Community discussions

 
ivanobuffa
just joined
Topic Author
Posts: 6
Joined: Tue Apr 02, 2019 1:38 am

How to configure 4 Up-Links on same WAN with 4 vLANs

Tue Apr 02, 2019 2:17 am

I apologize if this topic has been already discussed, but I don't think so. It looks similar to others where they talk about Multi-WAN configuration (but here the WAN is only one).

TARGET CONFIGURATION
A few weeks ago we purchased 2 x Cloud Router Switch CRS326-24G-2S+RM.
We have received 4 public static IPv4 addresses from "one network only" (/29 network) from our ISP and we want to segment our network behind our router in 4 different separated vLANs diverting incoming and outgoing network traffic from each one of these vLANs from and to its dedicated up-link out of the four we've received from our ISP. In other words these is what we want to achieve:

• VLAN 100: from port 1 to port 5
• VLAN 200: from port 6 to port 10
• VLAN 300: from port 11 to port 15
• VLAN 400: from port 16 to port 20

• Port 21 connected to WAN with public static IPv4 address: X.X.X.2/29
• Port 22 connected to WAN with public static IPv4 address: X.X.X.3/29
• Port 23 connected to WAN with public static IPv4 address: X.X.X.4/29
• Port 24 connected to WAN with public static IPv4 address: X.X.X.5/29

• Port 21 has to be used as a Gateway for any VLAN 100
• Port 22 has to be used as a Gateway for any VLAN 200
• Port 23 has to be used as a Gateway for any VLAN 300
• Port 24 has to be used as a Gateway for any VLAN 400

I have attached below a picture of the topology I want to achieve:
environment.jpg
PROBLEM
I managed to configured 4 VLANs but after checking the wiki documentation online (https://wiki.mikrotik.com) as well as watching a tons of videos online, it looks like that the problem is due to the fact that in the MikroTik router "Cloud Router Switch CRS326-24G-2S+RM" I have to add a static route in the IP > Routes section for the default 0.0.0.0 outgoing traffic selecting the gateway of the WAN that I want to use for each VLAN. This gateway has to be different for each VLAN but in my case we have only "one WAN" with only "one gateway". Therefore I can only add one gateway for one VLAN only.

To make it more clear:
  • In a typical situation there are 2 WANs and at least 2 VLANs and I configure the router in a such a way that computers from VLAN 1 use WAN 1 and computers from VLAN 2 use WAN 2.
  • In my scenario I have more 4 VLANs that have to use, respectively, 4 up-links in the same WAN (or if you want to make it easier: 2 VLANs that have to use, respectively, 2 up-links in the same WAN).

I hope I made it clear enough!

Thanks.
You do not have the required permissions to view the files attached to this post.
 
anav
Forum Guru
Forum Guru
Posts: 3130
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: How to configure 4 Up-Links on same WAN with 4 vLANs

Tue Apr 02, 2019 6:55 pm

duplicate post.
Last edited by anav on Tue Apr 02, 2019 8:01 pm, edited 1 time in total.
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
 
anav
Forum Guru
Forum Guru
Posts: 3130
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: How to configure 4 Up-Links on same WAN with 4 vLANs

Tue Apr 02, 2019 6:58 pm

viewtopic.php?f=13&t=143620

Check out this excellent read with examples. It may not apply but may give you some good ideas at least on the vlan end of things.
The rest sounds like a mangle process where you ensure traffic going in one interface, goes out same interface and the other half of that equation is assigning vlans to interfaces.
By mangling originating traffic on the LANs by source and commensurate routing rules.
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
 
User avatar
k6ccc
Member
Member
Posts: 480
Joined: Fri May 13, 2016 12:01 am
Location: Glendora, CA, USA (near Los Angeles)

Re: How to configure 4 Up-Links on same WAN with 4 vLANs

Tue Apr 02, 2019 7:55 pm

I've been doing this for years. Until very recently my RB750r2 had one DSL connection with five static IPs. There were different LANs (mostly via VLAN) that each routed traffic out the same DSL, but via different IP addresses. All it takes is a simple outgoing NAT statement to get the outgoing traffic for each LAN to go out with the right IP. I don't have access to the script file right now, but I can look up my backups when I get home.

For example:
VLAN 201 went out via 208.127.104.77
VLAN 202 went out via 208.127.104.3
VLAN 203 went out via 208.127.104.9
VLAN 204 went out via 208.127.104.18
VLAN 205 went out via 208.127.104.19
The router itself went out via 208.127.104.77

Is this what you are trying to do?

BTW, in case anyone is wondering, those IPs are no longer in use after my ISP changed me to a single dynamic IP instead of eight static ones - dammit!
RB750Gr3, RB750r2, CRS326-24G-2S (in SwitchOS), CSS326-24G-2S, CSS106-5G-1S, RB260GS
Not sure if I beat them in submission, or they beat me into submission


Jim
 
anav
Forum Guru
Forum Guru
Posts: 3130
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: How to configure 4 Up-Links on same WAN with 4 vLANs

Tue Apr 02, 2019 8:03 pm

@k6ccc So are you like a suburb of LA? Seems like your on the cusp of Mountains, must be beautiful and close to ski hills? (prevalent raging forest fires in that area)?
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
 
User avatar
k6ccc
Member
Member
Posts: 480
Joined: Fri May 13, 2016 12:01 am
Location: Glendora, CA, USA (near Los Angeles)

Re: How to configure 4 Up-Links on same WAN with 4 vLANs

Tue Apr 02, 2019 9:15 pm

@k6ccc So are you like a suburb of LA? Seems like your on the cusp of Mountains, must be beautiful and close to ski hills? (prevalent raging forest fires in that area)?
Correct. Glendora is about 20 miles east and slightly north of downtown Los Angeles. The city moto is "Pride of the Foothills". The city is on the foothills of the San Gabriel mountains. We get a little snow in the San Gabriels, but not enough to ski - just enough to look pretty. As for fires, we had one a few years ago that burned right down to the houses at the north end of town, but no homes were lost. In the greater Los Angeles Metropolitan area, there are small fires at least somewhat regularly during the hotter months, and every year or two we get at least a semi-major fire. Had the Woolsey file last fall that was about 60 miles west of me in Ventura County. I was deployed up there with the California Office of Emergency Services as a communications volunteer for a couple days. The photo below was taken about 12 hours after the fire started from a parking lot that was for a while being used as a staging area for law enforcement personnel that we dealing with evacuations. The fire was less than a half mile away and the smoke was very thick.

Image

Now, back to routers... I'll check my script file for he exact wording (rather than try to remember)...
RB750Gr3, RB750r2, CRS326-24G-2S (in SwitchOS), CSS326-24G-2S, CSS106-5G-1S, RB260GS
Not sure if I beat them in submission, or they beat me into submission


Jim
 
ivanobuffa
just joined
Topic Author
Posts: 6
Joined: Tue Apr 02, 2019 1:38 am

Re: How to configure 4 Up-Links on same WAN with 4 vLANs

Wed Apr 03, 2019 12:53 am

Thanks @anav. I'll check the post (even though it's not a duplicate one) and hopefully I will sort my problem out.

@k6ccc: thank you too for your help. If you can send me your script or any other instructions on how to configure my router to achieve the target configuration highlighted above, that would be great.
On this note, looking at your public static IPv4 addresses you mentioned (indicated below):
---
VLAN 201 went out via 208.127.104.77
VLAN 202 went out via 208.127.104.3
VLAN 203 went out via 208.127.104.9
VLAN 204 went out via 208.127.104.18
VLAN 205 went out via 208.127.104.19
The router itself went out via 208.127.104.77

---
What was the subnet? I mean, were they part of the same network segment? The reason why I am asking that is because in my case my public static IPv4 addresses belong to the very same network segment.

Thanks
 
User avatar
k6ccc
Member
Member
Posts: 480
Joined: Fri May 13, 2016 12:01 am
Location: Glendora, CA, USA (near Los Angeles)

Re: How to configure 4 Up-Links on same WAN with 4 vLANs

Wed Apr 03, 2019 1:04 am

@ivanobuffa
They were all part of a /24 network from my IP. I had eight addresses scattered through the range.
I will pull up my script later this evening. It was quite easy...
RB750Gr3, RB750r2, CRS326-24G-2S (in SwitchOS), CSS326-24G-2S, CSS106-5G-1S, RB260GS
Not sure if I beat them in submission, or they beat me into submission


Jim
 
ivanobuffa
just joined
Topic Author
Posts: 6
Joined: Tue Apr 02, 2019 1:38 am

Re: How to configure 4 Up-Links on same WAN with 4 vLANs

Wed Apr 03, 2019 1:16 am

@k6ccc: Thanks!
 
ivanobuffa
just joined
Topic Author
Posts: 6
Joined: Tue Apr 02, 2019 1:38 am

Re: How to configure 4 Up-Links on same WAN with 4 vLANs

Wed Apr 03, 2019 11:30 am

Hi @k6ccc,

Did you manage to find your script?

Thanks.
 
User avatar
k6ccc
Member
Member
Posts: 480
Joined: Fri May 13, 2016 12:01 am
Location: Glendora, CA, USA (near Los Angeles)

Re: How to configure 4 Up-Links on same WAN with 4 vLANs

Wed Apr 03, 2019 5:46 pm

Yes.
add action=src-nat chain=srcnat comment="Outgoing NAT from .201 LAN" \
    disabled=no out-interface=E1-p10_DSL_Internet src-address=\
    192.168.201.0/24 to-addresses=208.127.104.77
add action=src-nat chain=srcnat comment="Outgoing NAT from .202 LAN" \
    disabled=no out-interface=E1-p10_DSL_Internet src-address=\
    192.168.202.0/24 to-addresses=208.127.104.3
add action=src-nat chain=srcnat comment="Outgoing NAT from .203 LAN" \
    disabled=no out-interface=E1-p10_DSL_Internet src-address=\
    192.168.203.0/24 to-addresses=208.127.104.9
add action=src-nat chain=srcnat comment="Outgoing NAT from .204 LAN" \
    disabled=no out-interface=E1-p10_DSL_Internet src-address=\
    192.168.204.0/24 to-addresses=208.127.104.18
add action=src-nat chain=srcnat comment="Outgoing NAT from .205 LAN" \
    disabled=no out-interface=E1-p10_DSL_Internet src-address=\
    192.168.205.0/24 to-addresses=208.127.104.19
When I originally set this router up, I was replacing several consumer grade routers. Each consumer router had it's own public static IP and was driving it's own LAN. I wanted the MikroTik to emulate that behavour. Someone else here on this forum suggested that solution (or I read it in the Wiki). This worked perfectly.
RB750Gr3, RB750r2, CRS326-24G-2S (in SwitchOS), CSS326-24G-2S, CSS106-5G-1S, RB260GS
Not sure if I beat them in submission, or they beat me into submission


Jim
 
ivanobuffa
just joined
Topic Author
Posts: 6
Joined: Tue Apr 02, 2019 1:38 am

Re: How to configure 4 Up-Links on same WAN with 4 vLANs

Wed Apr 03, 2019 11:41 pm

Hi @k6ccc,

Thanks for your post.

I took note and I will give it a try tomorrow morning.

Regards.
 
ivanobuffa
just joined
Topic Author
Posts: 6
Joined: Tue Apr 02, 2019 1:38 am

Re: How to configure 4 Up-Links on same WAN with 4 vLANs

Fri Apr 05, 2019 2:02 pm

Yes.
add action=src-nat chain=srcnat comment="Outgoing NAT from .201 LAN" \
    disabled=no out-interface=E1-p10_DSL_Internet src-address=\
    192.168.201.0/24 to-addresses=208.127.104.77
add action=src-nat chain=srcnat comment="Outgoing NAT from .202 LAN" \
    disabled=no out-interface=E1-p10_DSL_Internet src-address=\
    192.168.202.0/24 to-addresses=208.127.104.3
add action=src-nat chain=srcnat comment="Outgoing NAT from .203 LAN" \
    disabled=no out-interface=E1-p10_DSL_Internet src-address=\
    192.168.203.0/24 to-addresses=208.127.104.9
add action=src-nat chain=srcnat comment="Outgoing NAT from .204 LAN" \
    disabled=no out-interface=E1-p10_DSL_Internet src-address=\
    192.168.204.0/24 to-addresses=208.127.104.18
add action=src-nat chain=srcnat comment="Outgoing NAT from .205 LAN" \
    disabled=no out-interface=E1-p10_DSL_Internet src-address=\
    192.168.205.0/24 to-addresses=208.127.104.19
When I originally set this router up, I was replacing several consumer grade routers. Each consumer router had it's own public static IP and was driving it's own LAN. I wanted the MikroTik to emulate that behavour. Someone else here on this forum suggested that solution (or I read it in the Wiki). This worked perfectly.
Hi k6ccc,

I really want to thank you for your time and suggestion.

I modified accordingly your script and it worked perfectly.

I hope this post will help others.

Amen!!!!!

ahahhahahha

Ti salutai (this is Sicialian language) :) ^_^

Who is online

Users browsing this forum: Google [Bot] and 71 guests