I can't in any way to run the ntp client ony my RB1000 (RouterOS v.4.10).
The my router has eth4 interface with the public IP subnet, and eth1 with private IP (for point-to-point routing versus ISP).
This is a route table:
DST-ADDRESS PREF-SRC GATEWAY DISTANCE
0 A S 0.0.0.0/0 169.253.1.2 1
1 ADC 88.56.87.248/29 88.56.87.249 ether4 0
2 ADC 169.253.1.0/30 169.253.1.1 ether1 0
thanks for the answers, but the problem is the routing…
If I configure the eth1 with a public ip the SNTP works perfectly …
The my situation is this:
INTERNET <—(A)>ISP ROUTER<(B)----(C Eth1)>RB1000<(D Eth4)----
I want to move the public subnet on the router of my ISP (B) on Eth4 (D) of my RB1000. To do this, I asked my ISP to turn the public subnet (88.56.87.248/29) “behind” point to point interface (B-C, 169.253.1.1 and .2).
In this situation a PC with a public ip address behind eth4 (example 88.56.87.250/29, with gw 88.56.87.249 on RB1000 eth4) works perfectly.
This is a traceroute on RB1000 versus NTP server…works.. :
C:>tracert -d 193.204.114.232
1 <1 ms <1 ms <1 ms 88.56.87.249
2 <1 ms <1 ms <1 ms 169.253.1.2
3 * * * timeout.
4 41 ms 41 ms 76 ms 80.21.7.34
5 43 ms 43 ms 42 ms 172.17.7.241
6 42 ms 42 ms 41 ms 151.99.29.214
7 42 ms 42 ms 42 ms 172.17.5.210
8 46 ms 43 ms 42 ms 193.201.28.15
9 46 ms 45 ms 46 ms 193.206.141.34
10 50 ms 49 ms 50 ms 193.206.134.73
11 * * * timeout.
12 51 ms 51 ms 50 ms 150.145.51.2
13 55 ms 52 ms 52 ms 193.204.114.232
The NTP server is reachable behind RB1000 eth4 , but not from inside the RouterOS console. I want the RB1000 reach the NTP server with public IP on eth4 (88.56.87.249). now I see that uses the ip point to point ..
I don’t understand your RB1000 configuration, for me is completly messed up.
If (C, ether1) is connected to ISP subnet why is addressed 169.253.1.1.
It should be from subnet assigned by ISP (e.g. 88.56.87.250/29).
What subnet is behind RB1000 (D, ether4)?
In this situation a PC with a public ip address behind eth4
Why do you want PC with public IP address? It’s a server?
In this case connect a switch beetwen (B) and (C) and connect this PC to switch, this will be solution.
Usable addresses are 88.56.87.251 - 254 (250 is reserved for RB1000 interface)
If you want to ‘hide’ this PC behind RB1000 and need some services available, use DST-NAT.
I don’t know what do you want to achieve with this configuration, sorry.
ISP normally provides its own router with the public directly on the Ethernet subnet (B), in my case, the subnet 88.56.87.248/29. I can directly assign the public ip on RB1000 eth1, and then use NAT on eth4.
However, I would have the public IP on eth4, because I have other devices (Motorola Canopy) that using NAT 1:1 behind eth4. In this case, the RB1000 essentially functions as a router (but I can use advanced function, queue ecc.).
To do this, I can divide my public subnet 88.56.87.248/29 in two /30, and assigning the points B-C and D. The first subnet is for point-to-point routing and the second for user …
Note: This subnet (88.56.87.248/29) is only for test, I have a very large class B public ip subnet…
if I modify the routing table in the ISP router, the point to point subnet may NOT be necessarily public address.
having the public ip directly “inside” all’RB1000, allow manages the subnetting of the IP in a flexible mode(by VLAN for example)?
In this case you should bridge ‘eth1’ and ‘eth2’, assign address .250 to it and set default gateway to .249.
Connect ‘eth1’ to ISP and ‘eth2’ to Canopy. Assign address .251 to Canopy.
Configure ‘eth4’ as your private subnet and set masquerade for it. Should work fine
If you need to use more than two devices with public IP address, connect switch to ISP and your devices to this switch.
Switch performance is better than bridge.
