Assigning Public Block to Clients

adian009 · September 19, 2013, 4:02am

I am not new to networking; however, I cannot get this to work!

I have an RB2011UAS with internet using a DSL / PPP connection and all clients, wired and wireless work fine currently. I now want to assign a two of my public IPs to clients.

Here is my layout:

Public IP Block: 63.x.139.168/29
Private IP Pool: 192.168.88.0/24

ETH1 Connected to DSL Modem
ppoe-Qwest PPPoE Client and is issued IP-63.x.131.174 Network-67.5.64.8 by DHCP
ETH2-ETH3 All bridged and natted to 192.168.88.0/24 using public IP 63.x.131.174 (includes wireless port)

ETH4 I want to issue 63.230.139.168
ETH5 I want to issue 63.230.139.169

I have tried many combinations without any success. Any help would be greatly appreciated! My problem may be the configuration of my client machine as well…

–al

CelticComms · September 19, 2013, 11:37am

It looks as if your ISP probably expects the public block to all be available via the PPPoE interface rather than the block being routed separately - since the PPPoE address is within the public block.

You could try breaking the problem down. e.g. Can you assign one of the other public IPs to a bridge interface in RouterOS then use a SRC NAT rules to have the outbound traffic use that public IP rather than the one directly on the PPPoE interface?

adian009 · September 21, 2013, 5:09am

Celtic: Thanks!

Here is the solution that I came up with, it works and I am hoping it is correct.

I added the address/block 63.x.131.168/29 (network 63.x.131.168/29) to ‘ppoe-Qwest’. I then used srcnat and dstnat to forward traffic to-and-from the internal-IP of the machine in question. So, all traffic from the machine uses a dedicated public IP and traffic inbound to that IP is forwarded to the machine.

Pretty sure there is a more elegant, correct solution!

–al

adian009 · September 21, 2013, 6:05am

Celtic: Thanks!

Here is the solution that I came up with, it works and I am hoping it is correct.

I added the address/block 63.x.131.168/29 (network 63.x.131.168/29) to ‘ppoe-Qwest’. I then used srcnat and dstnat to forward traffic to-and-from the internal-IP of the machine in question. So, all traffic from the machine uses a dedicated public IP and traffic inbound to that IP is forwarded to the machine.

Pretty sure there is a more elegant, correct solution!

–al