Syed Jahanzaib Personal Blog to Share Knowledge !

November 25, 2013

[Mikrotik Hotspot] Possible workaround for Dynamic Queue always remain above static queue

Filed under: Mikrotik Related, Uncategorized — Tags: , — Syed Jahanzaib / Pinochio~:) @ 10:37 AM

Someone asked me about hotspot related issue . The scenario was that HOTSPOT was configured with SQUID proxy server. He also had User Manager so queuing is dynamically managed by user manager in hotspot. He had simple queue to provide cache hit marked packets unlimited speed to users. The issue was that when any hotspot user user login and Hotspot/Radius creates Dynamic Queues, and it override simple queue by moving itself above the static queue, so the cache-hit queue remain useless to provide unlimited speed to cache packets dueto its lower position.

As showed in the image below . . .

Before HOTSPOT user login,


After HOTSPOT user logged in,


The workaround for this issue was to create a script that moves this static queue name “cache-hit” to 0 (top number) whenever any user login.


The scripts can be added in HOTSPOT > USERS PROFILES > SCRIPTS.
This way whenever any hotspot user login, this script will run, and it will move the cache-hit to 0 number (Top)

Ok first rename your cache hit queue to “cache-hit

Now add a script that will do actually move the cache-hit queue to top. [FOR MIKROTIK 5.X]

/system script
add name=movestatic0 policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
source=/queue simple move [find name=\cache-hit\] 0

Now we have to add this script in the HOTSPOT user profiles (in this example I have only one default profile, if you have multiple user profiles, you have to add this in all profiles either via CLI, or preferably via GUI )


/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m name=default \
on-login=/system script run movestatic0 shared-users=1 \
status-autorefresh=1m transparent-proxy=no


/queue simple move [find name="cache-hit"] [:pick [find] 0]


Now whenever any hotspot user will login , the hotspot profile will execute the script “movestatic0” that we created earlier, and it will move the cache-hit queue to TOP.

Now the results will be as showed in the images below . . .



Move queue befote this queue name ZAIB
/queue simple move [find packet-marks=”YOUTUBE”] destination=ZAIB

To specific Number
/queue simple move [find packet-marks=”YOUTUBE”] [:pick [find] 3]

Move to TOP
/queue simple move [find packet-marks=”YOUTUBE”] 0]

Syed Jahanzaib


  1. Can we see your script and queue configuration and magle mark stuff ?

    Comment by Ptk — December 6, 2013 @ 9:55 PM

    • hmm I don’t have one as I am not running any or ISP type setup🙂
      Usually Dynamic queue via Radius is enough🙂

      Comment by Syed Jahanzaib / Pinochio~:) — December 7, 2013 @ 8:52 AM

      • Today I have a Mikrotik RB450G as my hotspot and a linux with Radius & squid. I would like to pass the squid traffic to the server without be shapped by the queue & limit speed stuff. Same thing for the dns traffic.. today both are shapped by the hotspot queue (I guess).

        Another think, as you are in MIkrotik too, have you done a IPSec thru a EoIP ? cheers

        Comment by Ptk — December 7, 2013 @ 7:54 PM

      • explain further, you want to bypass CACHED packets from the queue ?
        Sorry I have no experience with IPSEC/EOIP

        Comment by Syed Jahanzaib / Pinochio~:) — December 9, 2013 @ 11:02 AM

  2. The cache-hit is going to the last in my case. but when running the same move command from console it goes to the top position.

    Comment by srijitb — August 15, 2014 @ 12:39 PM

  3. hope I’m not interrupting/disturbing you , searching this forum found that you may be such an expert with a heart big enough to help users with a challenging mikrotik issues like me

    I have walled garden ports 993,995,465 for outlook can download yahoo business email & attachments using full line speed (8 MB )without users having to logon to hotspot & it works great, but once a user login email download speed drops down to user’s limit (eg.: 512KB) & it fails many times giving error message (connection to server is interrupted) or (couldn’t download some messages )

    when i disable hotspot or kick the user out or make bindings for a PC it works great but users will use internet with unlimited speed which causes many problems

    I’ve 2 Lines ( real ADSL IPs) divided for 2 IP ranges using NAT mark routing & masquerade, hotspot , DHCP thats all
    realy appreciate any help possible😦

    Comment by Mahmoud Elbarbary — April 12, 2015 @ 7:50 PM

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Create a free website or blog at

%d bloggers like this: