Community discussions

MikroTik App
 
yhanyhanxp
just joined
Topic Author
Posts: 2
Joined: Wed Aug 02, 2017 3:26 pm

Connect two ip segments with 2 MT router

Wed Aug 02, 2017 4:27 pm

how can i connect two lan segments with two mikrotik routers?
You do not have the required permissions to view the files attached to this post.
 
User avatar
ZeroByte
Forum Guru
Forum Guru
Posts: 4051
Joined: Wed May 11, 2011 6:08 pm

Re: Connect two ip segments with 2 MT router

Wed Aug 02, 2017 4:44 pm

Great diagram!

To connect them directly, you'll need to pick some interface such as ether5 on each router and hook them together with an ethernet cable. Before you connect the two routers, go into each one and make sure that ether5 has master-port=none and is not configured as a port on any bridge in your configurations. (The quick way to check is to make sure that there's no S in the flags for ether5 in the Interfaces display)

Now you just need to create a "transit" network between the routers - let's say that the transit network will be 192.168.255.0/30
On R1 - add the IP address 192.168.255.1/30 to interface ether5
On R2 - add the IP address 192.168.255.2/30 to interface ether5

Now connect the cable, and you should be able to ping 192.168.255.2 from R1 and ping 192.168.255.1 from R2. This proves that the link cable is working.

Then go into your firewall NAT rules and make sure that packets going out ether5 will not get NAT translated.
Make sure that the filter rules on each router will allow the type of traffic you wish to permit when it goes across ether5
Then tell the routers to use the link to reach the other room's LAN by adding static routes in the IP routes menu.
on R1, the destination will be 192.168.2.0/24 and the gateway will be 192.168.255.2
on R2, the destination will be 192.168.1.0/24 and the gateway will be 192.168.255.1

Done!

Note: If the routers have static IP addresses on their WAN interfaces, then you don't really need to add this direct cable and transit network. You could just add the static routes like the last step above, but set GW = the wan IP of the opposite router. The routers will need to have exceptions in their NAT rules so packets w/ the opposite LAN as the destination will not get SRC-NAT translated.
(if your outbound NAT rule is simply set to do masquerade when out-interface=ether1, you can just modify this rule by adding the criteria dst-address=!192.168.2.0/24 on R1 (and !=192.168.1.0/24 on R2)
Your forward filter rules would need to permit the desired services based on src IP address and not interface name in this case.
When given a spoon,
you should not cling to your fork.
The soup will get cold.
 
User avatar
acruhl
Member
Member
Posts: 368
Joined: Fri Jul 03, 2015 7:22 pm

Re: Connect two ip segments with 2 MT router

Thu Aug 03, 2017 5:59 am

If you're not worried about MTU, you could make a GRE tunnel between the Mikrotiks and then follow the same advice as ZeroByte suggests but substitute the GRE tunnel for ether 5.

The side link is probably the best solution overall. Best bandwidth, least processing power.
Stuff.
 
yhanyhanxp
just joined
Topic Author
Posts: 2
Joined: Wed Aug 02, 2017 3:26 pm

Re: Connect two ip segments with 2 MT router

Mon Aug 07, 2017 3:48 am

thank you very much for the detailed guide. i will try to work on this and i will give you a feedback.
 
tkittich
just joined
Posts: 2
Joined: Sat Aug 26, 2017 4:04 pm

Re: Connect two ip segments with 2 MT router

Sat Sep 09, 2017 10:20 am

Hello,

My setup is similar to this topic, so I hope it's ok to ask here.

For me, the router in room 1 has static ip 192.168.1.2, and the router in room 2 has static ip 192.168.1.5. Also, there are many rooms. Each room has a router with a static ip 192.168.1.x and its own subnet 192.168.x.1/24. And there're many PCs in the 192.168.1.0 subnet.

I assume that RIP or other dynamic routing can be used to add routes for the routers. However, how should I deal with the PCs in the 192.168.1.0 subnet. They wont be able to talk to any other networks.
 
eliasbats
just joined
Posts: 10
Joined: Thu May 11, 2017 6:22 pm

Re: Connect two ip segments with 2 MT router

Sat Sep 09, 2017 3:09 pm

I assume that RIP or other dynamic routing can be used to add routes for the routers.

If you don't wish to use dynamic routing protocols you don't have to. Simply create the necessary static routes.
However, how should I deal with the PCs in the 192.168.1.0 subnet. They wont be able to talk to any other networks.
If we assume that the 192.168.1.0/24 PCs have .1 as their default gateway, that is the router (.1) which you have to configure your static routes to the other networks. Simple as that.
 
tkittich
just joined
Posts: 2
Joined: Sat Aug 26, 2017 4:04 pm

Re: Connect two ip segments with 2 MT router

Sat Sep 09, 2017 4:18 pm

However, how should I deal with the PCs in the 192.168.1.0 subnet. They wont be able to talk to any other networks.
If we assume that the 192.168.1.0/24 PCs have .1 as their default gateway, that is the router (.1) which you have to configure your static routes to the other networks. Simple as that.
I've tried setting the PCs in 192.168.1.0/24 to use 192.168.1.1 as the default gateway. That didn't work. When a PC from another network, say 192.168.5.10, make a connection to a PC 192.168.1.10, the request would be ok. However, the response from 192.168.1.10 to 192.168.5.10 would become invalid forward state and get dropped. I assume this is because the packets take different routes. The request route: 192.168.5.10 -> 192.168.5.1 -> 192.168.1.5 -> 192.168.1.10. But the response route: 192.168.1.10 -> 192.168.1.1 == invalid.

Who is online

Users browsing this forum: Baidu [Spider], gocenik and 58 guests