Community discussions

MikroTik App
 
kcybulski
just joined
Topic Author
Posts: 14
Joined: Sat Jul 13, 2013 1:45 pm

Multiple ISP - again

Fri Mar 24, 2023 11:56 am

Hi all,

I have currently one bridge witch all my ISP ports and IP addresses assigned directly to VMs, I am resigning from one conection and need to combine same VM on one IP, so I want to assign all IP to router and port forward them to VM, can you confirm if this config is enough for this, or do I need to use separate routing tables for each ISP.

Thanks
Krzysztof
/interface bridge
add name=DMZ
add name=Lan
add name=WLAN_GUEST
/interface ethernet
set [ find default-name=ether1 ] disable-running-check=no disabled=yes
set [ find default-name=ether2 ] comment=172.0.242.62 disable-running-check=no
set [ find default-name=ether3 ] comment=172.0.155.42/29 disable-running-check=no
set [ find default-name=ether4 ] comment=10.10.1.0/24 disable-running-check=no
set [ find default-name=ether5 ] comment=10.10.0.0/24 disable-running-check=no
set [ find default-name=ether6 ] comment=172.0.251.56/29 disable-running-check=no
set [ find default-name=ether7 ] comment=10.10.2.0/24 disable-running-check=no
set [ find default-name=ether8 ] disable-running-check=no
set [ find default-name=ether9 ] disable-running-check=no
set [ find default-name=ether10 ] disable-running-check=no
set [ find default-name=spf-plusplus1 ] disable-running-check=no
/interface list
add name=LAN_LIST
add name=ISP_1_LIST
add name=ISP_2_LIST
add name=ISP_3_LIST
add comment=10.10.0.0/16 name=DMZ_LIST
add include=DMZ_LIST,LAN_LIST name=INTERNAL_LIST
add include=ISP_1_LIST,ISP_2_LIST,ISP_3_LIST name=WAN_LIST
/interface bridge port
add bridge=Lan interface=spf-plusplus1
add bridge=DMZ interface=ether4
add bridge=DMZ interface=ether5
add bridge=DMZ interface=ether7
/interface list member
add interface=spf-plusplus1 list=LAN_LIST
add interface=ether2 list=ISP_2_LIST
add interface=ether3 list=ISP_3_LIST
add interface=ether4 list=DMZ_LIST
add interface=ether5 list=DMZ_LIST
add interface=ether6 list=ISP_1_LIST
add interface=ether7 list=DMZ_LIST
/ip address
add address=172.0.155.42/29 interface=ether3 network=172.0.155.40
add address=172.0.155.43/29 interface=ether3 network=172.0.155.40
add address=172.0.155.44/29 interface=ether3 network=172.0.155.40
add address=172.0.155.45/29 interface=ether3 network=172.0.155.40
add address=172.0.155.46/29 interface=ether3 network=172.0.155.40
add address=172.0.242.62/30 interface=ether2 network=172.0.242.60
add address=172.0.251.58/29 interface=ether6 network=172.0.251.56
add address=172.0.251.59/29 interface=ether6 network=172.0.251.56
add address=172.0.251.60/29 interface=ether6 network=172.0.251.56
add address=172.0.251.61/29 interface=ether6 network=172.0.251.56
add address=172.0.251.62/29 interface=ether6 network=172.0.251.56
add address=10.10.0.1/16 interface=DMZ network=10.10.0.0
add address=192.168.168.1/21 interface=Lan network=192.168.168.0
/ip firewall filter
add action=fasttrack-connection chain=forward connection-state=established,related hw-offload=yes
add action=accept chain=forward connection-state=established,related
add action=accept chain=input connection-state=established,related
add action=drop chain=forward connection-state=invalid log=yes log-prefix=invalid
add action=accept chain=forward connection-state=established,related,untracked
add action=jump chain=input jump-target=icmp protocol=icmp
add action=jump chain=forward jump-target=icmp protocol=icmp
add action=accept chain=forward
/ip firewall nat
add action=dst-nat chain=dstnat dst-address=172.0.155.42 dst-port=80 protocol=tcp to-addresses=10.10.0.42 to-ports=80
add action=dst-nat chain=dstnat dst-address=172.0.155.43 dst-port=80 protocol=tcp to-addresses=10.10.0.43 to-ports=80
add action=dst-nat chain=dstnat dst-address=172.0.155.44 dst-port=80 protocol=tcp to-addresses=10.10.0.44 to-ports=80
add action=dst-nat chain=dstnat dst-address=172.0.155.45 dst-port=80 protocol=tcp to-addresses=10.10.0.45 to-ports=80
add action=dst-nat chain=dstnat dst-address=172.0.155.46 dst-port=80 protocol=tcp to-addresses=10.10.0.46 to-ports=80
add action=dst-nat chain=dstnat dst-address=172.0.242.62 dst-port=80 protocol=tcp to-addresses=10.10.1.62 to-ports=80
add action=dst-nat chain=dstnat dst-address=172.0.251.58 dst-port=80 protocol=tcp to-addresses=10.10.2.58 to-ports=80
add action=dst-nat chain=dstnat dst-address=172.0.251.59 dst-port=80 protocol=tcp to-addresses=10.10.2.59 to-ports=80
add action=dst-nat chain=dstnat dst-address=172.0.251.60 dst-port=80 protocol=tcp to-addresses=10.10.2.60 to-ports=80
add action=dst-nat chain=dstnat dst-address=172.0.251.61 dst-port=80 protocol=tcp to-addresses=10.10.2.61 to-ports=80
add action=dst-nat chain=dstnat dst-address=172.0.251.62 dst-port=80 protocol=tcp to-addresses=10.10.2.62 to-ports=80
add action=masquerade chain=srcnat dst-address=10.10.0.42 out-interface=DMZ src-address=10.10.0.0/16
add action=masquerade chain=srcnat dst-address=10.10.0.43 out-interface=DMZ src-address=10.10.0.0/16
add action=masquerade chain=srcnat dst-address=10.10.0.44 out-interface=DMZ src-address=10.10.0.0/16
add action=masquerade chain=srcnat dst-address=10.10.0.45 out-interface=DMZ src-address=10.10.0.0/16
add action=masquerade chain=srcnat dst-address=10.10.0.46 out-interface=DMZ src-address=10.10.0.0/16
add action=masquerade chain=srcnat dst-address=10.10.1.62 out-interface=DMZ src-address=10.10.0.0/16
add action=masquerade chain=srcnat dst-address=10.10.2.58 out-interface=DMZ src-address=10.10.0.0/16
add action=masquerade chain=srcnat dst-address=10.10.2.59 out-interface=DMZ src-address=10.10.0.0/16
add action=masquerade chain=srcnat dst-address=10.10.2.60 out-interface=DMZ src-address=10.10.0.0/16
add action=masquerade chain=srcnat dst-address=10.10.2.61 out-interface=DMZ src-address=10.10.0.0/16
add action=masquerade chain=srcnat dst-address=10.10.2.62 out-interface=DMZ src-address=10.10.0.0/16
add action=masquerade chain=srcnat dst-address=172.0.155.40/29
add action=masquerade chain=srcnat dst-address=172.0.242.60/30
add action=masquerade chain=srcnat dst-address=172.0.251.56/29
add action=masquerade chain=srcnat out-interface=ether2
/ip route
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=172.0.155.41 pref-src="" routing-table=main scope=30 suppress-hw-offload=no target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=172.0.242.61 pref-src="" routing-table=main scope=30 suppress-hw-offload=no target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=172.0.251.57 pref-src="" routing-table=main scope=30 suppress-hw-offload=no target-scope=10

Who is online

Users browsing this forum: JDF and 45 guests