Community discussions

MikroTik App
 
Tschoo
just joined
Topic Author
Posts: 2
Joined: Mon Aug 19, 2013 3:04 pm

Second gateway,...

Mon Aug 19, 2013 5:29 pm

Hello all,

I'll try to describe my problem as best as possible and I hope someone can guide me to the right path / solution.
We use MikroTik RouterOS 5.6.

Our network consists with an interface setup as this :

R BRIDGE LAN
R ether 1 WAN
R ether 2 MAIL
R ether 3 LAN
ether 4 LAN
ether 5 LAN

gateway : 192.168.0.64
network: 192.168.0.0/24
DHCP : no
Bridged : yes

We have connected a new subnet to the exsting network with a firewall/router(dedicated linux based server)
network :172.16.0.0/24
The network uses IP 192.168.0.150 that acts like a gateway for the given network and it's on the same subnet and interface (eth3) as the primary network.

Now what I want to achive is that both networks can communicate with each other.
I have tried with adding routes :

ip route add dst-address=0.0.0.0/0 gateway="Bridge LAN" pref-src=192.168.0.150
ip route add dst-address=172.16.0.0/24 gateway="Bridge LAN" pref-src=192.168.0.150
and
ip route add gateway=192.168.0.150 dst-address=172.16.0.0/24
but no luck.

When I try to ping, I get a response, but when I try to access it via internet browser,
I just get redirected to the default router(192.168.0.64).

If I manualy change the gateway, from 192.168.0.64 to 192.168.0.150 on a workstation, connected to the primary network,
I can access the web server that is running on the newly connected subnet and that is what I want to achive
with MT router beeing as a default gateway with some kind of mangle config?

I did some reading, but I all I found was that you can have only 1 default route and if I need to somehow change that ,
I need to add some kind of mangle rule and packet marking?


EDIT 1:

I have managed to solve the correct routing with the following comand

/ip firewall mangle add chain=prerouting src-address=192.168.0.150 dst-address=172.16.0.0/24 action=mark-routing new-routing-mark=ind_net
/ip route add gateway=192.168.0.150 routing-mark=ind_net


Now the clients form 192.168.0.0/24 network can access the web/application server.

But, when I try to ping / ip scan the 172.16.0.0/24 subnet from MT router, I only get timeouts / 0 hosts , is this normal behaviour?

I thank you in advance,
Co
 
tws101
Member Candidate
Member Candidate
Posts: 283
Joined: Thu Sep 08, 2011 11:25 pm

Re: Second gateway,...

Tue Aug 20, 2013 5:30 pm

Just to note the way to do this with routes only would have been

ip route add dst-address=172.16.0.0/24 gateway="192.168.0.150" (You may need distance 1)

Because anything going to 172.16.0.0/24 is sent to 192.168.0.150 for resolution. The router knows 192.168.0.150 is on the local bridge due to the distance zero connected route already in place.
 
Tschoo
just joined
Topic Author
Posts: 2
Joined: Mon Aug 19, 2013 3:04 pm

Re: Second gateway,...

Tue Aug 20, 2013 9:14 pm


ip route add dst-address=172.16.0.0/24 gateway="192.168.0.150" (You may need distance 1)
I think I tried that amongst many other configurations, but as I recall the router gave me a default distance of 5? (I'll will try distance 1 when I'm back at work).
I didn't really thought that distance makes such a difference in my set up.

And thank you for the suggestion, much appreciated !
 
tws101
Member Candidate
Member Candidate
Posts: 283
Joined: Thu Sep 08, 2011 11:25 pm

Re: Second gateway,...

Tue Aug 20, 2013 10:19 pm

That could be the issue also try clearing distance altogether.

Who is online

Users browsing this forum: No registered users and 22 guests