I just got my first RB device, it is 750gl. It seems really nice so far. There is lot to learn though.
My hw setup is simple:
isp
|
(isp’s modem)
|
RouterBoard
|
|- my server (on ether5)
|-my internal network (on ether2-4)
I get 5 public ip-addresses from my isp via dhcp, I have no control over isp’s modem.
I would like to have RouterBoard to fetch two dhcp ips, one for my internal network to use and other for my server (in linux I would do eth aliasing [eth0 and eth0:0])(can this be done in RB via virtual interfaces?). Then configure two nats, one masquerade for my internal network and one 1-to-1 translation for my server. And after this I would like to make the firewall rules so that they are based on the nic’s not on ip-addresses.
My internal network is on 192.168.88.0/24 and RB is doing dhcp (750gl default configuration), my server is on 172.20.1.0/24 and networking is done by static ip-addresses.
I’am completely new on RouterBoard but I should have basic understanding of networking (and linux if that helps). Please give me full commands to run on ssh terminal or full WebFig menu paths.
thank you for your understanding and your patience
-R3kku
have you figured this out?
my isp gives me 5 dynamic ips as well. cant use VLAN because its based on MAC, and as far as i know there is no way to manually change MAC on VLAN
I can’t help you with your complete problem, because I do not really know how to get 2 IP’s from ISP with 1 interface connected. But for your local LAN do the following.
You should create a bridge for your local network and put ports 2-4 into that bridge and give that bridge an IP address in the 192.168.88.0/24 range. Also configure the DHCP server to handle requests on that bridge.
/interface bridge
add name=bridge-local
/interface bridge port
add bridge=bridge-local interface=ether2
add bridge=bridge-local interface=ether3
add bridge=bridge-local interface=ether4
/ip address
add interface=bridge-local address=192.168.88.1/24
/ip pool
add name=dhcp-pool range=192.168.88.101-192.168.88.200
/ip dhcp-server
add interface=bridge-local address-range=dhcp-pool
/ip dhcp-server network
add address=192.168.88.0/24 gateway=192.168.88.1 dns-server=192.168.88.1
/ip dns
set allow-remote-requests=yesFor the server, give the ether5 port an IP in range 172.20.1.0/24 and check connectivity to your server.
/ip address
add address=172.20.1.1/24 interface=ether5When you do DHCP client on your ether1 port, you should get an IP address from you ISP.
/ip dhcp-client
add interface=ether1 disabled=noCreate a NAT rule for your local lan
/ip firewall nat
add chain=src-nat action=masquerade src-address=192.168.88.0/24 out-interface=ether1