Community discussions

 
dlocal
just joined
Topic Author
Posts: 2
Joined: Sun Nov 27, 2011 8:27 am

PublicIPs routing with mac-addresses masquerading. How?

Sun Nov 27, 2011 8:36 am

Hello!

I want to route public IPs subnet behind MikroTik router (RB1200) with masquerading of MAC-addresses.
First interface of my router connected to datacenter core router, 2nd port - to my local network. In local network I have servers with public white IPs on network interfaces (NOT private subnet).

I want to route/gateway this addresses to datacenter network, but I cant send MAC-addresses of this interfaces to DC network, because on DC core enabled port security/mac filtering.
I cant use classic NAT, because I need to have real IPs on servers interfaces, not private IPs.

According to this, both known by me variants (NAT and bridge) seems invalid.

How I can do that?
 
User avatar
dasiu
Trainer
Trainer
Posts: 232
Joined: Fri Jan 30, 2009 11:41 am
Location: Reading, UK
Contact:

Re: PublicIPs routing with mac-addresses masquerading. How?

Sun Nov 27, 2011 2:43 pm

Are the subnets for local users and subnet for datacenter the same? (Or - are IP addresses for both interfaces of your router in the same subnet?)
If not - you simply DO NOTHING :). No NAT is needed for public IP's, and no bridge is needed if they are different subnets. It's simply IP routing!
In 7-layer OSI model:
Layer 2 - ethernet/wifi/dsl/etc. frame with MAC addresses
Layer 2 devices are switches and bridges :)
Layer 3 - IP packet with IP addresses
Layer 3 devices are routers :)
Each router, computer, etc. (= each layer3 device) changes source MAC (layer 2) of outgoing packet to MAC of the outgoing interface. So each time a packet leaves an IP subnet and goes to another IP subnet (changes broadcast domain) - it is done on a layer 3 device, changing MAC addresses. MAC's are visible only inside the subnet, it is normal behavior.

You just need to be sure, that the datacenter core router (gateway for the datacenter network?) have IP route for the dst-addresses from the local subnet through your RB1200 (either simple static routing or OSPF/RIP)
 
dlocal
just joined
Topic Author
Posts: 2
Joined: Sun Nov 27, 2011 8:27 am

Re: PublicIPs routing with mac-addresses masquerading. How?

Sun Nov 27, 2011 3:34 pm

No :(
In "local" I have IPs from datacenters subnet, and, what bad, not from one subnet - random allocation from all DS's pool. :(
 
User avatar
dasiu
Trainer
Trainer
Posts: 232
Joined: Fri Jan 30, 2009 11:41 am
Location: Reading, UK
Contact:

Re: PublicIPs routing with mac-addresses masquerading. How?

Sun Nov 27, 2011 4:03 pm

Well, that sounds problematically :). So what IP addresses you have configured on both interfaces of the RB1200? Could you post a simple diagram?
 
kerbbb
just joined
Posts: 1
Joined: Fri Jan 13, 2012 6:20 pm

Re: PublicIPs routing with mac-addresses masquerading. How?

Fri Jan 13, 2012 6:22 pm

i have the same problem

Default Gateway:
212.x.x.97

Eth 1 (link to the DC ISP)
IP 212.x.x.117 netmask 255.255.255.224
Eth 2 (link to my servers)
IP 80.x.x.254 netmask 255.255.255.128

Who is online

Users browsing this forum: No registered users and 140 guests