Routing single host IP out specific WAN interface.

RouterOS Beginner Basics
1

Hi all,

I’m a first time user of Mikrotik routers and I recently picked up the 1036-G-2S.
I see these things are quite feature loaded and have a very immersive documentation (which I plan on getting into the grit of it later). Now forgive me if there happens to be a thread already on this, I have done some searching and looking through documentation as well as tried some free hand configuration on the router to get a feel for it’s syntax and figure it out on my own. I am not really looking for someone to write me a tutorial or hold my hand, but point me to a Wiki how-to or a link would be nice, I don’t mind the legwork.

At the moment however, I’m looking for a specific feature or tool that allows me to tell the router, to route a certain specific host IP address out of a certain interface to reach the internet.
My topology is as follows:

I have 6 connections to the internet, connected to interfaces 2-7, each interface has it’s own unique IP out of a Public IPv4 /29.

Interface 1 on the router is my internal LAN port which is just simply configured with a 192.168.1.0/24. The router handles all naming services, however the workstations are all configured with static IPs. Behind that are 86 hosts, which I cannot place into separate VLANs at the moment because they need to be able to see each other on the network (unless there is an intervlan-routing option on this router which will allow hosts in seperate VLANs to see each other).

What I’m attempting to do is have a 1:1 static mapping for host IP addressesto use only a specific interface on the router or a specific internet gateway to get the the internet.

The type of routing I need to set up is like this: (Example)

  • Host 192.168.1.32 needs to be statically configured to leave interface ethernet 2 to get to the internet which is a WAN port with the IP of 10.0.0.1/29
  • Host 192.168.1.71 needs to be statically configured to leave interface ethernet 3 to get to the internet which is a WAN port with the IP of 10.0.0.2/29
  • Host 192.168.1.29 needs to be statically configured to leave interface ethernet 4 to get to the internet which is a WAN port with the IP of 10.0.0.3/29
  • Host 192.168.1.67 needs to be statically configured to leave interface ethernet 5 to get to the internet which is a WAN port with the IP of 10.0.0.4/29
  • Host 192.168.1.48 needs to be statically configured to leave interface ethernet 6 to get to the internet which is a WAN port with the IP of 10.0.0.5/29
  • Host 192.168.1.14 needs to be statically configured to leave interface ethernet 7 to get to the internet which is a WAN port with the IP of 10.0.0.6/29
    And so on and so forth. (Yeah, there will be a ton of entries to be entered in for every single host ಠ_ಠ)

I know this sounds really convoluted and being a Cisco guy I would just do a router-on-a-stick/intervlan-routing and place the WAN ports into the designated Vlan but… yeah…

Thanks in advance for the help!

route specific LAN host connections to selected WAN
2

So does having 6 ethernet cables actually end up giving you 6x the bandwidth available?
(Does it really give 6x the bandwidth?)

That’s the only reason I can conceive of where using 6 interfaces is necessary. If it’s true, then you’re going to have to use routing marks (similar to vrfs) to achieve this.

The meat and potatoes of this solution is going to be 6 routing tables, where each has only one default route via the same remote IP. You will then configure mangle table rules to mark connections based on the ingress interface, and if starting on the inside, you’re going to map them based on the source address so they will go out the right way.
After the connection marks are assured, the mangle table will end up with 6 rules in a row that just look for a connection mark, and stamp the corresponding routing mark on each packet.

Then in the routing table, you will have 6 routing tables - each with a default GW via a different interface, and a full set of internal routes.

As for forching the same remote IP onto 6 interfaces:

Having an IP-based next hop is critical beacuse recursive lookups won’t match on routes that specify only an interface if that interface uses ARP… You can put fake seperate IP networks on each interface (chop up 192.168.255.0/30 subnets, and place one on each interface - and then make a static ARP entry for the “remote router” on each interface.)

3

Thanks ZeroByte, I will look into this!

As for the 6 interfaces, each interface is connected to a separate DSL modem, unfortunately that’s the only thing available for this site so I have to make do.