Page 1 of 1

Mikrotik NAT rules

Posted: Fri Oct 28, 2011 6:51 am
by mistiq
Hi dear community!
On Router I have following routig rule:
/ip firewall mangle add chain=prerouting src-address-list=local dst-address-list=!local action=mark-routing new-routing-mark=route_to_proxy in-interface=!ether9
/ip route add dst-address=0.0.0.0/0 gateway=10.1.1.2 routing-mark=route_to_proxy
/ip firewall address-list add address=10.0.0.0/8 list=local
/ip firewall address-list add address=172.16.0.0/12 list=local   
/ip firewall address-list add address=192.168.0.0/16 list=local
It forward all local traffic which has not local destination to proxy (10.1.1.2) and deliver all local traffic locally.
Now i need to NAT all local traffic on specific port ether9 (this interface is a WAN interface for my proxy) of router to both side.

Simply i need to put all Incoming and Outgoing Internet traffic through a Proxy.

How i can do this?

Re: Mikrotik NAT rules

Posted: Mon Nov 07, 2011 6:40 am
by mistiq
In next scheme
Image

I get strange result of routing work.


When I send traceroute from routerB to 8.8.8.8:
[admin@M3] > tool traceroute 8.8.8.8
# ADDRESS RT1 RT2 RT3 STATUS
1 192.168.168.1 1ms 1ms 1ms
2 10.1.1.2 1ms 1ms 1ms
3 192.168.168.1 1ms 1ms 1ms

When I shutdown ether9 on RouterA:
[admin@M3] > tool traceroute 8.8.8.8
# ADDRESS RT1 RT2 RT3 STATUS
1 192.168.168.1 1ms 1ms 1ms
2 10.1.1.2 0ms 1ms 1ms
3 10.1.1.2 1ms 1ms 1ms host unreachable
4 10.1.1.2 1ms 1ms 1ms host unreachable
5 10.1.1.2 1ms 1ms 1ms host unreachable
6 10.1.1.2 1ms 1ms 1ms host unreachable
7 10.1.1.2 1ms 1ms 1ms host unreachable
<SKIPPED>

Look`s like a loop, but why?