I preface this with saying I am an electrical / software engineer who knows some networking but not a huge amount of experience with configuring routers, especially more complex routing rules.
We have some industrial products that are composed of a number of devices each with their own static IP. In general these machines are never connected to any external networks, except occasionally a technicians laptop for debugging purposes.
To make software project management easier for technicians usually each device within the product will have the same address. For any of these identical assemblies you can expect to be able to plug in and connect to a certain device at a certain address. This also allows exactly the same software to be loaded onto any instance of a machine without needing to update the addresses for every device.
We have had some situations where for factory testing purposes we would like to be able to connect multiple of these systems to one test bench for logging and control purposes.
A colleague mentioned that this should be achievable with some of the Mikrotik devices so I purchased a cheapskate E60iUGS to have a play with and learn.
My aim is to setup the following functionality
Each machine is plugged into any of the ports (1-4)
No DHCP on these networks
These networks cannot access outwards to any other machine networks or the logging network
Logging PC is connected to one port of the router (Port 5)
DHCP is setup to assign addresses in the range 10.0.0.100-10.0.0.254
Requests for 10.0.x.y will be routed/translated to the Port X network as 192.168.0.y
I.e. If I have a PC connected to the logging network it will be then able to connect to an address like 192.168.2.51 which would then be directed through to the second test stand and translated to an address like 192.168.0.51
I have been working through the help as best I can along with the following forum posts.
And the below is what I have come up with so far, but I don’t seem to be able to get any traffic to work from the logging PC to a device on one of the machine networks. Is anybody able to offer me some pointers to where I might be going wrong. I am green enough with RouterOS that some pointers on how this could be debugged would be much appreciated as well.
For what its worth I managed to find my issue with the help of our AI overlord which is pretty scary in itself. There were two key issues in my script, one a typo, and two missing the NAT masquerade rules for return traffic.
There's another quality of life improvement that can be easily achieved. I would think that it's common for your operators to want to connect to an outside network (maybe over WiFi) and the network provided by your router at the same time. This obviously leads to issues, because the default route of that PC is captured by either of the two connections. This can be helped by not providing a default route from your router, but only providing specific routes to the destinations it actually wants to capture traffic to using the classless route (121) DHCP option. It goes something like this: