Community discussions

 
PortalNET
just joined
Topic Author
Posts: 15
Joined: Sun Apr 02, 2017 7:24 pm

How to enable 2 Static public IP block´s /30 feed on 1 fiber SFP , split into 2 different mikrotiks.

Tue Oct 08, 2019 4:48 am

Hi guys

i have a small issue, and i am having hard times finding a working solution for ..

My ISP service provider offers me 2 static IPs , split into 2 different blocks, meant to be used simultaneously on the same Mikrotik device.

example

Block 1 = 189.xxx.xx2.90/30
Block 2 = 201.xxx.xx9.124/30

Both IPs are sent on one single fiber connection directly from ISP provider to my mikrotik.

At the moment i am only using block1 , working fine, but now i have come to the needs of activating block2 , but on another mikrotik device on a different place..

Any ideas on how i can transport this block2 from my Main Mikrotik device to my second mikrotik device on a different location ?


Mikrotik1-ccr1009 receiving Block1 atm the moment working fine.
Mikrotik2-ccr1036 on a different location 20Miles awaw from Mikrotik1.

At the moment i have Fiber connection 10G sfp+ betwen Mikrotik1 and Mikrotik2 , and mikrotik1 is feeding Internet access to mikrotik2 , via Internal private LAN IP inside of a VLAN.

But now i have come to the needs of activating Block2 static public IP , directly on Mikrotik2-CCR1036, as i need to create direct DNS reverse zones for that Block2 static public IP , directly on Mikrotik2-CCR1036


i know i can create a bridge interface on Mikrotik1 and public both "block1 and block2" IP/addresses and assign on that Bridge Ports but would be only on Mikrotik1 (also the purpose of Bridge is to bridge physical and virtual interfaces) and not IP/addresses blocks on the same physical interface.

Any ideas or help is appreciated, as i am kind of lost on this one, and so far i have not seen a specific tópic with the same issue around here.

Cheers

Image
 
mkx
Forum Guru
Forum Guru
Posts: 3177
Joined: Thu Mar 03, 2016 10:23 pm

Re: How to enable 2 Static public IP block´s /30 feed on 1 fiber SFP , split into 2 different mikrotiks.

Tue Oct 08, 2019 8:39 am

Let's call CCR1009 (the ISP facing) R1. And let's call CCR1036 (the remote one) R2.

The simplest case: if R1 and R2 are (more or less) completely independent from L3 (IP) point of view, then you could bridge two SFP interfaces on R1 (one currently used for WAN and one currently used to connect to R2). Or rather bridge WAN SFP interface with VLAN interface which connects to R2. And configure R2 with the Block2 address statically (the same way as R1 is currently configured with Block1 address).

If that's not what you wish (e.g. LAN subnets of R1 and R2 need some kind of (semi)transparent connectivity), then it depends on how Block2 is routed towards you by ISP. It might be routed using Block1 address as gateway or it might be routed "natively" and R1 then should react to ARP requests regarding Block2 address ...
BR,
Metod
 
PortalNET
just joined
Topic Author
Posts: 15
Joined: Sun Apr 02, 2017 7:24 pm

Re: How to enable 2 Static public IP block´s /30 feed on 1 fiber SFP , split into 2 different mikrotiks.

Thu Oct 10, 2019 3:10 am

Well

thats exactly what i need i will give it a try, and will post the outcome result.
 
PortalNET
just joined
Topic Author
Posts: 15
Joined: Sun Apr 02, 2017 7:24 pm

Re: How to enable 2 Static public IP block´s /30 feed on 1 fiber SFP , split into 2 different mikrotiks.

Thu Oct 17, 2019 12:37 am

Let's call CCR1009 (the ISP facing) R1. And let's call CCR1036 (the remote one) R2.

The simplest case: if R1 and R2 are (more or less) completely independent from L3 (IP) point of view, then you could bridge two SFP interfaces on R1 (one currently used for WAN and one currently used to connect to R2). Or rather bridge WAN SFP interface with VLAN interface which connects to R2. And configure R2 with the Block2 address statically (the same way as R1 is currently configured with Block1 address).

If that's not what you wish (e.g. LAN subnets of R1 and R2 need some kind of (semi)transparent connectivity), then it depends on how Block2 is routed towards you by ISP. It might be routed using Block1 address as gateway or it might be routed "natively" and R1 then should react to ARP requests regarding Block2 address ...

Hi

So i did this and i was able to pull out public ip block2 and gateway on mikrotik R2, ip/address and ip/routes set accordingly to the Public IP block /30 from ISP provider..

but now i have a issue i can only navigate on certain sites such as GOOGLE CDN content sites, its weird, speedtest and other similar sites are not working, whats more interesting is... i am using another interface on mikrotik r2 with a static IP lan address and this interface hooked up to my PC for testing. i even set DNS manually on my PC NIC interface and still only get google, youtube a few other google services to run on it..

but i have also create a PPPOE server on the same R2 mikrotik device, and funny enough i have create a pppoe user , and shortly after i have create a pppoe connection on my PC using the NIC card, and guess what, all sites working just fine, via PPPOE, also tested with ppptp user create on the same mikrotik and i can also surf the web on all websites, but when i go on to static IP addres from LAN interface it only connect on google CDN services lol... any ideas? i have masquerade on firewall on all interfaces being used on the second R2 mikrotik
 
tdw
Member Candidate
Member Candidate
Posts: 196
Joined: Sat May 05, 2018 11:55 am

Re: How to enable 2 Static public IP block´s /30 feed on 1 fiber SFP , split into 2 different mikrotiks.

Thu Oct 17, 2019 4:41 pm

Sounds like an MTU issue, the default PPPoE server setup has an MTU of 1480.
 
PortalNET
just joined
Topic Author
Posts: 15
Joined: Sun Apr 02, 2017 7:24 pm

Re: How to enable 2 Static public IP block´s /30 feed on 1 fiber SFP , split into 2 different mikrotiks.

Thu Oct 17, 2019 11:55 pm

Sounds like an MTU issue, the default PPPoE server setup has an MTU of 1480.

Its strange but doesnt sound like an mtu issue.. i thinks its something in the mangle , or mark-routing that its not accepting it to filter it correctly on Static LAN ips from another interface, tbh i am kind of lost now..


steps so far

1- Block2 IP linked ok on the MK2 device

2- IP/route gateway ok and reacheable for Block2 IP

3- Lan eth4 IP/address 192.168.244.1/24 setup ok

4- IP/firewall/NAT src-nat , masquerade eth4 OK

5- IP/DNS setup and OK

6- IP/firewall/mangle src-address 192.168.244.10 with mark-routing and passtrough enabled.

7- Local PC machine connected on eth4 setup with static ip 192.168.244.10 and all dns and gateway setup.

But internet not working most sites, if i create a PPPOE SERVER on the MK2 and create a pppoe connection on the Local PC interface , internet works fine , thats how i have connected to write this post


so firewall mangle rules

IP: 10.50.51.100 Local IP from internal PPPOE server testing its working ok i can browse through the web just fine

add action=mark-routing chain=prerouting comment="## OUTGOING LINK 189.XXX.XXX.XXX ###" new-routing-mark=LINK2 passthrough=yes src-address=10.50.51.100


IP: 192.168.244.10 (Local LAN ip interface on MK2) this way its not working cannot browse the internet

add action=mark-routing chain=prerouting comment="## OUTGOING LINK 189.XXX.XXX.XXX ###" new-routing-mark=LINK2 passthrough=yes src-address=192.168.244.10

I have both interfaces PPPOE-server and Eth4 interface where static LAN ip is setup, both have firewall NAT masquerade enabled to allow access to the internet, same way as the WAN interface where i have setup the Block2 Public IP..

Who is online

Users browsing this forum: Baidu [Spider] and 103 guests