Community discussions

MUM Europe 2020
 
waterb0y
just joined
Topic Author
Posts: 7
Joined: Fri Mar 14, 2014 2:52 pm

Local and remote DNS resolution for Hotspot

Tue Apr 22, 2014 10:06 pm

I'm sorry if this has been answered directly before but I can't seem to make it work. I would like to be able to provide local DNS resolution for the hotspot interface, so for example, hotspot.mysite.com, resolves to the local Hotspot interface and then all other sites get resolved by public DNS servers, such as 8.8.8.8. I checked the static DNS cache and there is an entry for my Hotspot interface, but I can't seem to find a combination that allows for what I described above.

I want this type of functionality so authenticated Hotspot users can logoff their devices and then on to another device, since I'm restricting them to one concurrent device.

Can someone let me know if I've missed something easy?

Thanks!
 
User avatar
Egate
Long time Member
Long time Member
Posts: 547
Joined: Thu May 15, 2008 10:43 am
Location: South Africa

Re: Local and remote DNS resolution for Hotspot

Wed Apr 23, 2014 12:05 am

Standard setup. Can put 8.8.8.8 in hotspot DNS. IF user enters hotspot.mysite.com he wil get log in. If he enter hotspot.mysite.com, after logged in, will have the option to log off. If chosen, he would be able to log in with another PC. Only problem is because there is written a cooky into browser, if he opens a web site on first logged in PC, it will automatically log in again using cooky, unless second PC is already logged in.
Happy days. :-)
 
User avatar
mousa1983
Frequent Visitor
Frequent Visitor
Posts: 79
Joined: Mon Apr 21, 2014 2:36 pm
Location: ilam-iran

Re: Local and remote DNS resolution for Hotspot

Wed Apr 23, 2014 11:06 pm

Hi
Did you check "Allow remote request " from /IP DNS ?
Are there any entry in DNS cache?
 
User avatar
TheWiFiGuy
Member
Member
Posts: 351
Joined: Thu Nov 24, 2011 7:26 pm
Location: UK

Re: Local and remote DNS resolution for Hotspot

Thu Apr 24, 2014 8:04 am

What you are asking for exactly is not possible, although there are workarounds.

Do you need to be able to provide users with the ability to log out, if not, once a user has logged in you can use SRC NAT rules to forward authenticated users traffic to a remote DNS server which will ease the load on the box, but you then need to use the IP address to log out as hotspot.mysite.com will no longer resolve.

The above rule shaved about 15% CPU off an RB1100 running 1,400 concurrent (active) users.

To resolve the issue fully, install your own Bind serves in a COLO, in forwarding mode with only the local hotspot.mysite.com domain on them. Keep all your hotspots on the same subscriber range (say 172.17.10.1) and add that entry to the DNS. Forward all DNS traffic to the external servers and it should then resolve all required DNS entries. Ive not tested this - ive installed 4 x Bind servers in our Colo but have yet to find the time to actually build and test the mikrotik config but cant see any reason why it wont work.
----------------------
Mikrotik Consultant.
MTCNA, MTWCE, MTCTCE, MTCRE, MTCINE
 
waterb0y
just joined
Topic Author
Posts: 7
Joined: Fri Mar 14, 2014 2:52 pm

Re: Local and remote DNS resolution for Hotspot

Thu Apr 24, 2014 3:52 pm

Yes, my goal is to provide an easy way for users to logout of their Hotspot session.

So basically RouterOS will either provide local resolving/forwarding/caching services OR it will allow DNS requests through, but not both. Is that correct? In other words, if it is just passing DNS requests through, it won't first check in the local cache?

Thanks for the Co-lo idea. I had thought of standardizing the address scheme for all of my sites to do just this.

Another idea I had was trying to replicate how another Hotspot system does this. In that system, the logged-in user just goes to 1.1.1.1 and can logoff from there. Is it possible to dest NAT the Hotspot interface to 1.1.1.1 such that when a logged-in user goes to 1.1.1.1 they get redirected to the page where they can logoff?

Thanks!

Who is online

Users browsing this forum: No registered users and 93 guests