In all TCP testing bandwidth is cut in half going through the hotspot gateways. To the gateway is 55mbps TCP but through it to an AP is 25mbps TCP. We are using the 450G and 750G and they both to the same thing.
If I do a UDP test it gets full speed. So is it that the 450G and 750G are not good for this job or do I just not have the units configured in the best way?
I can post config if anyone needs.
post the config please.
You have a user with 55 Mbps in your hotspot? O_O
/ip hotspot profile
set default dns-name=“” hotspot-address=0.0.0.0 html-directory=hotspot
http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=cookie,http-chap
name=default nas-port-type=wireless-802.11 radius-accounting=yes
radius-default-domain=“” radius-interim-update=received
radius-location-id=“” radius-location-name=“” radius-mac-format=
XX:XX:XX:XX:XX:XX rate-limit=“” smtp-server=0.0.0.0 split-user-domain=no
use-radius=yes
add dns-name=“” hotspot-address=10.5.50.1 html-directory=hotspot
http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=cookie,http-chap
name=hsprof1 nas-port-type=wireless-802.11 radius-accounting=yes
radius-default-domain=“” radius-interim-update=received
radius-location-id=“” radius-location-name=“” radius-mac-format=
XX:XX:XX:XX:XX:XX rate-limit=“” smtp-server=0.0.0.0 split-user-domain=no
use-radius=yes
add dns-name=“” hotspot-address=10.5.50.1 html-directory=hotspot
http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=cookie,http-chap
name=hsprof2 nas-port-type=wireless-802.11 radius-accounting=yes
radius-default-domain=“” radius-interim-update=received
radius-location-id=“” radius-location-name=“” radius-mac-format=
XX:XX:XX:XX:XX:XX rate-limit=“” smtp-server=0.0.0.0 split-user-domain=no
use-radius=yes
/ip hotspot
add address-pool=hs-pool-5 addresses-per-mac=2 disabled=no idle-timeout=5m
interface=ether5 keepalive-timeout=none name=The_Bakery profile=hsprof1
/ip hotspot user profile
set default idle-timeout=none keepalive-timeout=2m name=default shared-users=
1 status-autorefresh=1m transparent-proxy=no
add idle-timeout=none keepalive-timeout=2m name=2user shared-users=2
status-autorefresh=1m transparent-proxy=no
add idle-timeout=none keepalive-timeout=2m name=“Temp 3U” shared-users=3
status-autorefresh=1m transparent-proxy=no
/ip hotspot ip-binding
add address=10.100.138.0/24 comment=“” disabled=no type=bypassed
/ip hotspot service-port
set ftp disabled=no ports=21
/ip hotspot user
add comment=“” disabled=no name=user password=********* profile=default
/ip hotspot walled-garden
add action=allow comment=“place hotspot rules here” disabled=yes
add action=allow comment=“” disabled=no src-address=..80.5
add action=allow comment=“” disabled=no dst-host=support.skycom1.com
/ip hotspot walled-garden ip
add action=accept comment=“” disabled=no src-address=.*.*80.5
add action=accept comment=“” disabled=yes src-address=10.100.138.0/24
/interface ethernet
set 0 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=
"" disabled=no full-duplex=yes l2mtu=1524 mac-address=00:0C:42:54:E2:C9
master-port=none mtu=1500 name=ether1 speed=100Mbps
set 1 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=
"" disabled=no full-duplex=yes l2mtu=1524 mac-address=00:0C:42:54:E2:CA
master-port=none mtu=1500 name=ether2 speed=100Mbps
set 2 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=
"" disabled=no full-duplex=yes l2mtu=1524 mac-address=00:0C:42:54:E2:CB
master-port=none mtu=1500 name=ether3 speed=100Mbps
set 3 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=
"" disabled=no full-duplex=yes l2mtu=1524 mac-address=00:0C:42:54:E2:CC
master-port=none mtu=1500 name=ether4 speed=100Mbps
set 4 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=
"" disabled=no full-duplex=yes l2mtu=1524 mac-address=00:0C:42:54:E2:CD
master-port=none mtu=1500 name=ether5 speed=100Mbps
/interface ethernet switch
set switch1 mirror-source=none mirror-target=none name=switch1
switch-all-ports=yes
/interface wireless security-profiles
set default authentication-types="" eap-methods=passthrough group-ciphers=""
group-key-update=5m interim-update=0s management-protection=disabled
mode=none name=default radius-eap-accounting=no radius-mac-accounting=no
radius-mac-authentication=no radius-mac-caching=disabled
radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username
static-algo-0=none static-algo-1=none static-algo-2=none static-algo-3=
none static-sta-private-algo=none static-transmit-key=key-0
supplicant-identity=MikroTik tls-certificate=none tls-mode=
no-certificates unicast-ciphers=""
/ip hotspot profile
set default dns-name="" hotspot-address=0.0.0.0 html-directory=hotspot
http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=cookie,http-chap
name=default nas-port-type=wireless-802.11 radius-accounting=yes
radius-default-domain="" radius-interim-update=received
radius-location-id="" radius-location-name="" radius-mac-format=
XX:XX:XX:XX:XX:XX rate-limit="" smtp-server=0.0.0.0 split-user-domain=no
use-radius=yes
add dns-name="" hotspot-address=10.5.50.1 html-directory=hotspot
http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=cookie,http-chap
name=hsprof1 nas-port-type=wireless-802.11 radius-accounting=yes
radius-default-domain="" radius-interim-update=received
radius-location-id="" radius-location-name="" radius-mac-format=
XX:XX:XX:XX:XX:XX rate-limit="" smtp-server=0.0.0.0 split-user-domain=no
use-radius=yes
add dns-name="" hotspot-address=10.5.50.1 html-directory=hotspot
http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=cookie,http-chap
name=hsprof2 nas-port-type=wireless-802.11 radius-accounting=yes
radius-default-domain="" radius-interim-update=received
radius-location-id="" radius-location-name="" radius-mac-format=
XX:XX:XX:XX:XX:XX rate-limit="" smtp-server=0.0.0.0 split-user-domain=no
use-radius=yes
/ip hotspot user profile
set default idle-timeout=none keepalive-timeout=2m name=default shared-users=
1 status-autorefresh=1m transparent-proxy=no
add idle-timeout=none keepalive-timeout=2m name=2user shared-users=2
status-autorefresh=1m transparent-proxy=no
add idle-timeout=none keepalive-timeout=2m name="Temp 3U" shared-users=3
status-autorefresh=1m transparent-proxy=no
/ip ipsec proposal
set default auth-algorithms=sha1 comment="" disabled=no enc-algorithms=3des
lifetime=30m name=default pfs-group=modp1024
/ip pool
add name=hs-pool-5 ranges=10.5.50.2-10.5.50.254
/ip dhcp-server
add address-pool=hs-pool-5 authoritative=after-2sec-delay bootp-support=
static disabled=no interface=ether5 lease-time=1h name=dhcp1
/ip hotspot
add address-pool=hs-pool-5 addresses-per-mac=2 disabled=no idle-timeout=5m
interface=ether5 keepalive-timeout=none name=The_Bakery profile=hsprof1
/port
set 0 baud-rate=auto data-bits=8 flow-control=none name=serial0 parity=none
stop-bits=1
/ppp profile
set default change-tcp-mss=yes comment="" name=default only-one=default
use-compression=default use-encryption=default use-vj-compression=default
set default-encryption change-tcp-mss=yes comment="" name=default-encryption
only-one=default use-compression=default use-encryption=yes
use-vj-compression=default
/interface pptp-client
add add-default-route=no allow=mschap1,mschap2 comment="" connect-to=
...66 dial-on-demand=no disabled=no max-mru=1280 max-mtu=1280
mrru=disabled name=pptp-out1/snmp-administration password=*******
profile=default user=thebakery750g
/queue type
set default kind=pfifo name=default pfifo-limit=50
set ethernet-default kind=pfifo name=ethernet-default pfifo-limit=50
set wireless-default kind=sfq name=wireless-default sfq-allot=1514
sfq-perturb=5
set synchronous-default kind=red name=synchronous-default red-avg-packet=1000
red-burst=20 red-limit=60 red-max-threshold=50 red-min-threshold=10
set hotspot-default kind=pfifo name=hotspot-default pfifo-limit=50
set default-small kind=pfifo name=default-small pfifo-limit=10
/routing bgp instance
set default as=65530 client-to-client-reflection=yes comment="" disabled=no
ignore-as-path-len=no name=default out-filter="" redistribute-connected=
no redistribute-ospf=no redistribute-other-bgp=no redistribute-rip=no
redistribute-static=no router-id=0.0.0.0 routing-table=""
/routing ospf instance
set default comment="" disabled=no distribute-default=never in-filter=ospf-in
metric-bgp=auto metric-connected=20 metric-default=1 metric-other-ospf=
auto metric-rip=20 metric-static=20 name=default out-filter=ospf-out
redistribute-bgp=no redistribute-connected=no redistribute-other-ospf=no
redistribute-rip=no redistribute-static=no router-id=0.0.0.0
/routing ospf area
set backbone area-id=0.0.0.0 comment="" disabled=no instance=default name=
backbone type=default
/snmp
set contact=********** enabled=yes engine-boots=9 engine-id=""
location="" time-window=15 trap-sink=0.0.0.0 trap-version=
1
/snmp community
set public address=.../ authentication-protocol=MD5
encryption-protocol=DES name=public read-access=yes security=none
write-access=no
/system logging action
set memory memory-lines=100 memory-stop-on-full=no name=memory target=memory
set disk disk-file-count=2 disk-file-name=log disk-lines-per-file=100
disk-stop-on-full=no name=disk target=disk
set echo name=echo remember=yes target=echo
set remote bsd-syslog=no name=remote remote=0.0.0.0:514 src-address=0.0.0.0
syslog-facility=daemon syslog-severity=auto target=remote
/system routerboard settings
set baud-rate=115200 boot-delay=2s boot-device=nand-if-fail-then-ethernet
boot-protocol=bootp cpu-frequency=680MHz enable-jumper-reset=yes
enter-setup-on=any-key force-backup-booter=no silent-boot=no
set baud-rate=115200 boot-delay=2s boot-device=nand-if-fail-then-ethernet
boot-protocol=bootp cpu-frequency=680MHz enable-jumper-reset=yes
enter-setup-on=any-key force-backup-booter=no silent-boot=no
/user group
add comment="" name=read policy="local,telnet,ssh,reboot,read,test,winbox,pass
word,web,sniff,sensitive,!ftp,!write,!policy"
add comment="" name=write policy="local,telnet,ssh,reboot,read,write,test,winb
ox,password,web,sniff,sensitive,!ftp,!policy"
add comment="" name=full policy="local,telnet,ssh,ftp,reboot,read,write,policy
,test,winbox,password,web,sniff,sensitive"
/interface bridge settings
set use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=
no
/interface ethernet switch port
set (unknown) vlan-header=leave-as-is vlan-mode=fallback
set (unknown) vlan-header=leave-as-is vlan-mode=fallback
set (unknown) vlan-header=leave-as-is vlan-mode=fallback
set (unknown) vlan-header=leave-as-is vlan-mode=fallback
set (unknown) vlan-header=leave-as-is vlan-mode=fallback
/interface l2tp-server server
set authentication=pap,chap,mschap1,mschap2 default-profile=
default-encryption enabled=no max-mru=1460 max-mtu=1460 mrru=disabled
/interface ovpn-server server
set auth=sha1,md5 certificate=none cipher=blowfish128,aes128 default-profile=
default enabled=no keepalive-timeout=60 mac-address=FE:98:26:35:02:C9
max-mtu=1500 mode=ip netmask=24 port=1194 require-client-certificate=no
/interface pptp-server server
set authentication=mschap1,mschap2 default-profile=default-encryption
enabled=no keepalive-timeout=30 max-mru=1460 max-mtu=1460 mrru=disabled
/interface wireless align
set active-mode=yes audio-max=-20 audio-min=-100 audio-monitor=
00:00:00:00:00:00 filter-mac=00:00:00:00:00:00 frame-size=300
frames-per-second=25 receive-all=no ssid-all=no
/interface wireless sniffer
set channel-time=200ms file-limit=10 file-name="" memory-limit=10
multiple-channels=no only-headers=no receive-errors=no streaming-enabled=
no streaming-max-rate=0 streaming-server=0.0.0.0
/interface wireless snooper
set channel-time=200ms multiple-channels=yes receive-errors=no
/ip accounting
set account-local-traffic=no enabled=no threshold=256
/ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ip address
add address=10.1.3.105/24 broadcast=10.1.3.255 comment="" disabled=no
interface=ether1 network=10.1.3.0
add address=...84/32 broadcast=...84 comment="" disabled=no
interface=ether1 network=...84
add address=10.5.50.1/24 broadcast=10.5.50.255 comment="hotspot network"
disabled=no interface=ether5 network=10.5.50.0
add address=10.100.138.1/24 broadcast=10.100.138.255 comment="" disabled=no
interface=ether5 network=10.100.138.0
add address=...6/32 broadcast=...6 comment="" disabled=no
interface=ether1 network=...6
/ip dhcp-server config
set store-leases-disk=5m
/ip dhcp-server network
add address=10.5.50.0/24 comment="hotspot network" gateway=10.5.50.1
/ip dns
set allow-remote-requests=no cache-max-ttl=1w cache-size=2048KiB
max-udp-packet-size=512 servers=...8,...9
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s
tcp-close-wait-timeout=10s tcp-established-timeout=1d
tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s
tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no
tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=
"place hotspot rules here" disabled=yes
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=
"place hotspot rules here" disabled=yes
add action=src-nat chain=srcnat comment="masquerade hotspot network"
disabled=no src-address=10.5.50.0/24 to-addresses=...6
add action=src-nat chain=srcnat comment="masquerade hotspot network"
disabled=yes src-address=10.100.138.0/24 to-addresses=...84
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061
set pptp disabled=no
/ip hotspot ip-binding
add address=10.100.138.0/24 comment="" disabled=no type=bypassed
/ip hotspot service-port
set ftp disabled=no ports=21
/ip hotspot user
add comment="" disabled=no name=admin profile=default
add comment="" disabled=no name=andrew profile=default
add comment="" disabled=no name=esaunee profile=default
add comment="" disabled=yes name=nolameg profile=2user
add comment="" disabled=yes name=bt4384 profile=default
add comment="" disabled=no name=serra profile=default
add comment="" disabled=no name=bakery410 profile=default
add comment="" disabled=no name=b312 profile=default
add comment="Authorize.net only - Jerry Olaverrieta" disabled=no name=
jolavarrieta profile=2user
add comment="Authorize.net Troy Dupuis" disabled=no name=bakery316 profile=
2user
/ip hotspot walled-garden
add action=allow comment="place hotspot rules here" disabled=yes
add action=allow comment="" disabled=no src-address=...5
add action=allow comment="" disabled=no dst-host=support..com
/ip hotspot walled-garden ip
add action=accept comment="" disabled=no src-address=...5
add action=accept comment="" disabled=yes src-address=10.100.138.0/24
/ip neighbor discovery
set ether1 discover=yes
set ether2 discover=yes
set ether3 discover=yes
set ether4 discover=yes
set ether5 discover=yes
set pptp-out1/snmp-administration discover=no
/ip proxy
set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4
cache-on-disk=no enabled=no max-cache-size=none max-client-connections=
600 max-fresh-time=3d max-server-connections=600 parent-proxy=0.0.0.0
parent-proxy-port=0 port=8080 serialize-connections=no src-address=
0.0.0.0
/ip route
add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.1.3.1
pref-src=...6 scope=30 target-scope=10
/ip service
set telnet address=0.0.0.0/0 disabled=yes port=23
set ftp address=0.0.0.0/0 disabled=no port=21
set www address=0.0.0.0/0 disabled=no port=80
set ssh address=0.0.0.0/0 disabled=yes port=22
set www-ssl address=0.0.0.0/0 certificate=none disabled=yes port=443
set api address=0.0.0.0/0 disabled=yes port=8728
set winbox address=0.0.0.0/0 disabled=no port=8291
/ip socks
set connection-idle-timeout=2m enabled=no max-connections=200 port=1080
/ip traffic-flow
set active-flow-timeout=30m cache-entries=4k enabled=no
inactive-flow-timeout=15s interfaces=all
/ip upnp
set allow-disable-external-interface=yes enabled=no show-dummy-rule=yes
/mpls
set dynamic-label-range=16-1048575 propagate-ttl=yes
/mpls interface
add comment="" disabled=no interface=all mpls-mtu=1508
add comment="" disabled=no interface=all mpls-mtu=1508
/mpls ldp
set distribute-for-default-route=no enabled=no hop-limit=255 loop-detect=no
lsr-id=0.0.0.0 path-vector-limit=255 transport-address=0.0.0.0
use-explicit-null=no
/ppp aaa
set accounting=yes interim-update=0s use-radius=no
/ppp secret
add caller-id="" comment="" disabled=no limit-bytes-in=0 limit-bytes-out=0
local-address=10.1.3.105 name=james profile=default remote-address=
10.1.3.205 routes="" service=pptp
/queue interface
set ether1 queue=ethernet-default
set ether2 queue=ethernet-default
set ether3 queue=ethernet-default
set ether4 queue=ethernet-default
set ether5 queue=ethernet-default
set pptp-out1/snmp-administration queue=default
/radius
add accounting-backup=no accounting-port=1646 address=..***.5
authentication-port=1645 called-id="" comment="" disabled=no domain=""
realm="" service=hotspot timeout=300ms
/radius incoming
set accept=no port=3799
/routing bfd interface
set all comment="" disabled=no interface=all interval=0.2sec min-rx=0.2sec
multiplier=5
/routing mme
set bidirectional-timeout=2 gateway-class=none gateway-keepalive=1m
gateway-selection=no-gateway origination-interval=5s preferred-gateway=
0.0.0.0 timeout=1m ttl=50
/routing rip
set distribute-default=never garbage-timer=2m metric-bgp=1 metric-connected=1
metric-default=1 metric-ospf=1 metric-static=1 redistribute-bgp=no
redistribute-connected=no redistribute-ospf=no redistribute-static=no
routing-table=main timeout-timer=3m update-timer=30s
/store
add comment="" disabled=no disk=system name=web-proxy1 type=web-proxy
/system clock
set time-zone-name=manual
/system clock manual
set dst-delta=+00:00 dst-end="jan/01/1970 00:00:00" dst-start=
"jan/01/1970 00:00:00" time-zone=+00:00
/system console
add disabled=no port=serial0 term=vt102
add disabled=no term=vt102
/system health
set
/system identity
set name=TheBakery-HotSpot-Router
/system logging
add action=memory disabled=no prefix="" topics=info
add action=memory disabled=no prefix="" topics=error
add action=memory disabled=no prefix="" topics=warning
add action=echo disabled=no prefix="" topics=critical
add action=memory disabled=no prefix="" topics=info
add action=memory disabled=no prefix="" topics=error
add action=memory disabled=no prefix="" topics=warning
add action=echo disabled=no prefix="" topics=critical
/system note
set note="" show-at-login=yes
/system ntp client
set enabled=no mode=broadcast primary-ntp=0.0.0.0 secondary-ntp=0.0.0.0
/system upgrade mirror
set check-interval=1d enabled=no primary-server=0.0.0.0 secondary-server=
0.0.0.0 user=""
/system watchdog
set auto-send-supout=no automatic-supout=yes no-ping-delay=5m watch-address=
10.1.3.1 watchdog-timer=yes
/tool bandwidth-server
set allocate-udp-ports-from=2000 authenticate=yes enabled=yes max-sessions=
100
/tool e-mail
set from=<> password="" server=0.0.0.0:25 username=""
/tool graphing
set page-refresh=300 store-every=5min
/tool graphing interface
add allow-address=0.0.0.0/0 disabled=no interface=all store-on-disk=yes
/tool mac-server
add disabled=no interface=all
/tool mac-server ping
set enabled=yes
/tool sms
set allowed-number="" channel=0 keep-max-sms=0 receive-enabled=no
/tool sniffer
set file-limit=10 file-name="" filter-address1=0.0.0.0/0:0-65535
filter-address2=0.0.0.0/0:0-65535 filter-protocol=ip-only filter-stream=
yes interface=all memory-limit=10 memory-scroll=no only-headers=no
streaming-enabled=no streaming-server=0.0.0.0
/user aaa
set accounting=yes default-group=read interim-update=0s use-radius=no
Cn you write how is all connected and from where to where you do the speed test? I don’t see nothing strange..
router AP station HSgateway AP
rb750g=======RocketM5------------NanoM5=====rb750g===switch===rb411u--------------Laptop
A. Test from tower router to the locations hotspot router
B. Test from hotspot router to inside AP
C. Test from Laptop to inside AP
D. Test from tower router to inside AP
E. Test from tower router to laptop
The speeds may very from the nano to the rocket but they only go up in speed. And it’s always the same. If I have a location thats doing a good 75mbps on the internet feed the AP’s that are plugged in always get half the speed through the hotspot router(750G or 450G).
I have tested with my laptop connected to the switch and again plugged into the rb750g.
I have done the test with udp and it gets full speed. It’s just the tcp test that does it.
Does the speed test run fast when you disable the Hotspot?
Does it run fast when you add this temporarily:
/ip firewall nat
add chain=pre-hotspot hotspot=auto action=accept
What kind of speed test are you running? The built in one? Between what end points on a network diagram? Your ASCII drawing is confusing, can you draw a picture instead?