Dear all,
We have a problem about assign Ripe Public ip to pppoe user after second mikrotik. Please check attached image and below description.
- This switch is metro ethernet which is in our datacenter. Ethernet 3 is Lan port
- Mikrotik Connected to Metro ethernet to get internet. Ethernet 1 is Wan Port. Ethernet 2 is PPPOE server with 192.168.44.1/24. BGP is configured at this mikrotik and we can use RİPE ip addresses 185.1XX.XX.1/22. Ethernet 12 is 185.1XX.XX.1/22.We use this mikrotik as a main router and all our network connect to this mikrotik
- This mikrotik works as a pppoe server with ip 172.16.5.1/24. It is used for customers. Ethernet 12 is WAN port with 185.1XX.XX.2/22 ip address. /İp Route dest. 0.0.0.0/0 gateway 185.1XX.XX.1 is added. And Locally Ethernet 1 is Static ip. Ethernet 2 is Pppoe server.
4)While this Access point is used as a pppoe user. public ip address works fine. I only assign Remote ip(Ripe ip) from PPP secret.
- While this Access point is used as a pppoe user. Public ip address DOESN’T work
. I only assign Remote ip (Ripe ip) from PPP secret.(I think need to route to first Router but ı dont know how to doit)
6)When I give static ip to this Access Point it work Fine and Public İp Work fine.
How can I assign Public ip after second mikrotik ,to pppoe user. Which configuration I have to do. I have only BGP configuration at first mikrotik and main configuration. I have main configuration at second mikrotik nothing else.
Setup OSPF between routers and assign routing filter with RIPE-NET/22 le 32
Each time client gets PPPoE IP ospf will forward the route to the main router and therefore your BGP or whatever protocol you are using will redistribute it.
Here is sample config:
Router 1:
add area-id=0.0.0.1 name=area1
/routing ospf instance
set [ find default=yes ] distribute-default=always-as-type-1 redistribute-connected=as-type-1 redistribute-static=as-type-1 router-id=X.X.X.X
/routing ospf interface
add authentication=md5 authentication-key=somepassphrase authentication-key-id=1 interface=PEERIF(ether2) type=broadcast
/routing ospf network
add area=area1 network=PEERIFNETWORK ( X.X.X.X/XX) ex. 192.168.1.0/24
Router 2:
/routing ospf area
add area-id=0.0.0.1 name=area1
/routing ospf instance
set [ find default=yes ] redistribute-connected=as-type-1 redistribute-static=as-type-1 router-id=Y.Y.Y.Y
/routing ospf interface
add authentication=md5 authentication-key=somepassphrase authentication-key-id=1 interface=PEERIF(ether1) network-type=broadcast
/routing ospf network
add area=area1 network=PEERIFNETWORK ( X.X.X.X/XX) ex. 192.168.1.0/24
/routing filter
add action=discard chain=ospf-in invert-match=yes prefix=0.0.0.0/0 # In case you want only default route to be accepted
add action=accept chain=ospf-out prefix=RIPE-NET/22 prefix-length=32
add action=discard chain=ospf-out
Router 1:
add area-id=0.0.0.1 name=area1
/routing ospf instance
set [ find default=yes ] distribute-default=always-as-type-1 redistribute-connected=as-type-1 redistribute-static=as-type-1 router-id=10.0.0.1
/routing ospf interface
add authentication=md5 authentication-key=somepassphrase authentication-key-id=1 interface=ether12 type=broadcast
/routing ospf network
add area=area1 network=10.0.0.0/24
Router 2:
/routing ospf area
add area-id=0.0.0.1 name=area1
/routing ospf instance
set [ find default=yes ] redistribute-connected=as-type-1 redistribute-static=as-type-1 router-id=10.0.0.2
/routing ospf interface
add authentication=md5 authentication-key=somepassphrase authentication-key-id=1 interface=ether12 network-type=broadcast
/routing ospf network
add area=area1 network=10.0.0.0/24
R1 and R2
/routing filter
add action=discard chain=ospf-in invert-match=yes prefix=0.0.0.0/0 # In case you want only default route to be accepted
add action=accept chain=ospf-out prefix=185.1XX.XX.0/22 prefix-length=32
add action=discard chain=ospf-out
Thanks for reply i did like this . OSPF interface designated router for both side but cant use public ip. Which ip address should be assign to ether 12 R1 and ethernet12 R2(Ripe ip address or Local İp address)
You could use private addresses on a /30 range for R1 ether12 - R2 Ether12, and save two public ips for customers; 2 more if you leave all the /22 range for PPPoE pool, as both the network and broadcast addresses could be used by customers, so 4 ips saved in total.
It also won’t hurt to set network-type=point-to-point on ospf interface if you do that, as that’s what the network type between both routers will be.
You will be able to reach R1 from Internet by the 195.1XX.XXX.XXX ip; to reach R2 you’ll have to resort to dst-nat on R1, or enable RoMON on both and use R1 as RoMON hop to R2.
However your problem isn’t related to that but on this rule:
/routing filter
add action=discard chain=ospf-in invert-match=yes prefix=0.0.0.0/0 # In case you want only default route to be accepted
As promind points in the filter comment, that rule is only needed in case you only want the default route (0.0.0.0/0) to be accepted and want anything else discarded; routing filters work in a first match basis, (like firewall filter rules) so the first rule is discarding anything but 0.0.0.0/0, and second rule isn’t even being evaluated by BGP, and thus your /22 routes.
Disable those rules on both routers and try.
Have you checked on routing > ospf > routes that the public /22 PPPoE pool routes are there?
Thanks for reply 
Problem is solved I can assign RIPE public ips after disable those routing filter. 
Thanks to help.