Hello,
I’m having trouble with trouble packets not getting there source address translated with Router OS 5.8 on a RB750.
My Setup is as follows
RB750 with two bridges and switch disabled, the bridges are checked with option “Use IP Firewall”
Bridge 1 (transparent traffic shaper) 192.168.0.4/24
Port 1 —> UTM Default Gateway 192.168.0.1/24 (Sonicwall TZ100)
Port 2 —> External Switch —> PC 192.168.0.49/24
Masquerade -scrnat on Bridge 2 Out Interface
Bridge 2 192.168.1.1/24
Port 3–(see Port 4)
Port 4–> 192.168.1.0 Network
Port 5–(see Port 4)
I am using masquerade to be able to ping layer 2 devices on the 192.168.1.0/24 network from a PC on 192.168.0.0/24. If the default gateway for PC is 192.168.0.1 (standard as that is the UTM) the ping goes there, gets redirected to the RB750 and doesn’t get translated going to Bridge 2 network. I think it has something to do is the ping is received on port 1 and the PC the ping originated from is on port 2 of the bridge.
I am able to get it to work if I set the default gateway for the PC to 192.168.0.4 (address of RB750), the address gets translated going to bridge 2.
The masquerade works fine with the same software configuration, just a wiring change to
Bridge 1
Port 1 → disconnected
Port 2 → External Switch → Gateway 192.168.0.1
External Switch cont–> PC 192.168.0.49
because the ping will be received by port 2, but this bypasses the traffic shaper.
I have packet sniffer outputs for when it doesn’t work and the ping is redirected from the primary gateway 192.168.0.1
Interface Dir Src. Address Dst. Address Protocol IP Protocol
port2 rx 192.168.0.49 192.168.1.243 2048 (ip) 1 (icmp)
bridge 1 tx 192.168.0.49 192.168.1.243 2048 (ip) 1 (icmp)
bridge 1 tx 192.168.0.49 192.168.1.243 2048 (ip) 1 (icmp)
port1 tx 192.168.0.49 192.168.1.243 2048 (ip) 1 (icmp)
port1 tx 192.168.0.49 192.168.1.243 2048 (ip) 1 (icmp)
port1 rx 192.168.0.49 192.168.1.243 2048 (ip) 1 (icmp)
bridge 1 tx 192.168.0.49 192.168.1.243 2048 (ip) 1 (icmp)
bridge 1 tx 192.168.0.49 192.168.1.243 2048 (ip) 1 (icmp)
bridge 1 rx 192.168.0.49 192.168.1.243 2048 (ip) 1 (icmp)
bridge 2 tx 192.168.0.49 192.168.1.243 2048 (ip) 1 (icmp)
bridge 2 tx 192.168.0.49 192.168.1.243 2048 (ip) 1 (icmp)
port 4 tx 192.168.0.49 192.168.1.243 2048 (ip) 1 (icmp)
Here are the packet sniffer output when I set the default gateway or PC to 192.168.0.4 (RB750)
Interface Dir Scr Address Dst. Address Protocol IP Protocol
port2 rx 192.168.0.49 192.168.1.243 2048 (ip) 1 (icmp)
bridge 1 tx 192.168.0.49 192.168.1.243 2048 (ip) 1 (icmp)
bridge 1 tx 192.168.0.49 192.168.1.243 2048 (ip) 1 (icmp)
bridge 1 rx 192.168.0.49 192.168.1.243 2048 (ip) 1 (icmp)
bridge 2 tx 192.168.0.49 192.168.1.243 2048 (ip) 1 (icmp)
bridge 2 tx 192.168.1.1 192.168.1.243 2048 (ip) 1 (icmp)
port4 tx 192.168.1.1 192.168.1.243 2048 (ip) 1 (icmp)
port4 rx 192.168.1.243 192.168.1.1 2048 (ip) 1 (icmp)
bridge 2 tx 192.168.1.243 192.168.0.49 2048 (ip) 1 (icmp)
bridge 2 tx 192.168.1.243 192.168.0.49 2048 (ip) 1 (icmp)
bridge 2 rx 192.168.1.243 192.168.0.49 2048 (ip) 1 (icmp)
bridge 1 tx 192.168.1.243 192.168.0.49 2048 (ip) 1 (icmp)
bridge 1 tx 192.168.1.243 192.168.0.49 2048 (ip) 1 (icmp)
port2 tx 192.168.1.243 192.168.0.49 2048 (ip) 1 (icmp)
Is this a bug, or is this expected to happen? I can find ways around it, but I prefer an elegant solution.
Thanks for reading
CPEng