I’m newbie to router OS, for now connected two routers each other using LAN cable and sitting at different rooms. Here is my setup,
AX3 receives internet from ISP1 through VLAN 1501 using either PPPOE or Static public IP. Basically i can use either PPPOE(dynamic IP) or Static IP in AX3. RB5009 gets internet from ISP2 using PPPOE which is CGNAT. These two are kept in different rooms connected to each other using LAN cable from ETH1(AX3) to ETH2(RB5009).
Now i want ISP1 to be configured in both AX3 and RB5009. i.e., Continue to use PPPOE from ISP1 in AX3 and Static IP configuration in RB5009. Also continue to use ISP2 in RB5009 for fallback.
Please suggest how i can approach this? Unfortunately i cannot change positions of the hardware used here.
Yes, i can make two WAN connections in ISP1 but through single physical interface. ISP1 router is bridged to ETH4 in AX3 and VLAN1501 interface created under ETH4. PPPoE dialed through VLAN1501 and static IP also configured over VLAN1501 interface.
In ISP1 router also i can dial PPPoE and in that case, only static IP will work in AX3 and PPPoE will not work. So basically its like two WAN connections one PPPoE and one Static IP at any point of time.
What i wanted is, to dial PPPoE from AX3 and use static IP from RB5009.
Very weird, so from one ISP, and one cable from ISP modem ( in bridge mode ), you get two public IP addresses.
One static and one PPPOE dial dynamic.
They both come in on vlan1501.
Do they have the same gateway? etc..
So if you were to run both on the AX3, how would you do it.
FOR STATIC>>
/IP dhcp client
interface=vlan1501
FOR DYNAMIC>>
/ppoe client
interface=vlan1501 name=pppoe-out1
Yes same gateway, though i configure different gateway for static IP, traceroute shows it is going to the same gateway.
ip address> add address=x.x.x.x/24 interface=vlan1501
Yes
As of now, most of the time, i disable PPPoE in AX3 and use PPPoE from ISP router and connect some of devices(TV, other stuff) to ISP’s router’s wifi. Now i want to eliminate ISP router and enable PPPoE in AX3 and Static IP in RB5009.
create a bridge (if not created yet), put both ether4 and ether1 to that bridge, and set vlan-filtering on that bridge to yes
permit only tagged vlan 1501 on ether4 and make it a forced edge port (or set protocol-mode of the bridge to none)
permit tagged vlan 1501 and tagless vlan 1 on ether 1,
move 10.0.0.2/30 from ether1 to the bridge,
attach vlan 1501 interface to that bridge,
attach the pppoe interface to the vlan1501@bridge interface
on 5009:
attach vlan 1501 interface to ether2
attach the static public IP to the vlan 1501@ether2 interface
Unfortunately, the switch chip in ax3 seems to be unable to do vlan filtering on its own, so the WAN traffic to 5009 will be forwarded using the ax3’s CPU.
One could always terminate both on the Ax3 and then send a single LAN only to the 5009 and that becomes WAN for the 5009 with a fixed private IP.
The desired WAN is only used by that LAN.
Advantages Disadvantages?
This means double NAT? The reason i want public IP at 5009 is that i’ve a server running which exposes some services that need to be accessed outside home through internet. Earlier my ISP2 was giving public IP, so i was managing with that and now they moved to CGNAT.
Regardless, whether the cgnat lands on the ax3 or the RB5009 you cannot use it for port forwarding, its not a public IP that is reachable.
The only thing you can do is port forward on the WAN1 which is public on the Ax3, from there you can point to the RB5009 and an available server…
You could do a “forth and back” NAT, i.e. the ax3 would dst-nat anything that would arrrive to the public address p.p.p.p to some private address x.x.x.x, and the 5009 would dst-nat whatever comes to x.x.x.x back to p.p.p.p, but this only makes sense for services provided directly by the 5009 itself. For services provided by something else than the 5009 itself there is no point in doing this, the ax3 can dst-nat directly to the private addresses of the actual servers.
But one way (bridging&vlan) or the other (routing&nat), this transit traffic will be loading the CPU of the ax3. If that causes an issue, you may want to consider using a VLAN-aware switch to offload that traffic from the ax3. What is the bandwidth on the optical uplink?
i’ve tried it, but its not working as the way i want. VLAN 1501 is working either 5009 or AX3 , not both at same time.
First if i create vlan1501 in newbridge(eth4 and eth1) in ax3, static ip or pppoe scan is not working. To make it work, i have to move vlan1501 to eth4 directly. If i do this, then pppoe scan in 5009 at vlan1501 will not succeed. But if i disable vlan1501 in AX3, then pppoe scan in 5009 will work.
So looks like either in Ax3 or 5009, not in both at the same time.
200Mbps
EDIT: Working as Expected Thank you @sindy for your help, your first post helped. Thanks to @anav as well !
Thank you