Community discussions

MikroTik App
 
dannosky123
just joined
Topic Author
Posts: 5
Joined: Tue Oct 30, 2018 5:36 pm
Location: Iowa

Managing /29 network

Wed May 05, 2021 10:59 pm

Sorry for the n00b question...

I have a MikroTik RB4011iGS+ running 6.45.9. My ISP gave me a /29 network, which connects to ether1. I've added that /29 subnet to the ether1 interface but I want one IP address out of this subnet to route to another interface on my router (ether6). Basically, I want the one public IP address from the /29 to pass through ether6 so I can put that public IP address directly on my external device. Any help would greatly be appreciated!
 
User avatar
Hominidae
Member
Member
Posts: 309
Joined: Thu Oct 19, 2017 12:50 am

Re: Managing /29 network

Wed May 05, 2021 11:34 pm

...I'd put both interfaces in the same VLAN.
Create a new, dedicated VLAN for that purpose.
Then, add both ports as access ports, untagged (PVID = VLAN-ID) in it.
See: viewtopic.php?f=23&t=143620
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Managing /29 network

Thu May 06, 2021 1:58 am

Sorry for the n00b question...

I have a MikroTik RB4011iGS+ running 6.45.9. My ISP gave me a /29 network, which connects to ether1. I've added that /29 subnet to the ether1 interface but I want one IP address out of this subnet to route to another interface on my router (ether6). Basically, I want the one public IP address from the /29 to pass through ether6 so I can put that public IP address directly on my external device. Any help would greatly be appreciated!

external device are directly connected to ether6?

For ex. if you have 192.0.0.0/29 subnet with
192.0.0.1/29 isp gateway
192.0.0.2/29 ether1 IP

create new bridge
put ether1 & 6 on same new bridge,
move /29 ip from ether1 to new bridge
set external device with another IP (192.0.0.3/29) and same gateway (192.0.0.1) of routerboard
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11381
Joined: Thu Mar 03, 2016 10:23 pm

Re: Managing /29 network

Thu May 06, 2021 10:16 am

Regardless the way you're going to solve the problem (sollutions by @Hominidae and by @rextended) you should take care to have firewall up&running. If you're not entirely sure that device's own firewall is OK you can use firewall on RB. But you'll have to enable use-ip-firewall=yes on relevant bridge. Beware that this setting is for all bridges configured on device and will likely affect the overall performance. Which means you should use device only as router, not as LAN switch.

There's the third possibility: configure private address on the server and enable dst-nat with action=netmap ... this will dedicate one of public addresses to that particular server but will make enforcement of firewall filtering on traffic to that server much easier. Depending on how your ISP passes traffic to you (does your router have additional WAN IP address and the said /29 subnet is simply routed via the additional IP address or is it just the subnet and you're using one of those addresses as router's own WAN IP address) you may have to configure the "forwarded" IP address as additional IP address on the router's WAN interface ... and make sure that general src-nat rule uses the general WAN IP address.
 
User avatar
k6ccc
Forum Guru
Forum Guru
Posts: 1490
Joined: Fri May 13, 2016 12:01 am
Location: Glendora, CA, USA (near Los Angeles)
Contact:

Re: Managing /29 network

Thu May 06, 2021 6:04 pm

I have a MikroTik RB4011iGS+ running 6.45.9.

Note that 6.45.9 is quite elderly. Is there a reason that you are running such an old version of RouterOS?
 
dannosky123
just joined
Topic Author
Posts: 5
Joined: Tue Oct 30, 2018 5:36 pm
Location: Iowa

Re: Managing /29 network

Thu May 06, 2021 11:04 pm

@k6ccc, thank you for pointing out the older version of firmware. As of now, the router is just sitting on my desk so I haven't upgraded it, but will!

@rextended, your suggestion makes sense to me. I'll give that option a try. And @mkx, I will definitely make sure the firewall is set up. Thank you all for your help!!!
 
eliasbats
just joined
Posts: 12
Joined: Thu May 11, 2017 6:22 pm

Re: Managing /29 network

Thu May 13, 2021 3:28 pm

I have a MikroTik RB4011iGS+ running 6.45.9.

Note that 6.45.9 is quite elderly. Is there a reason that you are running such an old version of RouterOS?
Your concern is that the router will be public facing, correct?
 
User avatar
k6ccc
Forum Guru
Forum Guru
Posts: 1490
Joined: Fri May 13, 2016 12:01 am
Location: Glendora, CA, USA (near Los Angeles)
Contact:

Re: Managing /29 network

Thu May 13, 2021 4:34 pm

I have a MikroTik RB4011iGS+ running 6.45.9.

Note that 6.45.9 is quite elderly. Is there a reason that you are running such an old version of RouterOS?
Your concern is that the router will be public facing, correct?
No - in general.
 
danamodan
just joined
Posts: 2
Joined: Mon May 17, 2021 7:51 pm

Re: Managing /29 network

Sun May 23, 2021 8:10 pm

Sorry for the n00b question...

I have a MikroTik RB4011iGS+ running 6.45.9. My ISP gave me a /29 network, which connects to ether1. I've added that /29 subnet to the ether1 interface but I want one IP address out of this subnet to route to another interface on my router (ether6). Basically, I want the one public IP address from the /29 to pass through ether6 so I can put that public IP address directly on my external device. Any help would greatly be appreciated!

external device are directly connected to ether6?

For ex. if you have 192.0.0.0/29 subnet with
192.0.0.1/29 isp gateway
192.0.0.2/29 ether1 IP

create new bridge
put ether1 & 6 on same new bridge,
move /29 ip from ether1 to new bridge
set external device with another IP (192.0.0.3/29) and same gateway (192.0.0.1) of routerboard

Hi

For your information, please I’m new to RouterOS. Our ISP provided /30 subnet public IP address for us but after we made a request for more public IP addresses for the use of our servers, we were provided with /29 subnet. We have One MikroTik edge router and three MikroTik client routers. Each of these routers is in a different building, on different local networks but all are on the same premises. All the users are working fine regardless of their locations on the premises and all the users are able to reach the outside world.

There is a requirement for two of the client routers to have at least two servers with public IP address. My problem is how to configure these servers connected to the different client routers with the different public IP addresses from the /29.

Thank you for your anticipated assistance.

Who is online

Users browsing this forum: unhuzpt and 26 guests