We are looking for ideas on how to improve our hotspot controller. How are you using the MikroTik Hotspot software?
Have you encountered lack of a specific feature?
For example, we have been suggested an idea to manage the hotspot routers with commands issued by a RADIUS server.
In this case on RouterOS default configuration would contain only minimal radius configuration. Upon power-on:
1) RouterOS itself would act as a Radius client and would send Access-Request packet to pre-configured (through DHCP?) Radius server.
2) Radius server would send Access-Accept with a configuration to apply
3) Radius server could use CoA-Request to change RouterOS configuration or reboot router.
Currently there are few problems with this
* Radius protocol by itself is not secure. Could be fixed by TLS over Radius [https://tools.ietf.org/html/rfc6614]. RouterOS now supports RADSEC.
*配置仅限于dat半径agram size, which is 4096 bytes for regular RADIUS. Could be increased to 65535 bytes by TLS over Radius as it uses TCP protocol instead of UDP [https://tools.ietf.org/html/rfc7930]
* If this feature is implemented as "RouterOS forgets all configuration on every reboot" and Radius server is not accessible upon power-on, then router does not function at all until Radius server gets online and in working condition.