multiple public ips on same subnet to single private network

CastorTroy · August 20, 2009, 10:43pm

I’ve got a pool of public IP’s from my cable ISP. However, I am not able to assign multiple IP’s to a single MAC address because of ISP rules.

I want to have a single public IP masqueraded for most internet traffic, but I want to be able to 1:1 nat one of my other public IP’s

this is how the network will appear

							Cable Modem
								|
					_______________________________
				WAN INTERFACE eth0		WAN INTERFACE eth1
				MASQUERADE				1:1 NAT
				XX.XX.XX.102/27			XX.XX.XX.103/27
					|						|
					______________________________
							LAN interface eth2
								10.0.0.1
							_______|_______
							24 port switch    
					________________|______________
					|				|					|
					users			users			1:1 NAT to eth1
															10.0.0.10

I have the masquerade, etc, all working properly. The problem I am running into is the second public interface. Once I enable that interface, I lose internet connectivity. I am not sure if it’s trying to loop traffic in between the two public interfaces, or what?

I tried setting up a virtual ethernet interface for the second public IP, but was unable to get that to function. I also tried bridging eth0 and eth1 together, but this also did not work. Every solution I’ve tried resulted in either none of the functionality that I wanted, or traffic no longer being routed.

I’m obviously missing something. Any help appreciated!

eneimi · August 21, 2009, 7:57pm

You don’t need the wan interface eth1 configuration. Without modification of routes and so on, it’s bound to break your internet connectivity if running.

http://www.mikrotik.com/testdocs/ros/3.0/qos/nat.php

Just run netmap with the range of IPs you want.

CastorTroy · August 22, 2009, 1:18am

eneimi, the problem with that is this:

my ISP will only allow me to have one IP per mac address.

eneimi · August 22, 2009, 8:28am

You mentioned that in your first post.

I’m not aware that netmap will use the mac of your router interface to identify all the lan computers!

Have you tried it?

SurferTim · August 22, 2009, 10:16am

I was faced with this challenge. My ISP was able to provide one of my IPs on a different subnet in the same cablemodem, allowing the setup you show. Some ISP companies can, like Mediacom , and some can’t, like Cox Communications .

ADD: If they are unable or unwilling to provide that service, it is not the end. I used two MT routers this week to get around a stubborn provider that could not provide different subnets, even in two cablemodems. It was one of the two companies I mentioned above.

CastorTroy · August 24, 2009, 2:18pm

Tim, Mediacom is my ISP, so I’ll see if they can do that for me