Hello there,
We have recently got our hands on a Powercode BMU and during testing I had used some policy routing to run customer traffic to the BMU and back into the same router. This allowed me to also use an address list to choose who to redirect through the BMU for testing. Here is the setup that I have had working on another router, but it was not doing NAT at the time, and it is a CloudCore with the latest firmware, VS an 1100X2 with 5.26 on it.
The BMU has two interfaces configured:
ETH0 is 10.210.10.2
ETH7 is 10.210.11.2
It has the following static routes:
default route is 10.210.10.1
10.0.0.0/8 reachable 10.210.11.1
192.168.0.0/16 reachable 10.210.11.1
Mikrotik Router
/ip firewall mangle
add action=mark-routing chain=prerouting comment=“Upstream Interface”
disabled=yes dst-address-list=“Through BMU” in-interface=vlan333
new-routing-mark=testing passthrough=no
add action=mark-routing chain=prerouting comment=“Downstream Interface”
disabled=yes in-interface=vlan10.27 new-routing-mark=testing passthrough=
no src-address-list=“Through BMU”
/ip route
add disabled=yes distance=1 gateway=10.210.11.2 routing-mark=testing
add disabled=yes distance=2 gateway=10.210.0.1 routing-mark=testing
add disabled=yes distance=1 dst-address=10.0.0.0/8 gateway=10.210.10.2
routing-mark=testing
add disabled=yes distance=1 dst-address=192.168.0.0/16 gateway=10.210.10.2
routing-mark=testing
This configuration works as expected on the 1100X2 with no NAT, but once I try to replicate it at our gateway, it does not work. I am assuming it has to do with where the NAT is taking place in the packet flow, as all of our customers are either NAT’d to a shared IP or share a 1-to-1 NAT.
Any thoughts or suggestions would be great! I am thinking of adding another device between the router and BMU, but there are three downstream interfaces on this router as well…