Community discussions

MikroTik App
 
fcoulloudon
just joined
Topic Author
Posts: 13
Joined: Tue May 02, 2023 9:10 pm

Basic routing with ISP information

Tue May 02, 2023 9:27 pm

Good morning/afternoon everyone.
Please be kind, it's my first time setting up a network other than LAN with basic DHCP.

I'm trying to set my router in a datacenter.
My ISP gave me an IP with /32 subnet for my router and a block of IPV4 addresses (/29, 8 IPs)
From my understanding, I can only use 5...

I'm trying to properly set up my CCR2004-16G-2S+ but I'm struggling a bit...

I manage to set the IP address and routes.

those are fake but probable addresses:
/ip/address> print
# ADDRESS NETWORK INTERFACE
0 192.168.88.1/24 192.168.88.0 ether15
1 78.152.222.85/32 78.152.222.84 sfp-sfpplus1

# DST-ADDRESS GATEWAY DISTANCE
0 As 0.0.0.0/0 78.152.222.84 1
DAc 78.152.222.84/32 sfp-sfpplus1 0
DAc 192.168.88.0/24 ether15 0

Now my Router has access to internet (and vice-versa ;-) ).
Is it the right way to do the routing? => As 0.0.0.0/0 78.152.222.84 1

I'm now going to plug on other ethernet interfaces my servers and allocate them IP adresses.
I'm lost on what I should to on the Mikrotik router to be able to have my 5 servers operational.

Let's say my IP V4 block is 78.113.250.192/29. Could you please guide me?
I understand I can use addresses: 78.113.250.193 to 78.113.250.197 right?

Thank you very much in advance!

PS: When I manage to connect my router on the internet, I could see several bruteforce attack (telnet, SSH), is there anything I should do to protect/prevent my router to be at risk?
(autoban? other?). What about DDOS attack? can I filter them a bit and protect my 5 servers?

Any link to appropriate content would be highly appreciated.
Please be assured that I'm trying to find this information in parallel. I've just lost several hours and some help would be great!

Thank you very much again.
Regards,

Francois
 
fcoulloudon
just joined
Topic Author
Posts: 13
Joined: Tue May 02, 2023 9:10 pm

Re: Basic routing with ISP information

Sat May 06, 2023 7:58 am

OK I've made some progress by myself and pretty much everything is OK.

However, I feel like I'm missing a route as I have many loss paquets when pinging my public IPs on each of my servers.
I created a bridge (PublicIPs) with a DHCP server to automatically allocate my public IPs.

I have those adresses:
# ADDRESS NETWORK INTERFACE
0 192.168.88.1/24 192.168.88.0 ether15
1 78.152.222.85/32 78.152.222.84 sfp-sfpplus1
2 78.152.251.198/29 78.152.251.192 PublicIPs

and those routes:
# DST-ADDRESS GATEWAY DISTANCE
0 As 0.0.0.0/0 78.152.222.84 1
DAc 78.152.222.84/32 sfp-sfpplus1 0
DAc 78.152.251.192/29 PublicIPs 0
DIcH 192.168.88.0/24 ether15 0

ISP connection is done on sfp-sfpplus1.
PublicIPs is a bridge including all my ethernet ports.

DHCP is working
All servers get an address from the DHCP (that are now put to "static").

When I ping my router, everything is fine.
One of my server is responding from ping without issue.

Any idea where I'm missing something?
Thank you!
 
fcoulloudon
just joined
Topic Author
Posts: 13
Joined: Tue May 02, 2023 9:10 pm

Re: Basic routing with ISP information

Thu May 18, 2023 11:03 am

I managed to fix everything.

I had two DHCP servers as I have two separate network (one public/WAN and one private, each on separate physical interface) and the private DHCP was forcing a default route in conflit with the public dhcp default route.

Removed the route and everything is working flawlessly now!

Thanks!

Who is online

Users browsing this forum: devnull0 and 48 guests