MikroTik

I have configured RB450G eth1 as WAN with abc:xyz:168:48/30 series IP adddress and eth2 as LAN with abc:xyz:220:248/29 series IP subnet.Further I have bridged eth1 and eth2.Everything is fine and I can issue public IP address to my clients directtly from the router.Recently I acquired a cisco L3 for better management and connected it to RB450G on eth2 and my clients to Cisco suddenly I find packets to the ISP gateway abc:xyz:168:49 is getting droppped and the line becomes unstable.The config on cisco is simple with only port isolation being enabled for differnt clients also no firewalls are used.pls guide me.

Genie.

Drop the bridge of eth1 and eth2 since you want to route this traffic to internet.

This should solve your problem.

If I drop the bridge then I will not get internet on eth2.Than I need to enable NAT which defeats the purpose of issuing public IP address to my clients as they will advertised with the public Ip address on eth1.What I need to know is wether the problem I'am facing is because of problem with routing or some kind of queing related issue where the router is not able to cope with high bandwidth.

If you bridge the interfaces, there won´t be any routing in place; Why do you need the RB450 then?
You could simply use the Cisco Switch alone.

If you want the RB450 as a transparent packet filter, just remove both IPs on the Interfaces and assign an address on the bridge interface.
Additionally you have to enable "Use IP Firewall" in the Bridge settings tab.

Ok let me rephrase my requirement.My ISP has given me two differnet IP subnet namely abc:xyz:168:48/30 for WAN and
abc:xyz:220:248/29 for router LAN side use.How do I configure the RB 450G router with these IP subnets in the most basic router mode such that I can use cisco L3 in conjunction? On the WAN side I can use abc:xyz:168:50 as device IP adddress and abc:xyz:168:49 as gateway.
On the LAN I'll use abc:xyz:220:249.To this LAN port of the router I'll connect the cisco switch and distribute the remaining five public IP address to other servers.
I hope I'am correct by theory. Now please guide me in router configuration.

If you have a layer 3 switch you don't need the Mikrotik router. If you want to use the Mikrotik router you can't run the layer 3 switch at layer 3, and need to just assign an IP address to the router LAN interface and connect the switch and have it distribute that network at layer 2 to the other servers that need to be on the public IP LAN.

If you have a router and a switch at layer 3 (acting as a router) connecting routed to that router, but only have two IP networks you simply don't have enough IP networks. Here's the diagram:

[ISP]--(network1)--[Mikrotik]--(network2)--[Switch]--(network3)--users

What you could do if you need everything to be routed is to insert a private IP network between the router and switch so that network1 is your public IP WAN network to the ISP, network2 is some RFC1918 space (such as 10.0.0.0/30), and network3 is the public IP LAN space. Then you need to set up a static route on the Mikrotik router pointing to the public IP LAN network via the next hop on the switch.

Hope that helps.

Dear Ojsa

thanks a zillion.dropping the bridge did solve my problem, but only after upgrading the router firware from 4.11 to 4.17.Now I can run my network without depending on a expensive Cisco router.

Dear Fewi

Well you can still have a network with a Mikrotik router working as a basic router (transperent packet forwarder) in conjunction with a L3 switch in L3 mode without putting a private IP in the network 2 area (with static route) i.e between mikrotik LAN and cisco L3.