Route pref. source

DIoXIDaZ · February 13, 2013, 1:35pm

Hello,
I’ve have router with multiple external ip address’es.
but in my Routes table i can see that Pref. source is chosen automaticaly.
Can i set pref. source anywere?
Because now Masquerate uses that ip address to let local lan out.
or should i’ve create src-nat rule to let local lan through that ip without masquerade?

SurferTim · February 13, 2013, 1:38pm

If you have multiple ips assigned to one WAN interface, you should use srcnat instead of masquerade.

mtmx80 · February 15, 2013, 11:08am

I have asked the same question from MT support. Unfortunately NAT-ing is not the right choice in all cases.
The way how you can set your primary IP address (pref. source) in this case is:

Open terminal
Type: /ip address print
You will see all your IP addresses and numbers in front of them. Your primary WAN IP (pref. source) is the IP with lowest number from same subnet on same interface.
Let’s say your current pref source IP is the IP in position 3 and you would like to have the IP in position 5
**** WARNING YOU MAY LOSE CONNECTIVITY TO YOUR ROUTER IF YOU ARE CONNECTED USING IP YOU ARE CHANGING ****

/ip address set numbers=3 address=Put-a-dummy-IP
/ip address set numbers=5 address=Put-IP-from-position-3
/ip address set numbers=3 address=Put-IP-from-position-5

you can reboot your router to check if correct pref. source is chosen after restart, or simply disable and re-enable IP which you won’t like to see as pref. source. In this case new IP which is in position 5. Since there is a “smart” algorithm for choosing pref. source it will automatically choose position N+1, so if you have WAN IPs above position 5, you will need to disable/enable each of them

I have open ticket with MT Support and advised few simple fixes/solutions for this issue. They are easy to implement so I hope we will see this resolved in one of future ROS releases.

DIoXIDaZ · February 15, 2013, 1:19pm

Thank you for your answer - so if my Pref. source ip is #0 and ip wich i want to be pref. source is #2 i should disable enable ip address’es before it becomes pref. source?

mtmx80 · February 15, 2013, 4:02pm

Yes, as a temp solution you can try to disable/enable #0 and your pref source should be switched to #2. If #1 is WAN IP too you will need to disable/enable it as well.
If that works for you you can make it a permanent solution by entering following commands:
(Do not do it remotely or be extra careful since you may lost connection to the router when you replace IP to a dummy/temp IP.)

/ip address set numbers=0 address=1.1.1.1
/ip address set numbers=2 address=Put-IP-from-position-0
/ip address set numbers=0 address=Put-IP-from-position-2

By the way if you would like to do all this just to set proper external IP address for NAT-ed clients it’s probably much better and simpler to add a srcnat rule.

Example:

/ip firewall nat add action=src-nat chain=srcnat comment="Default SNAT" out-interface=ether1-gateway src-address=192.168.0.0/16 to-addresses=50.50.50.50 !to-ports

Where 50.50.50.50 is your external IP address #2 and 192.168.0.0/16 is internal subnet you would like to NAT.