Source NAT with VLAN question

RouterOS General
1

I don’t quite understand how Routerboard behaves regarding source nat (using masquerade), VLANs and a PPPoE connection. Let me explain.
My ISP sends me a couple VLANs over the WAN link (vlan 3 for voip and vlan 6 for other traffic). I’ve configured the router so that it has eth1 configured with a couple vlans (3 and 6), associated a pppoe client to vlan6 and a dhcp client to vlan3. The ISP also requires RIPv2 configured for network 10.0.0.0/8 for vlan3.
So, I want all voip traffic (everything heading via vlan3 interface) to have a source NAT with the IP address obtained from the dhcp client in interface vlan3, and the rest of the traffic, a source NAT with the IP address assigned via the pppoe interface (associated to vlan6)
My config is as follows:

/interface vlan
add interface=ether1-gateway name=vlan3 vlan-id=3
add interface=ether1-gateway name=vlan6 vlan-id=6
/interface pppoe-client
add add-default-route=yes allow=pap,chap disabled=no interface=vlan6 \
    max-mru=1492 max-mtu=1492 name=pppoe-out1 password=xxxxxx \
	use-peer-dns=yes user=xxxxxxxxxx
/ip address
add address=192.168.1.1/24 interface=ether2-master-local
add address=192.168.100.10/24 interface=ether1-gateway
/ip dhcp-client
add add-default-route=no disabled=no interface=vlan3 use-peer-ntp=no
/ip firewall nat
add action=masquerade chain=srcnat out-interface=pppoe-out1
add action=masquerade chain=srcnat out-interface=ether1-gateway
add action=masquerade chain=srcnat out-interface=vlan3
/routing rip interface
add interface=vlan3 passive=yes receive=v2
/routing rip network
add network=10.0.0.0/8

Configured in this way (after making several tests), either voip and other traffic works, but I don’t understand why do I need those three NAT rules (one for pppoe, one for ether1 and one for vlan3). I can tell that if I remove the nat for ether1, voip stops working (softphones do not get to register). I do not see any traffic hitting the vlan3 nat rule.
My questions, more than ‘how do I configure this the right way?’ are:

  • Why do I have to use pppoe-out1 interface for source nat?
  • Why do I have to use ether1 interface for voip nat to work? Am I missing something here?

I believe that my main problem is that I don’t understand the hierarchy of the physical-logical interfaces and where is that NAT being performed. Any help here is appreciated.

Regards.

2

Solved the issue. Logically the NAT has to be done in the interface that has the IP address (int vlan 3 in this case) as in any other routing device. So I started the configuration again from scratch and did it with a couple of NATs (one for int pppoe and another for int vlan 3). It is working now. I don’t know what I had before from preventing it working.
Sorry for my post, as reading it now again sounds to me like a dumb question.

Regards,
L.