[Mikrotik] Routing question about Public and Private IP's on gateway router

Christopher Tyler chris at mowisp.com
Sat Sep 25 00:49:07 CDT 2010


First let me start by saying that I am fairly new to MikroTik routers so 
not real familiar with some of the finer configuration points yet.  I'll 
try and be as detailed and yet as brief possible.

Our upstream gives us a /30 which I put on the 'WAN' interface.
They also gave us a /22 block which I broke up into /27 blocks and 
assign them to the 'LAN' interfaces as needed for end customers that 
require them.  Unless there is a special circumstance we do not give out 
blocks of IP's.  We have 6 LAN ports numbered LAN1 through LAN6.

In addition to the public IP block I setup private blocks of 
172.19.0.0/27 also on the 'LAN' interfaces as needed.

src-nat is setup to NAT only the private IP's and it's working, sort of. 
Here is the NAT rule:

/ip firewall nat
add action=masquerade chain=srcnat\
     disabled=no out-interface=WAN src-address=!<private>/22

Everything works as far as getting web traffic etc, but all the IP's 
even the public ones, are showing up (showmyIP, OpenDNS, etc) as our /30 
address provided by our upstream instead of the IP that was assigned to 
the end user.

All IP's are assigned via DHCP reservations.

No quite sure what I have messed up, but assume this is a simple fix and 
I'm just not thinking of it.  If you need any further info just let me 
know and I'll post it.

-- 
Christopher Tyler
Total Wireless Communications, LLC


More information about the Mikrotik mailing list