I writing same question again, but on the another section on this forum because nobody help me there with some example, or to point me to some link or tutorial.

I create a pppoe server on mikrotik 3.14 without linux radius server, but problem is that i can't route block of public ip addresses.
I create pool with public addresses, connections gets ip address, but there is no internet!
Only when i masquerade uplink (WAN) interface it works, but only through ip address that i assign to WAN interface, other addresses from the block cannot be seen on the internet.
My ISP modem is mikrotik that works in wireless station mode, he only have one static route and one dynamic route that ISP configure.

That is my problem, i don't know how to route public ip addresses to my server
Maybe this is begginer question, and maybe it's answered hundred times, but this is a forum right? so we are here to help each other or i'm wrong? .

Thanks

so you have a /24 public ip
lets say 266.266.266.0/24
your gateway has 266.266.266.1/24 IP address

the question is.. does your ISP know that to serve an ip 266.266.266.50 has to go to 266.266.266.1?
otherwise ur ISP knows only what is directly connected to him, but nothing about what is behind ur gateway. That's why masquerading everything works.

so you have a /24 public ip
lets say 266.266.266.0/24
your gateway has 266.266.266.1/24 IP address

the question is.. does your ISP know that to serve an ip 266.266.266.50 has to go to 266.266.266.1?
otherwise ur ISP knows only what is directly connected to him, but nothing about what is behind ur gateway. That's why masquerading everything works.

Thanks for the answer, so what is solution, i don't understand what you want to say?

I added one ip address from the block of addresses to the lan card on the ISP modem (mikrotik) ,and another to the server, some routes and rules too:

266.266.266.x subnet is example

MODEM:

ip address add address=266.266.266.1/27 interface=ether1
ip route add dst-address=266.266.266.3/27 gateway=266.266.266.2

SERVER:

-ip address add address=266.266.266.2/27 interface=WAN
-ip route add gateway=266.266.266.1 table=MYISP
-ip firewall mangle add chain=prerouting src-address=266.266.266.2/27 action=mark routing new-routing-mark="MYISP" disabled=no
-ip route rule add src-address=266.266.266.3/27 action=lookup rou
ting-mark=MYISP table=MYISP disabled=no
ip route rule add src-address=266.266.266.2 action=lookup rou
ting-mark=MYISP table=MYISP disabled=no

Did i need to set some DNS settings on the server? did i need to allow remote address=yes

What i do wrong?

I added one ip address from the block of addresses to the lan card on the ISP modem (mikrotik) ,and another to the server, some routes and rules too:

266.266.266.x subnet is example

MODEM:

ip address add address=266.266.266.1/27 interface=ether1
ip route add dst-address=266.266.266.3/27 gateway=266.266.266.2

SERVER:

-ip address add address=266.266.266.2/27 interface=WAN
-ip route add gateway=266.266.266.1 table=MYISP
-ip firewall mangle add chain=prerouting src-address=266.266.266.2/27 action=mark routing new-routing-mark="MYISP" disabled=no
-ip route rule add src-address=266.266.266.3/27 action=lookup rou
ting-mark=MYISP table=MYISP disabled=no
ip route rule add src-address=266.266.266.2 action=lookup rou
ting-mark=MYISP table=MYISP disabled=no

Did i need to set some DNS settings on the server? did i need to allow remote address=yes

What i do wrong?

Please post full config because when looking at this i don't see the modem has a default gw at all.

Regards

/Henrik

I added one ip address from the block of addresses to the lan card on the ISP modem (mikrotik) ,and another to the server, some routes and rules too:

266.266.266.x subnet is example

MODEM:

ip address add address=266.266.266.1/27 interface=ether1
ip route add dst-address=266.266.266.3/27 gateway=266.266.266.2

SERVER:

-ip address add address=266.266.266.2/27 interface=WAN
-ip route add gateway=266.266.266.1 table=MYISP
-ip firewall mangle add chain=prerouting src-address=266.266.266.2/27 action=mark routing new-routing-mark="MYISP" disabled=no
-ip route rule add src-address=266.266.266.3/27 action=lookup rou
ting-mark=MYISP table=MYISP disabled=no
ip route rule add src-address=266.266.266.2 action=lookup rou
ting-mark=MYISP table=MYISP disabled=no

Did i need to set some DNS settings on the server? did i need to allow remote address=yes

What i do wrong?

Please post full config because when looking at this i don't see the modem has a default gw at all.

Regards

/Henrik

Modem have a default gateway, that my ISP has assign.

please post all config anyway

If you don't have BGP peering with your provider you will almost always use masqurade on the last hop to the internet.

the block of public IPs, how did your ISP assign it to you? I know InternetSolutions south africa gives you a /29 range, with the first usableIP being their router at your place, and the next 5 for your use. But there is no way you can reditibute them into your network. Their routers don't even have BGP(or any routing protocol for that matter), making most of that Ips pretty unusebleon a routed network.