Hi,
We run out of public addresses and we must do NAT with PPPoE Server and have a second way of connectivity, giving public for one side or private addresses for the other. But our superior ISP is giving us a very strange private addressing (for not to waste public directions), and this is the reason the things are a little bit dificult for getting this working.
My WAN ISP is giving us a private /29 addresses: 192.168.15.234/29
Now, for giving PPPoE with "public" addresses we are used to setup the Private addressing on WAN interface, and one Public address on LAN (this is for having a public address in the source origin).
So, we have the following setup and is working perfectly fine:
WAN interface 192.168.15.234/29 -----> ( 15.233 our gateway)
LAN interface 200.20.20.1/24 (public address). ----> we use the same address for the customer gateways.
NOTE: We have our own ASN number and public directions (BGP)
Here we came with the problem:
Now we wanted to add a second way of connectivity with PPPoE but with NAT, So we created different PPP profiles with that purpose, (using the same WAN "private" Interface addressing configuration that we named before). We added a second address to the same LAN interface 10.9.1.1/20
When I am doing a traceroute, I can`t reach internet access because the ISP is seeing "our source address" as a private address, and their BGP filters drops our outgoing traffic.
[soporte1@testing] > tool trace 1.1.1.1
# ADDRESS LOSS SENT LAST AVG BEST WORST
1 10.9.0.1 0% 37 0.4ms 0.4 0.4 0.7
2 192.168.15.233 0% 37 1.3ms 1.3 1.2 3
3 100% 37 timeout
4 10.169.147.34 0% 37 4.1ms 7.1 4 112.6
5 100% 37 timeout
6 100% 37 timeout
7 100% 37 timeout
8 100% 37 timeout
9
They told us that we must have a "public" source origin address, so we put a public one to the private PPP profiles but the result is the same, we cant reach internet.
[soporte1@testing] > tool trace 1.1.1.1
# ADDRESS LOSS SENT LAST AVG BEST WORST
1 200.20.20.1 0% 5 0.4ms 0.6 0.4 0.8
2 192.168.15.233 0% 5 1.3ms 1.5 1.3 1.7
3 100% 5 timeout
4 10.169.147.34 0% 5 4.1ms 4.2 4.1 4.3
5 100% 5 timeout
6 100% 5 timeout
7 100% 5 timeout
8 100% 4 timeout
9 100% 4 timeout
Other partners with similar ISP setup, fix the problem putting another parallel Routerboard doing NAT but I what to fix this with the same routerboard.
What is this happening?. and why? There could be a way to fix that without the ISP intervention?.
Sorry for my poor english. Is right the tittle of the post?.
Thanks!