Hi guys,
Yesterday I grabbed a license (CHR) for one of my VM’s running on Xen but I am having problems in connecting it to Hetzners network. As you might know that they use a subnet outside of the routed block and its locked to the core/physical machines MAC and usually you use the core box as a router (ip forwarding) and your VMs use this as its gateway and not the real one.
I was running a vyos VM before replacing with Mikrotik CHR earlier and everything has been running fine for a long time.
I have a /29 from hetzner and the usual config in linux is like this for a new running VM..
auto eth0
iface eth0 inet static
address 5.XX.XX.73
netmask 255.255.255.248
up ip route add to 5.XX.XX.53 dev eth0
up ip route add default via 5.XX.XX.53 dev eth0
The 5.xx.xx.53 address is the core box (new gateway) which sits on a different subnet hence why you need the static route in.
So my question is, Whats the equivalent to this in mikrotik language?
The direct issue that I am having is that I cant get the mikrotik to work with the default route (0.0.0.0/0) as everything I try gets the message “no route to host”. Now I can ping the gateway (the core box) after adding the /32 static route (as expected) so the VM can see its new gateway fine. Its just the default route that doesn’t seem to be working. Any ideas?
Kind Regards
** UPDATE **
Thanks to the following OP on this post: http://forum.mikrotik.com/viewtopic.php?f=15&t=82100&p=429038&hilit=ovh#p429038 which gave me a HINT on what I was doing wrong.
So that others don’t suffer many hours of frustration, I am enclosing the solution below:
IP of Mikrotik (self): 5.XX.XX.73
GW: 5.XX.XX.53
/ip address
add address=172.30.1.1/24 interface=LAN network=172.30.1.0
add address=5.XX.XX.73/32 interface=WAN network=5.XX.XX.53
/ip route
add distance=1 gateway=5.XX.XX.53
Now if you look carefully you will see the KEY part is the network address, its not the /32 like I originally thought or even the network address (first address in the /29 or itself), its actually the address of the gateway which completely knocked me for six.
I must say I do feel a little dumb as after fixing this and re-reading the wiki, it does actually state the following which makes now perfect sense as its a p2p link of sorts technically.
network (IP; Default: 0.0.0.0) IP address for the network. For point-to-point links it should be the address of the remote end. Starting from v5RC6 this parameter is configurable only for addresses with /32 netmask (point to point links)
So lesson to the wise, always re-read the documentation when in doubt and don’t take things for granted.