MK problem with routing

RouterOS Beginner Basics
1

Hi,

I have a problem with routing to the internet. Can you help me solved my problem?

[xxx@MikroTik] /ip address> print
Flags: X - disabled, I - invalid, D - dynamic

ADDRESS NETWORK INTERFACE

0 ;;;
192.168.1.1/32 255.255.255.0 Vnitrni
1 ;;; INTERNET
10.5.127.202/32 255.255.255.252 01_Vnejsi

[xxx@MikroTik] /ip dns> print
servers: 10.255.255.10,10.255.255.20
dynamic-servers:
allow-remote-requests: yes
max-udp-packet-size: 4096
cache-size: 2048KiB
cache-max-ttl: 1w
cache-used: 10KiB

[xxx@MikroTik] /ip firewall nat> print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=dstnat action=netmap to-addresses=192.168.1.0/24
dst-address=10.5.127.202

1 chain=srcnat action=netmap to-addresses=10.5.127.202
src-address=192.168.1.0/24

2 chain=srcnat action=masquerade

[xxx@MikroTik] /ip route> print
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m -
B - blackhole, U - unreachable, P - prohibit

DST-ADDRESS PREF-SRC GATEWAY

0 A S 0.0.0.0/0 01_Vnejsi
1 ADC 255.255.255.0/32 192.168.1.1 Vnitrni
2 ADC 255.255.255.252/32 10.5.127.202 01_Vnejsi

Info from my ISP:
IP:10.5.127.202
MASK:255.255.255.252
Gateway:10.5.127.201
DNS:10.255.255.10,10.255.255.20

Thank you....

2

I can try. The problem, seems to be that you set the NETWORK address to the NETMASK, and didn’t set the NETMASK at all. You can fix this:

/ip address set 0 address=192.168.1.1 network=192.168.1.0 netmask=255.255.255.0
/ip address set 1 address=10.5.127.202 network=10.5.127.200 netmask=255.255.255.252

The proper way to do this from scratch, would be

/ip address add address=192.168.1.1/24 interface=LAN
/ip address add address=10.5.127.202/30 interface=WAN

Note that I don’t specify the network or netmask, instead I’m specifying the length of the network and letting the router figure it out from there.

[xxx@MikroTik] /ip dns> print
servers: 10.255.255.10,10.255.255.20
dynamic-servers:
allow-remote-requests: yes
max-udp-packet-size: 4096
cache-size: 2048KiB
cache-max-ttl: 1w
cache-used: 10KiB

[xxx@MikroTik] /ip firewall nat> print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=dstnat action=netmap to-addresses=192.168.1.0/24
dst-address=10.5.127.202

1 chain=srcnat action=netmap to-addresses=10.5.127.202
src-address=192.168.1.0/24

2 chain=srcnat action=masquerade

I won’t say if these NAT rules would work or not to accomplish your specific purpose. Assuming that you need to translate to your WAN IP, try this:

/ip firewall nat add chain=srcnat action=masquerade out-interface=WAN



[xxx@MikroTik] /ip route> print
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m -
B - blackhole, U - unreachable, P - prohibit

DST-ADDRESS PREF-SRC GATEWAY

0 A S 0.0.0.0/0 01_Vnejsi
1 ADC 255.255.255.0/32 192.168.1.1 Vnitrni
2 ADC 255.255.255.252/32 10.5.127.202 01_Vnejsi

Finally, on your default route. Rather than an IP address, you’re specifying the interface. While I suppose this works, it’s not a very clear way of doing this. The preferred method, would be to set the IP address of the gateway:

/ip route add gateway=10.5.127.201

I hope this helps…

Info from my ISP:
IP:10.5.127.202
MASK:255.255.255.252
Gateway:10.5.127.201
DNS:10.255.255.10,10.255.255.20

Thank you…

3

Troy thanks a lot