Community discussions

MikroTik App
  4. RouterOS
  5. Beginner Basics

basic routing sample 2 (simple) questions

Post Reply
 
RamonetNet
newbie
Topic Author
Posts: 28
Joined: Thu Dec 21, 2017 6:50 pm

basic routing sample 2 (simple) questions

Fri Dec 24, 2021 3:35 pm

Good morning.
I am trying to understand how toconfigure RouterOS routing.
I am reading https://help.mikrotik.com/docs/display/ ... figuration

The resume of their scripting is :
Code: Select all
# 1- clean router
/system reset-configuration no-defaults=yes skip-backup=yes
# 2- create bridge
/interface bridge add name=local
/interface bridge port add interface=ether2 bridge=local
/ip address add address=192.168.88.1/24 interface=local
# 3- setup DHCP server (ommited)
# 4- configure internet connection
/ip address add address=1.2.3.100/24 interface=ether1
/ip route add gateway=1.2.3.1
/ip dns set servers=8.8.8.8
# 5- route
/ip firewall nat
  add chain=srcnat out-interface=ether1 action=masquerade
Here, at the very beginning, two questions come tomy mind. Hope some kind soul provides me some light:

1) why is it coding a "bridge" of just one interface ?
2) I see "out-interface" is specified tobe "ether1", but why "ether2" is not specified, neither "local" bridge ?

Thanks for your help or any URL or pointer.
Top
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11582
Joined: Thu Mar 03, 2016 10:23 pm

Re: basic routing sample 2 (simple) questions

Fri Dec 24, 2021 4:15 pm

  1. most Routerboard devices have more than 2 interfaces ... either more than 2 wired interfaces (ether, SFP, ..,) or they have wireless interface(s). Most common use case is to have one of interfaces configured for WAN (ether1 in your example), all the rest are bridged for LAN use. Which means that in most cases device acts as a (wirespeed) switch between interfaces - members of bridge.
    If you only need single interface for certain LAN subnet, then you can skip first two lines of step #2 and use ether2 in third line of that step. However, while having bridge between physical interface and IP layer does add some processing overhead, it also adds flexibility ... you can easily add or remove interfaces without bringing the whole LAN segment down (with a few gotchas).
  2. step #5 is not about routing, it's about NATing LAN IP addresses to WAN interface. And the way it's written (out-interface=ether1) makes sure that NAT is only performed for traffic leaving towards internet. The other two categories of traffic are internet->LAN and LAN->LAN (not in your particular example) where one doesn't want to have source NAT (on LAN hosts one wants to see remote address, not router's address).
    Keep in mind that in ROS no interface is special, they only differ due to configuration. What makes a particular port WAN port is appropriate configuration, NAT in principle acts on all packets matching selection criteria (with default being all packets).
Top
 
RamonetNet
newbie
Topic Author
Posts: 28
Joined: Thu Dec 21, 2017 6:50 pm

Re: basic routing sample 2 (simple) questions

Mon Dec 27, 2021 1:00 pm

Thanks, mr MKX.
Can you provide a sample routing code to send all packets from "local" bridge to "ether1" ?
Or maybe you can provide a pointer to documentation on how it is done plus some concepts.
Thanks a lot.

PD.- may this sentence do the trick ?
/ip route add comment=Fibra distance=1 gateway=192.168.1.1 routing-mark=internet_directe

What about the reverse traffic, from internet to "ether2" ? Do i need another rule ?
Top
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19318
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:
Contact anav

Re: basic routing sample 2 (simple) questions

Mon Dec 27, 2021 4:07 pm

What are you trying to accomplish. Playing whackamole with what ifs is tiring.
What is your network topology (diagrams are helpful).
Then describe your use cases without any discussion of the config
(describes the devices/users or groups of devices/users needs - what they should be able to do and what they should not be able to do).
Then with the two items above a config can be formulated and at least discussed with some context.

I will leave it to others who enjoy playing whackamole ;-)
Top
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11582
Joined: Thu Mar 03, 2016 10:23 pm

Re: basic routing sample 2 (simple) questions

Mon Dec 27, 2021 7:20 pm

As @anav already wrote: explain your use case and what doesn't work for you ... only that way we can comment on your particular use case.


Can you provide a sample routing code to send all packets from "local" bridge to "ether1" ?
There's noting to configure. Routers will gladly pass packets from one interface to another interface ... where they have their own IP address ... according to routes configured. What is there implicitly is route towards connected subnet. I.e. in your case router will pass packets with destination IP addresses in the 192.168.88.0/24 subnet via interface local (as there's a brige behind that interface, ethernet bridging/switching logic will take over after that). Likewise it'll pass all packets destined to 1.2.3.0/24 via interface ether1 ... The explicit configuration of default gateway (middle line of step #4) instructs it to pass packets with other destination IP addresses to configured gateway (which is member of directly connected IP subnet behind interface ether1).

All of stuff in my previous paragraph is part of common IP routing knowledge, none is really specific to Mikrotik.
Top
 
RamonetNet
newbie
Topic Author
Posts: 28
Joined: Thu Dec 21, 2017 6:50 pm

Re: basic routing sample 2 (simple) questions

Fri Dec 31, 2021 3:33 pm

well, the configuration is provided in the URL I wrote :
>>> https://help.mikrotik.com/docs/display/ ... figuration
.. this is, few local stations on the "bridge"'s interfaces, and a ISP router at IP =1.2.3.1

I understant what routers are suposed to do ... my problems are with the Mikrotik syntax

In fact, the sentence I have in front of me now is
Code: Select all
/ip route add comment=Fibra distance=1 gateway=192.168.1.1 routing-mark=internet_directe
.. and the misterious words are "routing-mark"

And the big problem is to know how routing works - lets write down a sample scenario - correct any errors of mine - there shall be many ...

1) a client station (IP=192.168.88.2) is connected at "ether2" (IP=192.168.88.1)
2) the client uses a browser and requests "URL=http://22.33.44.55"
3) masquerade is applied, so origin IP (192.168.88.2) is changed to 1.2.3.100
4) destination IP is still 22.33.44.55 - what rule is applied to route this packet to "ether1" ?
Pretty sure the rule is "/ip route add gateway=1.2.3.1" ... but ether1 IP is 1.2.3.100 ...

Sure there shall be a short and obvious explanation, but I can see it now.
I am reading again and again the last sentence written by mr MKX ...
What is there implicitly is route towards connected subnet ... sounds misterious tome

Anyway, I appreciate your time and URLs.
Top
 
User avatar
smyers119
Member Candidate
Member Candidate
Posts: 232
Joined: Sat Feb 27, 2021 8:16 pm
Location: USA

Re: basic routing sample 2 (simple) questions

Fri Dec 31, 2021 3:41 pm

Your looking for a default route or "route of last resort"

/ip route add dst-address=0.0.0.0/0 gateway=1.2.3.1
Top
Post Reply

Who is online

Users browsing this forum: matiss, seriosha and 39 guests
  4. RouterOS
  5. Beginner Basics