Community discussions

 
DotTest37
newbie
Topic Author
Posts: 42
Joined: Sun Oct 06, 2013 10:01 pm

ISP providing two Public IP segments

Sun Aug 12, 2018 4:11 pm

Im setting a Mikrotik device at a new location, asked for 5 public IPs, and the ISP provided me with two segments.
They gave me a /29 network but they also gave me a WAN IP block, and according to them this is for my "WAN" interface.
(Image attached)
IP-Mikrotik.jpg
How do I configure that on the Mikrotik? at all other locations the ISP always give me just the public IP segment, and then I add those addresses on the WAN port, and as they all share the same gateway on the ISP side then there is no problem, I use the first public IP for srcnat masquerade and the rest for dstnat, etc.
On this case they gave me two public segments, and now I dont know where to configure those addresses and what would be my default gateway etc.
I just want to make sure I can use the /29 network on the MIkrotik for NAT etc.
You do not have the required permissions to view the files attached to this post.
 
pe1chl
Forum Guru
Forum Guru
Posts: 4811
Joined: Mon Jun 08, 2015 12:09 pm

Re: ISP providing two Public IP segments

Sun Aug 12, 2018 4:47 pm

Put the /30 address on your WAN port and the /29 address on your LAN or DMZ or whatever you want to call it.
When you really want to use it only on the router you could put it on a loopback (a bridge with no ports).
 
DotTest37
newbie
Topic Author
Posts: 42
Joined: Sun Oct 06, 2013 10:01 pm

Re: ISP providing two Public IP segments

Sun Aug 12, 2018 5:53 pm

Do I have to ask the ISP to route the /29 via the gateway from the /30 ? Because those two segments are not contiguous.
I remember doing that in the past, with Cisco .
Otherwise how the internet originated traffic will reach the /29 if the only segment on my WAN interface is from the /30?
 
FezzFest
just joined
Posts: 20
Joined: Wed Jun 03, 2015 12:03 am

Re: ISP providing two Public IP segments

Sun Aug 12, 2018 6:12 pm

They likely have a route in their routing equipment that routes the /29 over your end of the /30.
 
DotTest37
newbie
Topic Author
Posts: 42
Joined: Sun Oct 06, 2013 10:01 pm

Re: ISP providing two Public IP segments

Sun Aug 12, 2018 6:20 pm

They will turn it on tomorrow, so I guess I will find out then.
All said one m this thread make sense though.
 
sindy
Forum Guru
Forum Guru
Posts: 2441
Joined: Mon Dec 04, 2017 9:19 pm

Re: ISP providing two Public IP segments

Sun Aug 12, 2018 8:31 pm

Unless they've asked you to use BGP or RIP to advertise the /29 subnet, they route it via your end of the /30 one statically. They assume that you'll use it the usual way, i.e. 0 - subnet address (unusable for a device), 7 - broadcast address (unusable for a device), 1..6 - addresses of devices connected to Mikrotik's LAN except one which will be assigned to your 'Tik itself as a gateway for the devices using the other five. However, you may also use all eight of them as to-addresses in action=src-nat rules and as selector dst-addresses in action=dst-nat rules on the Mikrotik itself, or you may assign all eight to ppp clients which do not need a gateway IP on the same subnet as they are point-to-point interfaces; in both these latter cases, you have to set arp=proxy-arp on the WAN interface to which your end of the /30 subnet is attached.
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.
 
DotTest37
newbie
Topic Author
Posts: 42
Joined: Sun Oct 06, 2013 10:01 pm

Re: ISP providing two Public IP segments

Sun Aug 12, 2018 10:51 pm

They likely have a route in their routing equipment that routes the /29 over your end of the /30.
I was just thinking,, then why they specified a default gateway for the /29 network on the paper they sent me?
Because if the incoming or outgoing traffic for the /29 gets routed via the /30 network, then theoretically I wouldn't even need to declare that gateway from the /29 anywhere on my Mikrotik.
Am I making any sense?
 
sindy
Forum Guru
Forum Guru
Posts: 2441
Joined: Mon Dec 04, 2017 9:19 pm

Re: ISP providing two Public IP segments

Sun Aug 12, 2018 11:36 pm

The only technical reason I can imagine why they specify which particular one of the 6 addresses shall be the gateway one at your side is that they would be filtering traffic to/from that IP. Other than that, maybe they prefer to tell the customers what to do in a preventive manner. Just try and see.
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.

Who is online

Users browsing this forum: acriollo and 49 guests