Community discussions

MikroTik App
 
counterdavid
just joined
Topic Author
Posts: 1
Joined: Thu Apr 12, 2018 10:58 pm

2 WANs divided between clients over 1 LAN

Thu Apr 12, 2018 11:38 pm

I have a LAN with ip 192.168.88.0/24, and what i want is determine which link each IP on the LAN will use, example: 192.168.88.3 will use the Link 1, while 192.168.88.5 will use Link 2.

I have a RB951Ui-2HnD
Ether1: Link 1 (PPPoE)
Ether2: Link 2 (client DHCP)
Ether3: LAN (192.168.88.0/24)

Can someone help me how to set it up? I'm already using the routerboard with one link working.
 
User avatar
CZFan
Forum Guru
Forum Guru
Posts: 1876
Joined: Sun Oct 09, 2016 8:25 pm
Location: South Africa, Randburg
Contact:

Re: 2 WANs divided between clients over 1 LAN

Fri Apr 13, 2018 5:46 pm

Quick, off my head, you can:

create address list for each client listing their IP's
Use mangle to mark connection/packet and mark them client1 and client2 based on their address list
use policy routing to specify which route client1 must use and same for client2
MTCNA, MTCTCE, MTCRE & MTCINE
 
User avatar
CZFan
Forum Guru
Forum Guru
Posts: 1876
Joined: Sun Oct 09, 2016 8:25 pm
Location: South Africa, Randburg
Contact:

Re: 2 WANs divided between clients over 1 LAN

Fri Apr 13, 2018 6:30 pm

Quick, off my head, you can:

create address list for each client listing their IP's
Use mangle to mark connection/packet and mark them client1 and client2 based on their address list
use policy routing to specify which route client1 must use and same for client2
Edit: To add to above, I would rather create 2 VLAN's and separate the clients in order one not accessing the other or infect the other with virus, etc.
With the separate subnets / VLAN's you cans till route them separately, and will not need mangle for this
MTCNA, MTCTCE, MTCRE & MTCINE
 
anavds
newbie
Posts: 38
Joined: Wed Apr 04, 2018 2:47 pm

Re: 2 WANs divided between clients over 1 LAN

Thu Apr 26, 2018 8:58 pm

I liked your first idea better LOL.
VLANS? How the heck would you assign them to each VLAN.
For example lets say we have users now
192.168.0.2 - .20.
and .2, .5, .8-.12, .16-.19 should go to WAN1 and the rest to WAN2.

Have fun doing that via VLAN.
However, an easy doable case for mangle and address lists!!

The VLAN option sounds required if, for some reason, the OP wants to block the two different groups from seeing each other.
If its somehow magically possible to do this via VLANS, why not use this magic method to simply create two bridges and assign users to the bridges.
In both cases the users would be blocked from each other (by VLAN or Bridge at layer2 ) and would still require FW rule to drop traffic between them (at the router - layer3)

Who is online

Users browsing this forum: Bing [Bot], Google [Bot], romanz0criminal3 and 60 guests