Big Problem for mY Job as EDP- HELP me Please

proweb · March 11, 2006, 7:22pm

I have a situation. And I must solve it quickly.

The company network have a fiber optic cable for accessing the internet with RJ-45 at the end. Also there is a LAN network with 40 workstations. I have to make access to every computer in LAN.

Our ISP provides us with static IP address: 205.70.70.1/29 for Indonesia Internet eXchange with gateway/dns 205.70.20.1 and 205.80.80.40/29 for International with gateway/dns : 205.80.80.40

I habe WRAP board with two interfaces. I called first as “Public”, and second as “Local”
I have add the two public address and gateway with same dns. But how could for setting “Local” to provide two ip out-interface will be one Ip address?
please support me…(What i have to do with Nat?)

Thanks before

sergejs · March 11, 2006, 8:03pm

If I correctly understand your description, than add
local address to local interface e.g. 192.168.0.1/24
NAT rules have to be like these:
/ip firewall nat add chain=srcnat out-interface=iface_name action=src-nat to-addresses=first_address
/ip firewall nat add chain=srcnat out-interface=iface_name action=src-nat to-addresses=second_address

ECMP example here:
http://www.mikrotik.com/docs/ros/2.9/ip/route||0.5527638190954773

proweb · March 12, 2006, 6:49pm

i really don’t ge it…
My chief said, i have to combine 2 network isp will be one network ip address

let say i make this rule like this :

[admin@ECMP-Router] ip address> print
Flags: X - disabled, I - invalid, D - dynamic

ADDRESS NETWORK BROADCAST INTERFACE

0 192.168.0.254/24 192.168.0.0 192.168.0.255 Local
1 10.1.0.2/28 10.1.0.0 10.1.0.15 Public1
2 10.1.1.2/28 10.1.1.0 10.1.1.15 Public2
[admin@ECMP-Router] ip address>

Add the default routes - one for ISP1 and 2 for ISP2 so we can get the ratio 1:3:

[admin@ECMP-Router] ip route> add gateway=10.1.0.1,10.1.1.1,10.1.1.1
[admin@ECMP-Router] ip route> print
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf

DST-ADDRESS G GATEWAY DISTANCE INTERFACE

0 ADC 10.1.0.0/28 Public1
1 ADC 10.1.1.0/28 Public2
2 ADC 192.168.0.0/24 Local
3 A S 0.0.0.0/0 r 10.1.0.1 Public1
r 10.1.1.1 Public2
r 10.1.1.1 Public2

In order to access the internet from your lan (10.0.0.0/24), try the following rule:

Code:
/ip firewall nat
add chain=srcnat src-address=192.168.0.1/24 action=masquerade

for redirect rules i put :
add chain=dstnat in-interface=Local src-address=192.168.0.0/24
protocol=tcp dst-port=80 connection-mark=http-connection action=redirect
to-ports=8080

and for the Ip firewall mangle >
I put like this :

chain=prerouting in-interface=Local src-address=192.168.0.0/24
protocol=tcp src-port=80 connection-mark=http-connection action=accept

and the question is, how could i have queue traffic limitter for this rule, if I used nat for “Static Equal Cost Multi-Path routing”

Please explain me for the rules until system Queue. Thanks for your kindnes..is really mean for me.
my email is : indosms@i2.co.id

please support me if I have a mistake…