Link LAN Segments of two routers

Schime85 · November 14, 2019, 8:33am

Hi guys!

I’m using two methods to route between routers but I don’t know whats the best practice in doing so.
The routers are linked over ether5 with a simple network cable or a site-site wireless link.

Method 1: using a “tunnel” net for every connected router eg 172.16.1.0/24
Router1:

/ip address
add address=1.1.1.1/24 interface=ether1 network=1.1.1.0 comment="ISP Link"
add address=192.168.1.254/24 interface=ether2 network=192.168.1.0 comment="LAN Router 1"
add address=172.16.1.1/24 interface=ether5 network=172.16.1.0 comment="link to router 2"
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
/ip route
add distance=1 gateway=1.1.1.254
add distance=1 dst-address=192.168.2.0/24 gateway=172.16.1.2

Router2:

/ip address
add address=2.2.2.1/24 interface=ether1 network=2.2.2.0 comment="ISP Link"
add address=192.168.2.254/24 interface=ether2 network=192.168.2.0 comment="LAN Router 2"
add address=172.16.1.2/24 interface=ether5 network=172.16.1.0 comment="link to router 1"
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
/ip route
add distance=1 gateway=2.2.2.254
add distance=1 dst-address=192.168.1.0/24 gateway=172.16.1.1

Method 2: saw that config in the forums but I don’t know the name of this method, but it seems to be much clearer for many networks and links
Router1:

/ip address
add address=1.1.1.1/24 interface=ether1 network=1.1.1.0 comment="ISP Link"
add address=192.168.1.254/24 interface=ether2 network=192.168.1.0 comment="LAN Router 1"
add address=192.168.1.254 interface=ether5 network=192.168.2.254 comment="link to router 2"
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
/ip route
add distance=1 gateway=1.1.1.254
add distance=1 dst-address=192.168.2.0/24 gateway=192.168.2.254

Router2:

/ip address
add address=2.2.2.1/24 interface=ether1 network=2.2.2.0 comment="ISP Link"
add address=192.168.2.254/24 interface=ether2 network=192.168.2.0 comment="LAN Router 2"
add address=192.168.2.254 interface=ether5 network=192.168.1.254 comment="link to router 1"
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
/ip route
add distance=1 gateway=2.2.2.254
add distance=1 dst-address=192.168.1.0/24 gateway=192.168.1.254

I find method2 more appealing to me because I don’t like the idea of having many “dead” networks which only serve as a “tunnel” net.
Are there any drawbacks though?

sindy · November 14, 2019, 12:02pm

“Stealing” one IP from a subnet for use for an interconnection link is nothing bad, except if you ever wanted to use some dynamic routing protocols in future.