Page 1 of 1

How to route between networks without using NAT

Posted: Sat Sep 28, 2013 7:43 am
by dotson83
Hello,

I have a simple question that I just can not figure out or find an answer to.

I have routeros version 6.3 on virtual box with only 2 interfaces.

The router is configured as follows:

ether1 is 192.168.1.1/24 and has a dhcp server running on it

ether2 has a dhcp client on it and is issued an ip address by my home router. Currently the ip address is 192.168.0.26. It is using a /24 subnet.

If I use scrnat on ether2 I can ping all devices on my home network from a computer on ether1.

The problem is I don't want to use NAT. Every time I disable NAT though I can no longer ping anything on my home network from the OS on ether1. I assumed the router should be able to route between networks just like it routes between ether1 and ether2. Why is it not working? Do I HAVE to use NAT?

My firewall is wide open btw. Nothing is being dropped.

Thanks for the help on this.

Re: How to route between networks without using NAT

Posted: Mon Sep 30, 2013 10:16 am
by deejayq
maybe it's a problem with the host network (the virtualization software).
maybe you should let the computers in your home network know that they can reach 192.168.1.0/24 via the host machine.

Re: How to route between networks without using NAT

Posted: Mon Sep 30, 2013 11:11 am
by friction
When you use NAT to connect to a host in the same network as the 192.168.0.26 interface, your connection appears to be originating from 192.168.0.26, so devices know how to reach your mikrotik. (because they are in the same network)

If you turn NAT off, and you are trying to reach 192.168.0.10 for example, your mikrotik will rout the packets from ether1 towards ether2. However, the host 192.168.0.10 does not know the 192.168.1.1/24 network, so it will reply sending the message towards his default gateway (home router?)... If the default gateway does not know the network 192.168.1.1/24, it will be sent out again towards his default gateway, if any, ... this process repeats until the TTL is 0 or a router actively droppes 192.168.1.1 because there is no route towards it (not even a default one) or because it is filtered...

Long story short:

The two networks should now about each other, so you will need to add a route for 192.168.1.1/24 on your home router towards the virtual mikrotik, this way they can communicate.
Most generic routers support static routes and also a routing protocol called RIP, which allows automatic exchange of routes. Can be handy in the future.
Mikrotik supports all important open routing protocols...

If you have any more questions... we're here to help.

Re: How to route between networks without using NAT

Posted: Tue Oct 01, 2013 1:08 am
by dotson83
friction,

You are dead on the money! Thanks!

I added a static route from my home router to the virtual one like you said and it works great now.

I haven't messed with RIP yet but from what you said if I just enabled it on both routers they would auto discover each other? I guess this would mean I wouldn't need the static routes right?

I would just try it and see for myself but I don;t have time right now.

Thanks again for the help!

Re: How to route between networks without using NAT

Posted: Tue Oct 01, 2013 1:16 am
by dotson83
friction,

You are dead on the money! Thanks!

I added a static route from my home router to the virtual one like you said and it works great now.

I haven't messed with RIP yet but from what you said if I just enabled it on both routers they would auto discover each other? I guess this would mean I wouldn't need the static routes right?

I would just try it and see for myself but I don;t have time right now.

Thanks again for the help!

Re: How to route between networks without using NAT

Posted: Tue Oct 01, 2013 11:54 am
by friction
Your assumptions are correct :)
They should autodiscover, as RIP uses broadcast by default, so no need to define each other as 'neighbors'.
You only need to add the networks you want to route for on both routers.

On the mikrotik you will need to add your default LAN network (192.168.0.0) and your other network (192.168.1.0)
On the other router you only need to add the 192.168.0.0 and they should start to exchange routing information automatically. Updates should occur every 30s or so.

This makes it easy to add new networks later on =)...

Good luck!