Assigning Static public /29 sub-net to LAN internal network IPs

tombee79 · November 30, 2015, 5:58am

I have DSL connection over PPPoE with public sub-net mast ip range 69.165.169.163/29. ( The PPPoE WAN public IP address is: 69.165.169.165/29 )

How do you assign the public static ips to private subnet on eth2: 192.168.1.0/24 ? ( to any four addresses)?

Remember the sub-net 69.165.169.165/29 is routed thru static pppoe ip: 69.165.169.165/32 ip

Thank you.

pukkita · November 30, 2015, 10:04am

You can assign them with whichever method suits you best; the quid being setting routing properly:

The Internet connected router has to “know” how to reach those IPs
The internet connected router should not NAT these IPs to the outside if direct communication is needed
The hosts with these IPs should have the Internet router as default gateway

tombee79 · December 4, 2015, 3:07am

can u give me examples with my ips?

thx

pukkita · December 4, 2015, 9:43am

I assume you already have 192.168.1.0/24 addresses on servers you want to assign public IPs:

tombee79 · December 6, 2015, 6:52am

thank you a lot. beautiful diagram. I really appreciate for u help.

How would u implement the diagram within mikrotik?

in firewall or in routing?

Ps. i think routing,
i tried to test it to my pc computer win7 i added additional ip address but i still get the NATed gateway ip pppoe: 69.165.169.165. When i exclude my ip from mascaraed firewall rule i cannot connect to internet.

PS. Another thing i forgot to mention. The mikrotik internet/WAN gate configuration is as follow.
ip:69.165.169.165 gateway:206.248.155.244 interface:pppoe-out1

You have on your diagram 69.165.169.165/32 is this correct?

i just check online trace-route for one of the static public ips for example 69.165.169.161 and it didtn show that the trace route was routed thu 69.165.169.165 gateway. is this correct normal or my ISP didnt assined/routed to me thru my static ip gateway 69.165.169.165.

Traceroute Trace the path from this server to another
from centralops.net (Dallas, Texas, USA)
to
69.165.169.161

ip version auto require ipv6 require ipv4
don’t resolve IP addresses Submit
user: anonymous [69.165.169.165]
balance: 47 units
log in | account info
CentralOps.net
Tracing route to 69.165.169.161 [69.165.169.161]…

hop rtt rtt rtt ip address fully qualified domain name
1 0 0 0 208.101.16.73 49.10.65d0.ip4.static.sl-reverse.com
2 0 0 0 66.228.118.157 ae11.dar02.sr01.dal01.networklayer.com
3 0 0 0 173.192.18.252 ae14.bbr01.eq01.dal03.networklayer.com
4 31 31 31 173.192.18.141 ae0.bbr01.cs01.lax01.networklayer.com
5 * * *
6 73 73 72 69.196.136.35 2110.tengigabitethernet-2-0-0.lns03.tor.packetflow.ca
7 88 88 87 69.165.169.161 69-165-169-161.dsl.teksavvy.com
Trace complete

– end –

Thanks again

pukkita · December 8, 2015, 1:11pm

Please copy and paste the following:

an export:

/export compact hide-sensitive=yes

And also:

/ip export

An ipconfig and netstat -rn from one of the servers.

tombee79 · December 9, 2015, 3:29am

Thanks for help

tombee79 · December 13, 2015, 4:40pm

Are you there?