Hotspot public address and Routing

RouterOS General
1

I’m using the Hotspot’s feature that allows to give users public IP at the moment they log in.

Basic configuration is:

/ip pool
add name=publicRange ranges=222.22.22.1-222.22.22.254

/ip hotspot
add name=Wifi1 interface=Wifi1 profile=Wifi1
add name=Wifi2 interface=Wifi2 profile=Wifi2

/ip hotspot user profile
add name=default address-pool=publicRange

To make it work i also need to create a route like this:

/ip route
add dst-address=222.22.22.0/25 gateway=Wifi1
add dst-address=222.22.22.128/25 gateway=Wifi2

The problem is that I have a few IP to share among multiple routers and interfaces, and I don’t want to assign the routers statically because i’d be fragmenting the range and wasting public IP.

To solve fragmentation, could hotspot create a dynamic route to a client whenever it gives him a public IP (instead of having me to create the route)?
And could that route be shared with OSPF?

2

The ideal is to deliver public IP via BGP, but you can also do 1:1 NAT as a solution palliative and get a system that automates this task.

read: http://wiki.mikrotik.com/wiki/Manual:IP/Firewall/NAT#1:1_mapping

3

Can you point to some example, please?

This has disadvantage that you don’t know which user is mapped to which address, so you can’t track users.

I planned to use RADIUS and sqlippool, but when I simulated this using Framed-IP-Address in reply, I got mapping in /ip hotspot host, but it did’t work because of routes. I configured OSPF, but the route was not created in the contrary of PPPoE users where this works perfectly.

So, what is the best way to distribute public IP’s to all hotspot users (we’ve got /20 range of IP’s). Shell we just subnet and assign new IP pool to each hotspot or do something better and not waste many public IP’s.

4

The better approach would be

  1. Doing HotSPot Setup with private series of IPv4 address (eg. 10.5.50./23 . Default Pool of MT HotSpot). This would automatically create DHCP server of this Network and hosts on HotSpot interface will be assigned IP from this pool. You can observe connected/assigned address hosts in IP->>HostSpot->>Hosts. Over there it would shows something like --MAC address-- Address-- to Address. Eg. xx:xx:xx:xx:xx:xx – 10.5.50.21 – 10.5.50.21

  2. The trick here will be Radius server, wherein the users profile would be to allow login from selected pool (in your case 222.22.22.0/24). As the auth request of the user is send to the Radius (Access-Request), if validated Radius would response with Framed-IP (eg 222.22.22.23 - ie any Random IP) in Access-Accept.

  3. This would then change the “To Address - 222.22.22.23” which can be observed in like
    Eg. xx:xx:xx:xx:xx:xx – 10.5.50.21 – 222.22.22.23

In this way you’ll have Public IPs assigned only to logged in users, and hence no wastage of Public IPs.


Shiva




5

Hi,

I have the same problem, I have multi hotspot server that I wan’t give ip public to all authenticated users from share public pool IP,. I mean I don’t want to waste public IP.

If somebody know how can I do it , please help me