Hello,
We’re using Hotspots with Freeradius for authentication and have been using freeradius successfully for several years. There doesn’t appear to be an updated dictionary file from what I can find anywhere. We’d like to setup our radius groups to allow customers to have a burst limit.
Currently we have:
Mikrotik-Rate-Limit = 512k/1024k
but want the customer to burst to 768k/1544k but want to handle this in radius.
Any help would be appreciated.
Thanks,
Lance
http://wiki.mikrotik.com/wiki/Manual:RADIUS_Client
Mikrotik-Rate-Limit - Datarate limitation for clients. Format is: rx-rate[/tx-rate] [rx-burst-rate[/tx-burst-rate] [rx-burst-threshold[/tx-burst-threshold] [rx-burst-time[/tx-burst-time] [priority] [rx-rate-min[/tx-rate-min]]]] from the point of view of the router (so “rx” is client upload, and “tx” is client download). All rates should be numbers with optional ‘k’ (1,000s) or ‘M’ (1,000,000s). If tx-rate is not specified, rx-rate is as tx-rate too. Same goes for tx-burst-rate and tx-burst-threshold and tx-burst-time. If both rx-burst-threshold and tx-burst-threshold are not specified (but burst-rate is specified), rx-rate and tx-rate is used as burst thresholds. If both rx-burst-time and tx-burst-time are not specified, 1s is used as default. Priority takes values 1..8, where 1 implies the highest priority, but 8 - the lowest. If rx-rate-min and tx-rate-min are not specified rx-rate and tx-rate values are used. The rx-rate-min and tx-rate-min values can not exceed rx-rate and tx-rate values.
[…]
Here are some Rate-Limit examples:
128k - rx-rate=128000, tx-rate=128000 (no bursts)
64k/128M - rx-rate=64000, tx-rate=128000000
64k 256k - rx/tx-rate=64000, rx/tx-burst-rate=256000, rx/tx-burst-threshold=64000, rx/tx-burst-time=1s
64k/64k 256k/256k 128k/128k 10/10 - rx/tx-rate=64000, rx/tx-burst-rate=256000, rx/tx-burst-threshold=128000, rx/tx-burst-time=10s
Hello, I’m facing a similar problem with the Burst configuration…
I can’t find the exact syntax for the burst parameters. Can anybody help me?
Thanks in advance.
P.S.: By the way, I’m using FreeRadius with daloRadius as WebGUI. Thanks again.
usage: rx/tx-rate rx/tx-burst-rate rx/tx-burst-threshold rx/tx-burst-time
radius attribute i.e.:
Mikrotik-Rate-Limit = 512k/1024k 768k/1544k 512k/1024k 25/25
Thanks for the quick response!
I’m getting an error message when I apply Mikrotik-Rate-Limit in daloRadius (Do you use daloRadius?)
This is a screenshot of the attributes form:
http://i52.tinypic.com/2ekn7mv.png
And this is the error message I’m getting:
http://i53.tinypic.com/2iqxz5f.png
Again, thank you so much.
I think this is a question to Daloradius developers, it’s a generic database problem, not related to mikrotik
It could be dictionary.mikrotik is not in the dictionary file. Check you FreeRADIUS dictionary file.
My dictionary files are in /usr/share/freeradius
Insure there is a “dictionary.mikrotik” file there.
Open the /usr/share/freeradius/dictionary file and insure it has this line:
$INCLUDE dictionary.mikrotik
While you should check this, I’m leaning to what normis said, it appears to be a limitation within daloradius.
While you should check this, I’m leaning to what normis said, it appears to be a limitation within daloradius.
FYI: If that “/dictionary.mikrotik” file is not there, or that line above is not in the “/dictionary” file, you will not be able to send any attribute that starts with “Mikrotik-”.
This is a KNOWN PROBLEM on older versions of FreeRADIUS. It has nothing to do with the GUI.
Very true, but the error he is getting is a DB/SQL error and not an actual radius error. He should be able to enter whatever attribute he wants into the database whether it be Mikrotik-Rate-Limit or I-Just-Wanted-To-Test. Now if Freeradius was giving an error about that attribute I would say it’s a dictionary issue but that isn’t the case from his screenshot he took.
That is incorrect. If you enter an attribute that is not in one of those dictionary files into the SQL database, FreeRADIUS (my versions anyway) will send Access-Reject or not send that Attribute-Value pair.
You should be able to use radtest to check. In the RADIUS server from a shell:
radtest user password 127.0.0.1 0 mysecret
It will show what your server is returning.
I’m not sure you’re looking at the actual error. At this point it’s not even in his database. SQL Syntax error means it didn’t even get entered into the table and there was a problem between the GUI & SQL
I do not know how your GUI works. I use my own custom interface to the MySQL database. And I could be way off base, and if I am, then please forgive me.
But I know there is a problem with Mikrotik attributes in early versions of FreeRADIUS. Maybe your daloradius interface runs a check before it enters that attribute-value pair in the database.
You are absolutely certain that you have
a “/usr/share/freeradius/dictionary.mikrotik” file
and this line in the “/usr/share/freeradius/dictionary” file?
$INCLUDE dictionary.mikrotik
If you do not have those, then it will not work, even if you get the attribute-value pair in the database.
Try entering the attribute “Reply-Message” with value “test”. Check the radreply table in MySQL. Is it there?
Try entering the attribute “Mikrotik-Group” with value “default”. Check the radreply table again. Is it there?
I’m just trying to help you debug this. 
This is a problem Pableus is having, I resolved all the issues I was having back in Oct of last year. I’m just giving the most direct resolution based on the facts Pableus has presented. I myself use a custom made bash script that integrates with our billing. Not knowing how his GUI, daloRadius works it’s best for him to contact them if he’s double checked all his settings/files. Once that problem is resolved if he continues to have other errors then repost here.
Check those dictionary files. daloradius searches those dictionaries. This file:
dictionaryImport.php
ADD: Just say “Yes, I have the dictionary.mikrotik file and the entry in dictionary”. Then I have no more ideas. 
I took a look at the DaloRADIUS MySQL database. I was incorrect about the dictionaries. It has its dictionary built into a MySQL radius database table named “dictionary”. There are some strange values on the “Mikrotik-Rate-Limit” entry. If anyone would like to experiment with this DaloRADIUS problem, let me know. I have a FreeRADIUS install, but I use a custom php interface and don’t want to mess that up.
The database entry specifies a “RecommendedHelper” value (mikrotikRateLimit) that I cannot find anywhere in the code. Maybe removing that value would correct the problem.
If you want to help, try a
attribute=“Mikrotik-Group” value=“default”
entry. If that works (no “RecommendedHelper” there), let me know.