I have three interfaces in a router. One is a public interface connecting to a service provider and two additional interfaces that are on private subnets: 10.0.0.0/24 and 192.168.0.0/24 How do I allow these two private subnet to communicate with each other since they both contain non routable IPs? I’m not sure what config I need to add?
I assume users can communicate between each other, if they have correct default gateway configuration in their workstations.
The users in the 192.168 subnet can communicate with each other and get to the internet. Same as the 10.0 subnet. However, the users in the 192.168 subnet can’t talkto the users on the 10.0 subnet and vice versa. What do I neet to change to allow the 192.168 and 10.0 subnets to communicate?
i.e, If I’m on a workstation 192.168.2.35, I can’t ping 10.0.0.2.
Can anyone help?
Just make sure the router has an IP address on each interface, ie:
10.0.0.1/24 - ether2
192.168.0.1/24 - ether3
This will put routes for both into the routing table as connected routes, and then each will be able to communicate thru the router. It’s all automatic if the router knows about both subnets.
Sam
Thanks. I have it setup just like that. 
If I am on the 192.168 LAN, I can’t even ping the 10.0.0.1 interface. I wasn’t sure if that was due to the fact that I’m trying to ping a private/non routable IP. I didn’t think non routable IPs were propagated through an interface without additional configuration?
- if you have IP address on both interfaces, dynamic routing rules added (check in ip route).
- User’s workstation should have correct default gateway settings.
- Enable ‘echo reply’ in Windows firewall, check there are not rules in MikroTik firewall, that can drop pings (are you able to ping workstation from the router ?)
Yeah, everything looks OK. From the Mikrotik, it can see everything. There are no issues within the lan as connectivity is fine within a LAN and out to the SP.
I Bridged the 192.168 and 10.0 interfaces last night to get connectivity between LANs.
One of my questions is about non-routable IPs. All information I have read states that private IPs are not routed. Does the scenario I have really suppose to work? Can you actually ping a private IP that is on a different subnet?
A private IP is no different than a public IP - an ip is an ip : ) Once outside of your network however the public internet should not route private address space - but inside your network no difference.
Sam
Hmm. OK. I was just going by what I have read. It was specified that private IPs are non routeable. All router manufacturers still route private IPs? They can’t possibly because there would be a bunch of duplicate prefixes. Is it that routing protocols will not advertise private IPs to other routers? On board a local router, it should have the routing information present for the local interfaces I agree.
To decide whether a particular IP address is “private” (non-routable) or “public” (routable) address in a given network is the responsibility of the network administrator (read: a matter of configuration).
There is no difference from the router’s point of view between private and public IPs.
Eugene