Subnet on interface

RouterOS General
1

Hey,

not sure if I set subject correctly , so please don’t judge immediately.

I got one interface (lets say it is going to be ether12) which has /28 block assigned to me. In cisco it looks similar to this:

interface Ethernet0
duplex full
nameif outside
security-level 0
ip address 94.146.42.241 255.255.255.240 standby 94.146.42.242
ospf cost 10

As you can see interface Ethernet0 is listening from 94.146.42.241 to 94.146.42.254.

I want the same thing in my mikrotik router, but problem is that I can’t assign whole subnet on interface. I mean I can, but I can only access 1 ip. It works if I add all ips one by one, but I’m sure there must be a faster or better way to manage this. If not , then please let me know.

Thank you for you help

2

I don’t think there is a way. You could script it if you had a whole bunch to add.

3

You could set 94.146.42.241/28 as IP address and add a dst-nat rule on that interface so that 94.146.42.240/28 is D-NATed to 94.146.42.241. Connection tracking should take care of the reverse NAT.
My only doubts are about if this will cope with ARP for the other IPs.

4

We are using a subnet on the WAN interface since a time ago without any problem. We asked our ISP if they required separate MAC’s for each ip-address and he said that not in general. The only problem we had was that the our ISP used a 120 minute ARP timeout but that is a completly different story…

5

Can you please give me an example rule you mentioned ? Thanks

6

I think about something like this:

/ip address
add address=94.146.42.241/28 interface=ether1 network=94.146.42.240

/ip firewall nat
add action=dst-nat chain=dstnat dst-address=94.146.42.240/28 in-interface=ether1 to-addresses=94.146.42.241

This would redirect all requests form the 94.146.42.240/28 subnet to the actual interface IP (94.146.42.241).

7

You reallyt need that? the routerboard must reply on all 6 IP???
Or the board must use one ip and the other 5 are assigned to other machines inside your network?

8

Doesn’t work, nothing changed. For example I got .243 somewhere in that network and if I try to connect to any of the hosts except .241 - I get timeout.

Router must reply to everyone from .241 to .254

9

You can add all 6 addresses on the router’s public interface and then use NAT to redirect to local devices.

10

Sorry, but this is not what I’m trying to achieve, everything is explained in first post.

11

The probable cause for it not working is the lack of ARP replies for those non-existing IPs.
It was just an idea.
Unless there is a way to make the router respond to an ARP requests for a complete subnet…

12

Just looking at your original post.
"ip address 94.146.42.241 255.255.255.240 standby 94.146.42.242
ospf cost 10

As you can see interface Ethernet0 is listening from 94.146.42.241 to 94.146.42.254"
The Cisco is not responding to all the addresses from 241 -254 it is only responding to 2 of them 241 and 242 because of your IP adress and standby address. The only way it will respond to more is if you put nat from the public ip to an internal ip. As far as I can see Mikrotik is working just the same as that. You can put each ip on as you say which is not to bad as it is only 14 hosts. Or you could configure dst nat.