Hi all.
I’m using a RB1000U as core router in order to supply connectivity to my customers (I’m a WISP).
I have a CISCO 1841 used to connect to my ISP through SHDSL. I also have a public IP class like 11.22.33.0/24.
The CISCO is correctly configured with IP 11.22.33.1 and it routes everything to the Internet.
INTERNET — CISCO — RB1000 — WLAN
The RB1000 has IP 11.22.33.2/24 on ether1, and it’s connected to the CISCO
IP 10.20.0.1/16 on ether2, connected to the WLAN
I configured NAT masquerading on the RB1000, so that my residential customers will go to the Internet through one unique public IP.
My residential customers on WLAN have an IP like 10.20.0.123 and default gateway 10.20.0.1.
All is working fine
Now the problem arise at the second step: I have some BUSINESS customers to which I want to assign distinct PUBLIC IPs.
They are of course on the same ethernet segment as the residential ones (WLAN) but I want to assign them an IP like 11.22.33.123.
My temporary solution was to bridge the two RB1000 interfaces (mantainang the NAT feature).
In this way, business customers can have a default gateway like 11.22.33.1 (CISCO) and they go out thorugh the bridge, while residential customers go out through the NATTED interface.
Is there a way to do so without having to bridge the RB1000? Can I do routing in some way?
The right solution would be to have your ISP route you those IP address, not bridge them to you. You need a smaller routing subnet (/30) to be assigned and then you just tell your ISP to route that block to you instead of bridge it. Then you can ‘route’ those IPs further down the line.
If you don’t have that option you will have to use 1:1 nat. That’s not ideal but usable in most cases.
Hi Sam.
Do you think I can configure that on my CISCO?
On the router, I already have an ATM point-to-point subnet /30 with my ISP. The /24 class is distinct from that.
Thanks for the help
Example.
Assume that the ISP has given you 10.10.10.1/24
Cisco
Ether1-10.10.10.1/27 - This is going to RB1000 ether1
RB1000
ether1-10.10.10.2/27
Assume that Ether2 is assigned to Private IP - 192.168.1.1/24
so you can always NAT with 10.10.10.2
Assume that ether3 is connected to some customer which required Public IP address.
so assign ether3 - 10.10.10.33/27, No need to NAT this pool as this will work in route mode.
the default route will be 10.10.10.1.
Now, ether 2 will work in NAT mode and ether3 will work in Route Mode.
ashish, I understand your point: I can subnet my /24 class into several ones and separate natting from routing.
But the problem is that again I have residential and business customer on the SAME layer 2 segment!
So I cannot separate them into ether2 and ether3.
Do I have to implement VLANs for this reason?
