Page 1 of 1

LAN and internet in the same public range /27

Posted: Wed Dec 12, 2018 5:29 am
by benjaminkah
I am an amateur in the use of Mikrotik,
My provider made me a range of public IP address / 27 that comes with the internet, I wanted to give it also for my clients by the queues. i'm using mikrotik ccr1036-12g-4s.
I do not know how to proceed if some can make me a script that can facilitate me has granted these public addresses which is will be to the lan an wan interface

Re: LAN and internet in the same public range /27

Posted: Wed Dec 12, 2018 5:56 am
by mducharme
Hi,

The best thing to do would be to ask your provider to route the /27 through your router instead of to the WAN side of your router. They should be able to do that. You could even use a private /30 on the WAN side of your router to connect to the provider.

Re: LAN and internet in the same public range /27

Posted: Wed Dec 12, 2018 5:57 am
by benjaminkah
there isnt another way to use the same range to Lan and wan ?

Re: LAN and internet in the same public range /27

Posted: Wed Dec 12, 2018 7:06 am
by k6ccc
Why are you wanting to use the same IP range?

Re: LAN and internet in the same public range /27

Posted: Wed Dec 12, 2018 7:17 am
by benjaminkah
I have no choice, it's the only one that the supplier gave me

Re: LAN and internet in the same public range /27

Posted: Wed Dec 12, 2018 8:28 am
by Jotne
On WAN side (outside against your ISP) you do use public IP (your 27 rang)
On LAN side (where you clients are) you use private IP that uses NAT.
If you want some host inside to have public IP, you can do a 1:1 NAT from the 27 range to an internal IP.

Yo can setup your Mikrotik as a switch and use the 27 directly, but then you are very exposed.

Re: LAN and internet in the same public range /27

Posted: Tue Dec 18, 2018 12:52 pm
by benjaminkah
my provider gave me 2 ranges of IP address, the first is just for P2P 192.xx.xx.254 / 30 (private address) and the second 197.xx.xx.225/27 for public addresses . I configured the 192.xx.xx.254 / 30 on the wan interface as well as its 192.xx.xx.253 gateway in the route and the 197.xx.xx.225 / 27 I added it on the lan interface. The problem is that I can not get the internet but I can ping the p2p gateway 192.xx.xx.253 which is my provider without problem but I do not have internet; is there a nat or mangle that I need to add for this to work properly?
if anyone can make me a script that will facilitate my configuration to get the public IP address that i can give to my client and that a can manage the bandwidth

Re: LAN and internet in the same public range /27

Posted: Tue Dec 18, 2018 2:04 pm
by mkx
my provider gave me 2 rows of IP address, the first is just for P2P 192.xx.xx.2 / 30 .... I configured the 192.xx.xx.254 / 30 on the wan interface as well as its 192.xx.xx.253 gateway in the route
.
I'll assume you made a typo when writing addresses above. 192.x.x.2/30 covers host IP addresses 192.x.x.1 and 192.x.x.2 with network address 192.x.x.0 and broadcast address 192.x.x.3. If they assigned you 192.x.x.2, it probably means that their router has address 192.x.x.1.
.
... and the 197.xx.xx.225 / 27 I added it on the lan interface. The problem is that I can not get the internet but I can ping the p2p gateway 192.xx.xx.253 which is my provider without problem but I do not have internet; is there a nat or mangle that I need to add for this to work properly?
.
I guess your ISP is routing you the given WAN IP subnet via the private addresses. So you can either route those directly to clients ... or assign them to WAN interface and use NAT to facilitate them (even 1:1 if you wish).

Re: LAN and internet in the same public range /27

Posted: Tue Dec 18, 2018 5:03 pm
by benjaminkah
how can i did it?

Re: LAN and internet in the same public range /27

Posted: Wed Dec 19, 2018 2:45 pm
by tdw
Do clients connected to the LAN port using addresses 197.xx.xx.226 - 197.xx.xx.254 have internet access?

Assuming they do, the issue is that traffic from the Mikrotik itself will originate from 192.xx.xx.254, as that is assigned to the WAN port, not one of the public IP addresses. You should be able to use a NAT rule to fix this, along the lines of
add action=src-nat chain=srcnat out-interface=YOUR_WAN_INTERFACE src-address=192.xx.xx.254 to-addresses=197.xx.xx.225

Re: LAN and internet in the same public range /27

Posted: Thu Dec 20, 2018 12:33 pm
by m4t7e0
You can configure the p2p to mikrotik and set the pubblic ip to customer, you want the mikrotik on internet or not? it mean you must use one of this pubblic ip address.