Community discussions

MikroTik App
  4. RouterOS
  5. General

src nat ip pool

Post Reply
 
changeip
Forum Guru
Forum Guru
Topic Author
Posts: 3830
Joined: Fri May 28, 2004 5:22 pm

src nat ip pool

Thu Jan 13, 2005 6:27 am

hello,

how many ips can be listed within the ip src nat pool for natted connections? We'd like to provide nat on outbound traffic, and have the outbound traffic spread across hundreds of ips if possible. i was able to use 15 and it was working, i am just not sure if there is a limit i should be aware of. also, currently i've had to add each of the ip addresses to the interface on the router with a /32 - is there a way around having to add each individual ip? -the router is the originator of the traffic, not clients behind it.

Sam
Top
 
wildbill442
Forum Guru
Forum Guru
Posts: 1055
Joined: Wed Dec 08, 2004 7:29 am
Location: Sacramento, CA

Thu Jan 13, 2005 11:20 am

You should be able to add the whole subnet using whatever subnetmask necessary for the network.

ex: 10.0.0.0/16 would encompass 10.0.0.0 - 10.255.255.255

So your src-nat config should look something like this:
Code: Select all
0   ;;; src-nat test
     src-address=10.0.0.0/16 action=nat to-src-address=aaa.bbb.ccc.ddd - eee.fff.ggg.hhh
where aaa.bbb.ccc.ddd - eee.fff.ggg.hhh are your public addresses.

One thing though, when you're doing a whole subnet like that I believe you need to use masquerade as the action instead of NAT. I think NAT is more for single addresses if I recall the admin config guide correctly...
Top
 
changeip
Forum Guru
Forum Guru
Topic Author
Posts: 3830
Joined: Fri May 28, 2004 5:22 pm

Fri Jan 14, 2005 12:26 am

currently i've had to add each of the ip addresses to the interface on the router with a /32 - is there a way around having to add each individual ip? -the router is the originator of the traffic, not clients behind it.
Top
 
wildbill442
Forum Guru
Forum Guru
Posts: 1055
Joined: Wed Dec 08, 2004 7:29 am
Location: Sacramento, CA

Fri Jan 14, 2005 1:34 am

I'm sorry I forgot to mention that. You also have to add the IP addresses you're NATing to the WAN interface on the router in order for the NAT rules to work... I'm not sure if you can add a whole subnet to an interface unless its done one at a time. I could be wrong though, try it out?
Top
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26376
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Fri Jan 14, 2005 9:15 am

no, you do not need ip addresses for nat to work.
Top
 
changeip
Forum Guru
Forum Guru
Topic Author
Posts: 3830
Joined: Fri May 28, 2004 5:22 pm

Fri Jan 14, 2005 7:58 pm

Does it matter if they are advertised right on the wire or if they are routed? Is one preferred over the other? Basically Level3 can give us a /24 if we need for this project, I am just wondering if I should have them route them to us, or advertise them on their gateway.

Sam
Top
 
raymonvdm
Member Candidate
Member Candidate
Posts: 161
Joined: Mon Jan 31, 2005 7:47 pm

Re:

Wed Jan 17, 2018 2:11 pm

I'm sorry I forgot to mention that. You also have to add the IP addresses you're NATing to the WAN interface on the router in order for the NAT rules to work... I'm not sure if you can add a whole subnet to an interface unless its done one at a time. I could be wrong though, try it out?

I also need to add all ip adresses using /32 for the SRC-NAT to work
Top
Post Reply

Who is online

Users browsing this forum: Bing [Bot], MisterMikro and 103 guests
  4. RouterOS
  5. General