Static Public IP

RouterOS General
1

Hi everyone,

I have a CCR1016-12S-1S+ at my fibre pop. I receive a public /25 IP block from my provider.

For example, my config is:

Interface: SFP4 (Backbone to my provider)
192.168.1.2/25

IP Route:
0.0.0.0/0
192.168.1.1

My internet is working and I can access the CCR publicly on 192.168.1.2. I have 53 PPPoE clients connected and they are happy :slight_smile:

Now I would like to give one of my clients (Directly connected to SFP12) a static public IP. I have added 192.168.1.5/30 on SFP12, gave the customer 192.168.1.6 to use, subnet 255.255.255.252 and gateway 192.168.1.5.

I am unable to even ping 192.168.1.5 (SFP12) remotely - never mind 192.168.1.6. If I create a bridge and add SFP4 and SFP12 in that bridge then I can ping 192.168.1.5 but never without the bridge.

What am I missing? According to some forums I have to create src-nat but isn’t that for when the client is using a local IP then src-nat it to use a public IP? I would like to give the client a direct public IP out of my /25 block.

My mind is broken right now :frowning:

2

Your providers gateway will use ARP to resolve the MAC for all IPs in the /25 block other than itself. As you have created a /30 subnet which overlaps with the /25 on a physically separate ethernet network this will fail.

Either proxy-arp, or bridge your WAN and customer connection giving them one address with a /25 subnet so you are not wasting public IPs. For the latter you can either use bridge filters, or set /interface bridge settings set use-ip-firewall=yes and use IP firewall filters / queues as necessary.

3

Hi tdw,

Thank you for your response. That makes sense.

Let me give that a go :slight_smile: