Community discussions

MikroTik App
 
jjoelc
just joined
Topic Author
Posts: 12
Joined: Mon Oct 05, 2015 9:14 pm

Simple? 2 WAN IPs on single interface issue...

Fri May 12, 2023 2:03 am

This should have been simple. I recently got a 2nd static IP address from my ISP (for eventual use with a business mail server I prefer to keep separate from my existing personal servers...) yet, I keep getting terrible connectivity and dropped pings every time I try to activate the 2nd IP address.
RB450Gx4
eth1 is WAN, remaining interfaces are each assigned to different VLANs for internal use. All I really need right now is to get the new address answering pings reliably, and I can do a src-nat and dst-nat to some internal device for testing.

Should be as simple as add the address, add src-nat (and as needed dst-nat) and be good to go... Right?
Both IPs use the same gateway.
/ip address
add address=xx.xx.159.183 interface=ether1 network=xx.xx.159.1
add address=xx.xx.159.145 interface=ether1 network=xx.xx.159.1
Then disable the default masquerade rule and replace it with:
/ip firewall nat
add action=src-nat chain=srcnat out-interface=ether1 to-addresses=xx.xx.159.183
add action=src-nat chain=srcnat out-interface=ether1 to-addresses=xx.xx.159.145
At that point, all traffic will of course be going through whichever address ranks higher in the routing table, but both address should answer pings, right (assuming firewall rule doesn't prevent it, of course...)

But as soon as I enable the second IP Address, pings to both IPs are VERY spotty (Like over 50% drop rate) Browsing and quick Google speed test both drop by more than half (From roughly 880Mbps down and 50Mbps up to 350 down and around 17 up. And yes, I know those aren't terribly accurate numbers, but the consistency of the results is what worries me.

Forcing the config to either IP Address full performance returns, it is only when I have BOTH IPs active that issues start happening...

Any ideas for what I'm missing?
 
tdw
Forum Guru
Forum Guru
Posts: 1841
Joined: Sat May 05, 2018 11:55 am

Re: Simple? 2 WAN IPs on single interface issue...

Fri May 12, 2023 2:11 am

Are your addresses really /32s, and what is youir default route?
 
jjoelc
just joined
Topic Author
Posts: 12
Joined: Mon Oct 05, 2015 9:14 pm

Re: Simple? 2 WAN IPs on single interface issue...

Fri May 12, 2023 3:16 am

As provided by the ISP.... (I HATE Suddenlink/Optimum/whatever they are calling themselves this year...)
(My original existing IP)
IP = xx.xx.159.183
subnet = 255.255.255.0 (so a /24, but they are only routing ONE to me....)
Gateway = xx.xx.159.1

And the new one:
IP = xx.xx.159.145
subnet = 255.255.255.0
Gateway = xx.xx.159.1

For what it is worth, I have tried entering the addresses as /24, which at least gets the gateway/network correct. I have not tried specifically listing them as /32, I assumed the specific IP it assumed as only a /32
 
jjoelc
just joined
Topic Author
Posts: 12
Joined: Mon Oct 05, 2015 9:14 pm

Re: Simple? 2 WAN IPs on single interface issue...

Fri May 12, 2023 3:22 am

Sorry, just realized I didn't answer your question about default route:
#     DST-ADDRESS       GATEWAY         DISTANCE
0  As 0.0.0.0/0         xx.xx.159.1            1
  DAc 10.10.10.0/24     vlan10-Domain          0
  DAc 10.10.20.0/24     vlan20-DMZ             0
  DAc 10.10.30.0/24     vlan30-Cameras         0
  DAc xx.xx.159.1/32    ether1                 0
  DAc 172.16.10.0/24    wireguard1             0
  DAc 192.168.88.0/24   bridge                 0
  DAc 192.168.254.0/24  vlan254-Guest          0
 
tdw
Forum Guru
Forum Guru
Posts: 1841
Joined: Sat May 05, 2018 11:55 am

Re: Simple? 2 WAN IPs on single interface issue...  [SOLVED]

Sat May 13, 2023 2:42 pm

Nothing obvious. Given the information from the ISP it should really be address=xx.xx.159.183/24 and address=xx.xx.159.145/24 but if you are seeing the same behaviour when configured like that it does rather point to something at the ISP end.

Does the drop in performance occur immediately after enabling the second IP, or only after some traffic is sent to or from that address?

It could be that the ISP has some odd setup, e.g. multiple MAC addresses for their gateway IP or requiring a different MAC address for each client IP. Using the packet sniffer for ARP packets on ether1 may show something.
 
jjoelc
just joined
Topic Author
Posts: 12
Joined: Mon Oct 05, 2015 9:14 pm

Re: Simple? 2 WAN IPs on single interface issue...

Mon May 15, 2023 1:52 am

Thanks for the help!
I was able to determine it was the ISP side. They require "Special authorization" to allow multiple IPs from the same MAC address. :roll:

I spent way longer than I should have had to second guessing myself!

Who is online

Users browsing this forum: GoogleOther [Bot], rplant, Shylie and 87 guests