MikroTik

Hello.
I have one physical interface eth0-local, on which i run dhcp server, network 192.168.0.0/24
Now i want to setup 172.16.17.0/24 on the same interface.
Here is what i do:
i add second address on the same interface - 172.16.17.1/24, network 172.16.17.0, with this address comes a dynamic route to 172.16.17.0, gateway eth0-local, preferred source 172.16.17.1
After this - mikrotik can ping any clients in 172.16.17.0, i can ping any client in 192.168.0.0 from 172.16.17.0, but i can't ping any client in 172.16.17.0 from 192.168.0.0, except 172.16.17.1 - i cant ping it from 192.168.0.0

What am i doing wrong? Maybe there is another way to accomplish what i am trying to do?

Hi,

Do you have any filter rules setup?

If so disable them and test again

I do have filter rules and i did what you suggest to no result - the behaviour didn't change.

Is the Mikrotik also the default GW for the 192.168.x.x machines? It sounds like it is, but I wanted to verify that fact before assuming so...

You need to make sure that there is no NAT rule that affects traffic between these two ranges
You need to make sure that there is no filter rule that affects traffic (in the forward chain)
If you have policy-based routing, you need to make sure that the two ranges exist in each-other's routing policy, or else create exceptions in the "/ip route rule" configuration

Remember that when you ping 172.16.17.1 - these packets go through the INPUT chain of the firewall rules, while .2 - .255 will go through the FORWARD chain of the firewall filter.

Thanks for you reply.
I've checked everything: i have disabled filter rules, no NAT rules, no routing rules, but still the only thing i get while i try to ping 172.16.17.10 from 192.168.0.69 -> From 192.168.0.50: icmp_seq=40 Redirect Host(New nexthop: 192.168.0.50)
192.168.0.50 is gateway.
And yes, mikrotik is the default GW for 192.168.x.x machines.

192.168.0.50 is gateway.

is a gateway? it is your MikroTik? or it is something else?

192.168.0.50 is mikrotik.
Finally i managed to get things working, and as expected the problem was not on mikrotik side - i used vagrant vm box to check subnet, and it used vagrant default gateway, which was virtualbox's NATed interface (so traffic from supposedly 172.16.17.0 network was originating from 192.168.0.0). I switched default gw on box and everything worked. Thanks for your help, guys.