driving some large WiFi communities by Captive Portals on Mikrotik CCR show me a quite big amount
of CPU power dedicated to the DNS process. Updating from v.6.41.x to v.6.42.3 increases this issue as
one cpu core is stuck at 100% usage - and the user does not get an answer to each of his DNS requests
(It seems that the DNS server on Mikrotik is still single threaded).
Digging into the problem rises the question, why an authenticated user on the Hotspot Portal is still
redirected to the DNS server on the Mikrotik router (via port 64872/udp and 64872/tcp). Ok, I have
to ensure, that the DNS name for the captive portal is available by the recursing DNS server supplied
via DHCP - but this might be the case in several settings.
So is the following rule
Code: Select all
/ip firewall nat
add action=jump chain=dstnat hotspot=from-client,auth jump-target=hs-autha solution to bypass all redirects for an authenticated user and use a powerful, external DNS resolver?
Or is there a better solution for this? And what can be done, to optimize environments with 3000-4000
concurrent users on a Mikrotik Hotspot Portal.
Cheers
Dieter