This is the best work-around I could come up with so far:
I have all of my addresses in an address list. There are about 2500 addresses. I’ve created a script that that will loop through the main list and break it into new address lists of 254 addresses per list.
:local ip;
:local count 1;
:local listcount 1;
:foreach n in=[/ip firewall address-list find list=“active”] do={
set ip [/ip firewall address-list get $n address]
/ip firewall address-list remove [/ip firewall address-list find comment=“$ip”]
/ip firewall address-list add list=“nat$listcount” address=“$ip”
:set count ($count+1);
:if ($count>254) do={
:set count 1;
:set listcount ($listcount+1);
}
}
This kinda works, but I should probably clear all of the lists and recreate them each time to ensure I can keep exactly 254 addresses in each list, as to not waste IPs.
After this I create NAT rules as follows:
add action=netmap chain=srcnat comment=“NAT 1” src-address-list=nat1 to-addresses=<public network 1>/24
add action=netmap chain=srcnat comment=“NAT 2” src-address-list=nat2 to-addresses=<public network 2>/24
etc.
This is messy. Using a public address pool would be ideal.
Anyone have any thoughts?