[Mikrotik] basic routing

Ty Featherling tyfeatherling at gmail.com
Wed Jun 13 13:43:09 CDT 2012


Okay, after putting out fires for a few days I am back at looking at this
issue. What I have found is that traffic from me on the
207.235.23.0/26subnet is leaving ether1 on the RB like it should but
as a result is
leaving AS 10.100.0.2. Since that is a private address it is not routable
beyond my edge. That makes sense. I replaced the private ips between the
two routers with public addresses and while I do have connectivity with the
world that way, it is only because I am routed as the new public IP
assigned to the RB's ether1. NAT is NOT enabled. Can anyone verify my
thinking or explain what SHOULD be happening here?

-Ty

On Wed, Jun 6, 2012 at 9:02 PM, Ty Featherling <tyfeatherling at gmail.com>wrote:

> After checking routes that was the first thing I checked. I'm still
> baffled.
>
> -Ty
> On Jun 6, 2012 8:34 PM, "Blake Covarrubias" <blake at beamspeed.com> wrote:
>
>> /ip firewall nat, to be precise. Otherwise, no.
>>
>> --
>> Blake Covarrubias
>>
>> On Jun 6, 2012, at 4:31 PM, Ty Featherling wrote:
>>
>> > Would it be somewhere other than ip firewall?
>> >
>> > -Ty
>> > On Jun 6, 2012 5:44 PM, "Butch Evans" <butche at butchevans.com> wrote:
>> >
>> >> On Wed, 2012-06-06 at 11:50 -0500, Ty Featherling wrote:
>> >>> I am trying to route my first tower with mikrotik. I have a private
>> /30
>> >>> setup between my edge router and ether1 of the RB. I have a private
>> /24
>> >>> setup for an ap and it's cpe on ether2. I have a subnet of public
>> >> addresses
>> >>> to use for clients of this AP and the gateway for those is set as an
>> >>> address on ether2 as well. Default route is the gateway for ether1
>> which
>> >> is
>> >>> our edge router. There is a route on the edge router routing that
>> subnet
>> >> of
>> >>> publics back to the ether1 address of the RB. This all sounds right to
>> >> me.
>> >>
>> >>
>> >> This all sounds correct to me.  From a connected device on the lan side
>> >> (the 207.235.23.0/26 block), you are able to ping everything inside
>> your
>> >> network, but not beyond that?  I'd doublecheck to ensure there is NOT a
>> >> NAT rule in place on the MT that is causing this issue.
>> >>
>> >> --
>> >> ********************************************************************
>> >> * Butch Evans                * Professional Network Consultation   *
>> >> * http://www.butchevans.com/ * Network Engineering                 *
>> >> * http://store.wispgear.net/ * Wired or Wireless Networks          *
>> >> * http://blog.butchevans.com/ * ImageStream, Mikrotik and MORE!    *
>> >> *          NOTE THE NEW PHONE NUMBER: 702-537-0979                 *
>> >> ********************************************************************
>> >>
>> >>
>> >>
>> >> _______________________________________________
>> >> Mikrotik mailing list
>> >> Mikrotik at mail.butchevans.com
>> >> http://www.butchevans.com/mailman/listinfo/mikrotik
>> >>
>> >> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
>> >> RouterOS
>> >>
>> > -------------- next part --------------
>> > An HTML attachment was scrubbed...
>> > URL: <
>> http://www.butchevans.com/pipermail/mikrotik/attachments/20120606/477593d7/attachment.html
>> >
>> > _______________________________________________
>> > Mikrotik mailing list
>> > Mikrotik at mail.butchevans.com
>> > http://www.butchevans.com/mailman/listinfo/mikrotik
>> >
>> > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
>> RouterOS
>>
>> _______________________________________________
>> Mikrotik mailing list
>> Mikrotik at mail.butchevans.com
>> http://www.butchevans.com/mailman/listinfo/mikrotik
>>
>> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
>> RouterOS
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.butchevans.com/pipermail/mikrotik/attachments/20120613/330c7e92/attachment.html>


More information about the Mikrotik mailing list