Hi I cant for the life of me figure out how to do this properly

Apart from my WAN IP I have a /29 subnet that I'd like to use as source addresses for my outgoing NAT'ed trafic. How on earth does I do that ? I assume creating an adresslist containing the addresses is step 1 - but now I miss a loopback interface or something similar to 'bind' the IP adressses to ?!?

Gear is RB750G running R.OS 5.4

What are you looking to do? You have a full /29, is that routed to you, or only available on your WAN?

If it's routed to you, you can just have that subnet on the LAN of your router and hand out those IPs there. However if it is only available on the WAN, that means you need to assign all of the IP addresses you own to the WAN and set up NAT rules for whatever you want to do.

There are several ways to do this, you can play around with the PCC firewall matcher, netmap, or a few other options depending on your needs.

What are you looking to do? You have a full /29, is that routed to you, or only available on your WAN?

If it's routed to you, you can just have that subnet on the LAN of your router and hand out those IPs there. However if it is only available on the WAN, that means you need to assign all of the IP addresses you own to the WAN and set up NAT rules for whatever you want to do.

There are several ways to do this, you can play around with the PCC firewall matcher, netmap, or a few other options depending on your needs.

The /29 subnet is routed to my WAN IP. What I'm trying to do is source-nat some of my outgoing traffic with one or more of the /29 addresses as the new source IP's.

You can just source NAT to it. No need to assign the IP to an interface or anything. The main reason you need to bind IPs to interfaces for source NAT purposes is when they are IPs on a network directly connected to the ISP, so that the router responds to that IP when the other end ARPs for it. If the ISP router can't ARP a directly connected IP it doesn't know where to send the packets, so it drops them. If the IPs are already routed your way it knows where to send traffic via a next hop route and not a directly connected route, so you're good.

If you do want to emulate a loopback though you can just create a bridge interface and not add ports to it, and then assign the IP as a /32 to the bridge interface: You can use address lists to easily determine who to NAT to what, but it isn't strictly necessary.

So basically if you want to use routed IP a.b.c.d for source NAT for networks 10.1.0.0/24 and 172.16.1.0/24 it would look something like this: or with address lists:

Thanks alot fewi - works like a charmp with a new firewall nat rule - simply didnt't think it would be this simple to set up