Good afternoon everyone!
I see many similar questions to mine in the forums but none exactly like it that has an answer. Here is my scenario, I’m hoping someone can assist.
I have multiple WAN ip addresses configured on my gateway interface. I’ve done this by using adding multiple addresses assigned to the interface.
/ip address
add address=5.5.5.2/28 interface=ether1-gateway network 5.5.5.0
add address=5.5.5.3/28 interface=ether1-gateway network 5.5.5.0
add address=5.5.5.4/28 interface=ether1-gateway network 5.5.5.0
add address=5.5.5.5/28 interface=ether1-gateway network 5.5.5.0
add address=5.5.5.6/28 interface=ether1-gateway network 5.5.5.0
add address=5.5.5.7/28 interface=ether1-gateway network 5.5.5.0
This creates a automatic dynamic route with a preferred source using the lowest ip address in the group (so in this example 5.5.5.2)
So, I figured I would be clever and rather than use masquerade for my NAT, I would use src-nat and specify the IP address I want 5.5.5.3.
Bingo, that worked for MOST traffic, or at least for all traffic from my LAN or all sources other than from the firewall itself.
So then I figured I would be clever and tried to add a static route. That was all fine, except the static route has a metric of 1, and the dynamic route has a metric of 0.
On my logs it shows that the local (firewall) based traffic is being NAT’d to come from the 5.5.5.3 ip, but yet it still goes out as 5.5.5.2. (Probably because they are all ARP’ed to the same interface address)
I suppose I could create multiple virtual interfaces, and bridge them. But that’s an ugly solution to simple problem. Any help would be appreciated.