Hi all,

i need suggestions about this problem... i have 4 RB interconnected with point-to-point connection (say 192.168.0.0/30 where 0.1 and 0.2 are the two RB)on 1st wlan, the 2nd wlan is a 192.168.0.4/30 for the next hop and so on... and the 3rd wlan is a PPPoE concentrator with a *private* ip address pool to auth the clients.
The 1st RB have eth0 connected with one of the public IP i have, and with proper routes rules and masquerade on nat firewall, all works fine.
Now i'm in need to assign a public IP to one client e.g. on the last RB. Reading the forum, i have the impression that private IP and public IP with a PPPoE concentrator can't work together, and also seem complicate create a route rule *every* public IP i want to assign to create the path.
And, also, in a past post someone got bingo on assign public IP enabling the arp-proxy on the wlan card, i suppose because the arp table of the gateway routerboard need to know the phisical address associated with the public IP.
Maybe confused post, sorry Hope someone understand what i'm trying to do and can help me in any way.

Welcome to the forum crt!

What you want to do is possible, I do it on my network all the time. I have used two methods to get a public IP address to a PPPoE connection a few hops deep into the network:

1. Use EoIP to bridge the routers (the one with the public addresses and the one near the user) together, you run the PPPoE on the router with pub addresses and not on the one near the user. This works well but is a little inefficient in terms of network throughput. I no longer use this method but used option 2 instead.

2. Route a public block of addresses to the router near the user, run the PPPoE access concentrator on that router and assign the public IP addresses. The intermediate hops do not need public addresses as long as all your routes are in place (I use OSPF for this) it should work.

There are other methods using 1:1 NAT etc but I've never tried them.

You can route public IP's over privte ones.. It's done all the time, Traceroutes from the public internet will break once it hits the private IP's, but the traffic will still flow... Any reason your using a /30 for the subnet on those radios??

You can route public IP's over privte ones.. It's done all the time, Traceroutes from the public internet will break once it hits the private IP's, but the traffic will still flow... Any reason your using a /30 for the subnet on those radios??

Thanks Harvsky and Connor9220 for replies to my first post;

i use a /30 for point-to-point link between RB, as usual on the ptp connections; maybe is not the best way but i have no other IP else than the two permitted by the nature of the /30 net inside the wireless link.
IMHO i think can be also a security issue, because i use the mode bridge/station between the two parts of PtP link, and no one (i repeat: imho) can connect the bridge part as station with same SSID. Suggestions are welcome, of course:)
The "AP" wireless part have a greatest ip range assignet by the ip pool reserved to PPPoE server.
(for Harvsky)Maybe i have some ideas clear in mind about giving public IP, but... i can *still* assign private IP with PPPoE server in this ways ??
And for Connor9220, what you mean for "route public Ip over private ones"?? a route rule that say e.g. for 80.1.1.1 pref-src is 10.1.1.2 ??
Thanks again.

Thanks Harvsky and Connor9220 for replies to my first post;

i use a /30 for point-to-point link between RB, as usual on the ptp connections; maybe is not the best way but i have no other IP else than the two permitted by the nature of the /30 net inside the wireless link.
IMHO i think can be also a security issue, because i use the mode bridge/station between the two parts of PtP link, and no one (i repeat: imho) can connect the bridge part as station with same SSID. Suggestions are welcome, of course:)
The "AP" wireless part have a greatest ip range assignet by the ip pool reserved to PPPoE server.
(for Harvsky)Maybe i have some ideas clear in mind about giving public IP, but... i can *still* assign private IP with PPPoE server in this ways ??
And for Connor9220, what you mean for "route public Ip over private ones"?? a route rule that say e.g. for 80.1.1.1 pref-src is 10.1.1.2 ??
Thanks again.

You can put 2 radios in Bridge and Bridge and use static WDS to do a p2p link that no one can connect to.. Using a /30 is common practice when doing routed p2p links.. but, I tend to put them all on the same subnet to make it easier for maintaince. (But, I also tend to just bridge the whole thing..) As for routing.. Yes.. route 80.1.1.0/24 to 192.168.1.2 and so on.. Works just fine over

Thanks for suggestions. Works fine on lab environment as descrpited with a /24 net, seems little bit hardest to do with the /30 PtP Anyway, i can't operate on live links with clients on before i'm sure of the exact solutions.

On the live links, i setup a 2nd PPPoE server that assign a free public IP. The client receive the public IP, but on the next hop all seems to come from the PtP IP of the original RB. Well, i go to ip firewall nat and try with netmap feature to prevent masquerade of the public IP and preserve src-address. Nothing to do
Second try i did is to netmap public ip to private ip in a 1:1 rule... but maybe i'm wrong in something, because no matter i try, the traffic il always masquerade with the IP of source RB.

Maybe better plain migration in bridge links... or a saint that help me poor newbie with another hint

Thanks community.

If you start off with some static routing, maybe in the lab 1st, to get the hang of this.

I will try and explain how to do it with examples - but I'm not expert on the terminology I'm affraid:

Say that you have a public block assigned to you from your upstream ISP of 80.1.1.0/25 This is the bones of what you need to do (I think), no NATting is required unless you need any of the 10.1.1.x/30 subnets to access the internet. I use OSPF to distribute the connected routes and save myself the trouble to getting all those static routes correct.

hth