Hi,
I’ve got a scenario where I have a few towers, each running ROS with their own PPPoE servers and user managers. (Not the smartest to run several UMs, I know)
Each tower has a few clients connected to it, all works beautifully.
Towers are interconnected with each other on IP-level, each subnet NATed and such. ALl works beautifully.
Now, once you get to my internet gateway, I have an RB150 with two internet connections.
Let’s say this gateway has this config:
ether1 10.0.0.2/24 WAN1 - Gateway 10.0.0.1 (DSL)
ether2 10.0.1.2/24 WAN2 - Gateway 10.0.1.1 (DSL)
ether3 192.168.0.1/24 Private LAN1 (Also PPPoE Server)
ether3 192.168.1.1/24 Private LAN2
Now let’s describe one of the upstream towers:
ether1 192.168.0.2/24 Connected to 192.168.0.1 (Private LAN1)
ether1 192.168.1.2/24 Connected to 192.168.1.2 (Private LAN2)
ether2 PPPoE Server
ether3 PPPoE Server
What I want to know is if, and how I can specify that User1 and User5 connected to the latter pppoe server, or any other pppoe server for that matter, can be specifically routed through Private LAN1, and from there, specifically out through WAN1, while, say, all other users are routed through Private LAN2 and specifically out through WAN2.
All traffic through P-LAN1 will go out through WAN1, and P-LAN2 will go out through WAN2.
I have no idea how else to explain it.
Ask if anything is unclear.
I appreciate your time/effort.
-Krige
Greetings!
Since your network is already NATed, this should not be too difficult. In the RB150:
/ip firewall nat
add chain=srcnat action=masquerade src-address=192.168.0.0/24 out-interface=ether1 place-before=0
add chain=srcnat action=masquerade src-address=192.168.1.0/24 out-interface=ether2 place-before=0
Do a
/ip firewall nat print
to insure these are pretty much the only srcnat rules.
Insure the users you want going out ether1 have a 192.168.0.x address, and users out ether2 should have a 192.168.1.x address.
Heya,
Thanks! I’ll give that a shot. However, just reading that solution leaves one problem -
That will work for my main station, but the downlinks from the other towers run through a single ethernet port - but I configured them with two IP addresses for each downlink trunk.
How, then, can I get my secondary towers to route stuff based on IP through the same ethernet interface, but different gateway?
Thanks for the help thus far!
As long as you don’t do any NAT between the towers and “mom”, the IP addresses you originally assign will be preserved until you do a NAT at the box connected to the internet (“mom”). If your network is “fully NATed”, this should be how it should work anyway. The gateway you assign in your route is the one it will use in each box.
EDIT: You can assign multiple gateways in your route, using different IP subnets and gateways, then have a “fallthrough” gateway. The order in this route list is important!
Thanks a million, the first portion seems to be working fine, still struggling to get the second part working. I’ll hack away at it for a while.
A problem I’ve discovered in the meanwhile is that each of my two WANs have different DNS servers. But this information must be passed to the client computer/CPE upon PPPoE connect. How do I specify DNS server, based on who the client is, or which WAN port is used?
Thanks for the help!
While you hack at the first challenge, I can help with the second. Take a look under
/ip dhcp-server network
You can set the dns server the dhcp server issues for each subnet there.