Have have recently been assigned public IPs to our network and are using them for customers. We are still using a lot of private IPs inside our network, especially between highsites.
We have a SRC NAT rule to still Masquerade all traffic leaving our network and coming from the internal private IPs. So this NATs everything but our Public IPs.
We also have local loopback IPs assigned to a bridge interface (no ports added to bridge) for OSPF and BGP to work better.
What we would like to do is to have all traffic originating from the router (DNS requests, RADIUS communication, etc) that leaves our network to srcnat (come from) the public IP assigned on the loopback interface. How can we do this without effecting traffic passing through the router (forward chain) from other towers?
The main reason why we want to do this is because our RADIUS servers are hosted outside of our network. When adding all our towers/routers to the RADIUS server, you have to specify the source IP address so disconnect packets can be sent back to the router when a customer reach their service limit or get suspended for not paying. So having a single public IP for each tower where RADIUS communication comes from is the ideal solution.