214
The Mikrotik-Rate-Limit then creates a simple queue for the user.
I would like to more fairly allocate resources by placing all PPPoE queues under a parent queue, to allow for more fair sharing of bandwidth between all users.
That RADIUS parameter isn’t in the documentation or the Mikrotik dictionary I have. Is there an updated version of the dictionary available? I was not able to find it on the website or the wiki.
The closest thing I found on the Wiki was a reference to the Mikrotik dictionary being included with FreeRADIUS. I went and grabbed the latest copy of FreeRADIUS and their dictionary does NOT included “Mikrotik-Address-List”.
To add this attribute to my RADIUS server I’d need to know the Attribute ID and Attribute Type.
If I create a specific user on the router (rather than a RADIUS user) and assign that user a specific IP address, then put that IP address in the address-list then the queue trees work as expected. In addition, simply selecting an address list in the “Address List” drop down of the ppp profile also works as expected.
The disconnect seems to be in assigning the RADIUS based user to the proper address-list.
# -*- text -*-
# http://www.mikrotik.com
#
# http://www.mikrotik.com/documentation//manual_2.9/dictionary
#
# Do NOT follow their instructions and replace the dictionary
# in /etc/raddb with the one that they supply. It is NOT necessary.
#
# On top of that, the sample dictionary file they provide
# DOES NOT WORK. Do NOT use it.
#
# $Id$
#
VENDOR Mikrotik 14988
BEGIN-VENDOR Mikrotik
ATTRIBUTE Mikrotik-Recv-Limit 1 integer
ATTRIBUTE Mikrotik-Xmit-Limit 2 integer
# this attribute is unused
ATTRIBUTE Mikrotik-Group 3 string
ATTRIBUTE Mikrotik-Wireless-Forward 4 integer
ATTRIBUTE Mikrotik-Wireless-Skip-Dot1x 5 integer
ATTRIBUTE Mikrotik-Wireless-Enc-Algo 6 integer
ATTRIBUTE Mikrotik-Wireless-Enc-Key 7 string
ATTRIBUTE Mikrotik-Rate-Limit 8 string
ATTRIBUTE Mikrotik-Realm 9 string
ATTRIBUTE Mikrotik-Host-IP 10 ipaddr
ATTRIBUTE Mikrotik-Mark-Id 11 string
ATTRIBUTE Mikrotik-Advertise-URL 12 string
ATTRIBUTE Mikrotik-Advertise-Interval 13 integer
ATTRIBUTE Mikrotik-Recv-Limit-Gigawords 14 integer
ATTRIBUTE Mikrotik-Xmit-Limit-Gigawords 15 integer
# MikroTik Values
VALUE Mikrotik-Wireless-Enc-Algo No-encryption 0
VALUE Mikrotik-Wireless-Enc-Algo 40-bit-WEP 1
VALUE Mikrotik-Wireless-Enc-Algo 104-bit-WEP 2
END-VENDOR Mikrotik
I didn’t notice before now the link at the top of that file to a Mikrotik example dictionary, but alas it also does not contain the “Mikrotik-Address-List” attribute.
Thanks, I didn’t think about searching for it when the documentation didn’t have it - usually if it’s not in the documentation it can’t be found!
This is now working for me, I’ll recap for the sake of anybody who comes upon this thread in a search:
A radius reply attirbute with Mikrotik-Address-List will put the IP address that’s been allocated to the user into the correct address list. Note that you should not include a “rate-limit” attribute, as you should not double queue the traffic. My RADIUS replies look like:
Vendor Attribute Data
Standard User-Service Framed-User
Standard Framed-Protocol PPP
Standard Session-Timeout 86400
Mikrotik Mikrotik-Address-List Standard
Each pppoe session is now being assigned to the correct address list. However, I set up a test:
Two laptops are associated to a 2.4GHz-B/G AP
Each laptop connects with PPPoE and is assigned the “Standard” address list
Queueing is set up as the example above
The results are that the two PPPoE connections share the resources of the “Standard_Download” when doing an RX b-test from the laptops. That is to say, I start b-test on one laptop and it immediately RX’es 1Mbps. Then I start b-test on the 2nd laptop, and over the course of a minute or two they balance out to 500kbps each.
So now the question is - what needs to be changed in my queue tree configuration such that each member of the list would get the full 1Mbps until the parent queue reaches resource contention?
The idea is, each customer should have access to their full rate until Total_Download reaches contention, then each customer would be granted packets evenly so as to fairly share the available bandwidth.
Perhaps it is reasonable that I should explain my configuration. I have attached a PDF to this post that I got somewhere off this forum (I don’t remember where) which is from the Chicago 2008 MUM.
In this example on page 13 & 14 they show that with a PCQ-Rate of X, and a max limit of Y, each user in the class would receive X bandwidth, until the aggregate sum reaches Y, then all users would receive Y/X bandwidth. See page 14 for example.
This is not what is happening in my test configuration. After configuring my test router per the examples in this document, with PCQ-Rate=1M and max-limit=unlimited, all users combined are being limited to PCQ-Rate when the expected behavior is that each would receive PCQ-Rate. queue tree stuff.pdf (641 KB)
Everything works as anticipated if I use static/DHCP addresses, which is to say that each IP address is allowed the full PCQ rate with both the upstream and downstream applying correctly to that directions’ PCQ. What appears to be happening is that the classifier can’t distinguish src/dst for PPPoE traffic and groups all PPPoE traffic into one PCQ for both directions.