Hi there,
I have two mikrotiks:
1. RB2011UAS-2HnD version 6.43.4
2. RB2011UiAS-2HnD version 6.47.8
both have masquarading in to their ISP.
both had the same config having eth9 connected to ISP CPE. both had "External" bridge and eth9 connected to that bridge. Both had a masquarading whith the condition when OUT interface is "External Bridge".
first one working perfectly, the second one stopped working after an upgrade to the existing version 6.47.8. the workaround was to assign "eth9" instead of "External" bridge on the secod MT for masquarading to start working correctly. Otherwise it would masquarade everything regardless of what is the "out" interface is.
The biggest issue was that these devices has a site-to-site SSTP (MT1 is SSTP server) as described here: https://wiki.mikrotik.com/wiki/Manual:I ... figuration and the packets were only reaching one way from MT2 to MT1 but not from MT1 to MT2. eventually after a couple of days of troubleshooting and after looking at tcpdump on the MT1'st network i noticed an external IP on VoIP SIP packets coming from MT2's network as a source. Switched to eth9 on MT2 masquarading rule, and everything worked perfectly since.
I'm not sure if this is a bug or as per design....
Hopefully the above will save someone days of troubleshooting as i endured.
--Andy