Community discussions

MikroTik App
 
rporend
just joined
Topic Author
Posts: 2
Joined: Fri Feb 12, 2021 2:52 am

How do I interconnect 3 DHCP Server

Sat Feb 13, 2021 9:39 am

I need to configure my router to connect to interconnect to other network but within the same router.

My configuration:
Ether1-WAN1 = pppoe client,
Ether2-WAN2 = DHCP Client,
Ether3-WAN3 = DHCP Client,
Brigde-192(Ether4, Ether5, Ether6) DHCP Server = 192.168.1.2 - 192.168.1.253
Ether7 = DHCP Server = 193.163.7.2 - 193.163.7.102
Bridge-182(Ether8, Ether9, Ether10) DHCP Server = 182.168.1.2 - 182.168.1.523

Bridge-192 and Ether7 is using Ether1-WAN1 for internet access and
Bridge-182 is using Ether2-WAN2 for internet. Ether3-WAN3 is reserved backup internet connection

My concern is how could I do cross network connection. Meaning I need to access some devices on network
192.168.1.XXX while I'm at 182.168.1.XXX and Vise Versa and same with 193.163.7.XXX.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 6190
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: How do I interconnect 3 DHCP Server

Tue Feb 16, 2021 4:33 pm

Very messy explanation
I get three WANs, but the rest is gobblity gook.
Please draw and label a network diagram it will help greatly.
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
MTUNA Certified, by the Ascerbic Llama!
 
User avatar
SpartanX
newbie
Posts: 32
Joined: Mon Jun 27, 2016 6:13 pm

Re: How do I interconnect 3 DHCP Server

Wed Feb 17, 2021 4:25 am

If you are asking what I think: That's what routers do; connect different networks together. Provided the hosts on each network use the router's IP address on their respective networks as their default route, and you do not prevent the routing in your firewall, the router will route between the connected networks.

I'm not sure about your IP addresses though... you do realise all but the 192.168.1.0 network are public ranges, don't you?
CCNA; 3CEWE; HE IPv6 Sage
 
rporend
just joined
Topic Author
Posts: 2
Joined: Fri Feb 12, 2021 2:52 am

Re: How do I interconnect 3 DHCP Server

Tue Feb 23, 2021 9:23 am

Hi,
This is the current configuration of my router:

# feb/23/2021 15:05:00 by RouterOS 6.45.9
# software id = PUWT-4LAG
#
# model = RB4011iGS+5HacQ2HnD
# serial number = D43E0C3FA898
/interface bridge
add name=bridge1-192
add name=bridge2-182
/interface wireless
set [ find default-name=wlan1 ] disabled=no mode=ap-bridge name=wlan1-LAN192 \
ssid=IT-5G wireless-protocol=802.11
set [ find default-name=wlan2 ] ssid=MikroTik
/interface ethernet
set [ find default-name=ether1 ] name=ether1-WAN1
set [ find default-name=ether2 ] name=ether2-WAN2
set [ find default-name=ether3 ] name=ether3-WAN3
set [ find default-name=ether5 ] name=ether5-LAN-192
set [ find default-name=ether6 ] name=ether6-LAN-192
set [ find default-name=ether7 ] name=ether7-LAN-192
set [ find default-name=ether8 ] name=ether8-LAN-193
set [ find default-name=ether9 ] name=ether9-LAN-182
set [ find default-name=ether10 ] name=ether10-LAN-FOC-182
/interface pppoe-client
add add-default-route=yes allow=pap,chap dial-on-demand=yes disabled=no \
interface=ether1-WAN1 name=pppoe-out1-PLDT200 password=267980022 \
use-peer-dns=yes user=SEPIR02-042016
/interface ethernet switch port
set 0 default-vlan-id=0
set 1 default-vlan-id=0
set 2 default-vlan-id=0
set 3 default-vlan-id=0
set 4 default-vlan-id=0
set 5 default-vlan-id=0
set 6 default-vlan-id=0
set 7 default-vlan-id=0
set 8 default-vlan-id=0
set 9 default-vlan-id=0
set 10 default-vlan-id=0
set 11 default-vlan-id=0
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk mode=dynamic-keys \
supplicant-identity=MikroTik wpa-pre-shared-key=newitteam2021 \
wpa2-pre-shared-key=newitteam2021
/ip pool
add name=dhcp ranges=192.168.1.101-192.168.1.254
add name=dhcp_pool2 ranges=182.168.1.101-182.168.1.254
add name=dhcp_pool3 ranges=193.163.7.101-193.163.7.254
add name=dhcp_pool4 ranges=10.10.10.2-10.10.10.10
add name=dhcp_pool5 ranges=192.168.1.2-192.168.1.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge1-192 name=dhcp1
add address-pool=dhcp_pool2 disabled=no interface=bridge2-182 name=dhcp2
add address-pool=dhcp_pool3 disabled=no interface=ether8-LAN-193 name=dhcp3
add address-pool=dhcp_pool4 disabled=no interface=ether4 name=dhcp4
/interface bridge port
add bridge=bridge1-192 interface=ether5-LAN-192
add bridge=bridge1-192 interface=ether6-LAN-192
add bridge=bridge1-192 interface=ether7-LAN-192
add bridge=bridge2-182 interface=ether9-LAN-182
add bridge=bridge2-182 interface=ether10-LAN-FOC-182
add bridge=bridge2-182 interface=wlan1-LAN192
/interface list member
add interface=pppoe-out1-PLDT200 list=WAN
add interface=bridge1-192 list=LAN
/ip address
add address=192.168.1.1/24 interface=bridge1-192 network=192.168.1.0
add address=193.163.7.1/24 interface=ether8-LAN-193 network=193.163.7.0
add address=182.168.1.1/24 interface=bridge2-182 network=182.168.1.0
add address=10.10.10.1/24 interface=ether4 network=10.10.10.0
/ip dhcp-client
add dhcp-options=hostname,clientid disabled=no interface=ether2-WAN2
/ip dhcp-server lease
add address=193.163.7.17 client-id=1:20:1a:6:4b:26:b1 mac-address=\
20:1A:06:4B:26:B1 server=dhcp3
add address=193.163.7.18 client-id=1:a4:db:30:12:89:1c mac-address=\
A4:DB:30:12:89:1C server=dhcp3
/ip dhcp-server network
add address=10.10.10.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=10.10.10.1
add address=182.168.1.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=182.168.1.1
add address=192.168.1.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=192.168.1.1 \
netmask=24
add address=193.163.7.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=193.163.7.1 \
netmask=24
/ip dns
set servers=8.8.8.8,8.8.4.4
/ip firewall filter
/ip firewall mangle
add action=mark-routing chain=prerouting comment="192 to WAN1" \
new-routing-mark="192 to WAN1" passthrough=yes src-address=192.168.1.0/24
add action=mark-routing chain=prerouting comment="193 to WAN1" \
new-routing-mark="193 to WAN1" passthrough=yes src-address=193.163.7.0/24
add action=mark-routing chain=prerouting comment="182 to WAN2" \
new-routing-mark="182 to WAN2" passthrough=yes src-address=182.168.1.0/24
/ip firewall nat
add action=masquerade chain=srcnat comment="WAN1 PLDT 200" out-interface=\
pppoe-out1-PLDT200
add action=masquerade chain=srcnat comment="WAN2 Cisco" out-interface=\
ether2-WAN2
add action=dst-nat chain=dstnat comment="SAP Server Port 8080" dst-address=\
124.106.225.101 dst-port=8080 protocol=tcp to-addresses=193.163.7.91 \
to-ports=8080
add action=dst-nat chain=dstnat comment="SAP Server Port 8443" dst-address=\
124.106.225.101 dst-port=8443 protocol=tcp to-addresses=193.163.7.91 \
to-ports=8443
add action=dst-nat chain=dstnat comment=Membership dst-address=\
124.106.225.101 dst-port=85 protocol=tcp to-addresses=192.168.1.195 \
to-ports=85
/ip proxy
set enabled=yes max-cache-size=none
/ip route
add comment="192 to WAN1" disabled=yes distance=1 gateway=pppoe-out1-PLDT200 \
routing-mark="192 to WAN1"
add comment="193 to WAN1" distance=1 gateway=pppoe-out1-PLDT200 routing-mark=\
"193 to WAN1"
add comment="182 to WAN2" distance=1 gateway=192.168.4.1 routing-mark=\
"182 to WAN2"
/ip service
set winbox port=8292
/system clock
set time-zone-name=Asia/Manila
/system leds
add interface=wlan2 leds="wlan2_signal1-led,wlan2_signal2-led,wlan2_signal3-le\
d,wlan2_signal4-led,wlan2_signal5-led" type=wireless-signal-strength
add interface=wlan2 leds=wlan2_tx-led type=interface-transmit
add interface=wlan2 leds=wlan2_rx-led type=interface-receive
/system logging
add topics=web-proxy

My concern is how could I do cross network connection. Meaning I need to access some devices on network
192.168.1.XXX while I'm at 182.168.1.XXX and Vise Versa and same with 193.163.7.XXX.

Hope you can guide me. thank you.
 
sindy
Forum Guru
Forum Guru
Posts: 6899
Joined: Mon Dec 04, 2017 9:19 pm

Re: How do I interconnect 3 DHCP Server

Tue Feb 23, 2021 8:09 pm

OK, now as you've shown the export it became much clearer :)

You assign a routing-mark to every packet sent from any LAN host to any destination, and the only route with that routing-mark is a default one, via one of the WANs. Hence even traffic whose destination is in your other LAN subnet takes one of those routes.

So to let the traffic between your LAN subnets get to the correct destination, you have to either make those mangle rules not match on traffic between local subnets, or to supersede that routing-mark using /ip route rule rules.

So one possible solution could be:
/ip firewall address-list
add list=connected-subnets address=192.168.1.0/24
add list=connected-subnets address=193.163.7.0/24
add list=connected-subnets address=182.168.1.0/24

/ip firewall mangle set [find action~"mark-routing"] dst-address-list=!connected-subnets


As @SpartanX has noted, 192.163.7.0/24 is assigned to some regional administration in Denmark and 182.168.1.0/24 is assigned to Sony Network Communications in Japan, so you will be unable to accessing these networks in the internet once you use them as local ones.
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.

Who is online

Users browsing this forum: almdandi and 97 guests