MikroTik

So I am not new to Mikrotik, but new to this issue. Here's the scenario:

Customer has software on a server that uses broadcast messages (NOT multicast or unicast) to send out informational updates to workstations on the same network. We found this out AFTER we began a migration of said server to a different subnet. The new setup will have the servers on one subnet (we'll say 10.10.11.0/24) and the workstations on a secondary (10.10.16.0/24). The two subnets are routeable, and I have the ability to put a Mikrotik in place with an interface on each network. I need to take the broadcast messages from the server network and re-broadcast them on the workstation network.

It seems that IGMP Proxy and PIM would only work for multicasting, so is there anything that would help for broadcasts?

To avoid the common practice of saying the setup is bad or should change, here's the following. While I know there are ways around the issue above (put the server on the same network, get better software, etc), the above is what I am trying to do. I am very greatful for any help, but please do not reply with responses of how this is the reason for multicast or anything not related to the ability to forward broadcast traffic. I cannot get rid of the software or change the network topology, at least for the foreseeable future. Forgive me if that seems snarky.

Again, thank you in advance for any help.

Yeah, and I want to turn water into wine as well.

You may try to convince MikroTik to implement some broadcast relay (I've seen programs for Linux in the past). I'm sure you wouldn't be the only one who would use it, but I also don't think that demand for such feature is any high, so I wouldn't count too much on them saying "yes".

Except the fact that it would break the standard restricting a broadcast domain to its own subnet, this could be a useful feature.
It would enable e.g. workgroup/SMB browsing across subnets without using a WINS server. But this tends to become kind of obsolete.

Yeah, and I want to turn water into wine as well.

That's a very good example of a post that is both unhelpful and not related to the conversation, the exact reason posts like this become long and hard to traverse.

You may try to convince MikroTik to implement some broadcast relay (I've seen programs for Linux in the past). I'm sure you wouldn't be the only one who would use it, but I also don't think that demand for such feature is any high, so I wouldn't count too much on them saying "yes".

So I'm not looking to add a new feature, but just see if there is anything that exists. I've heard of DST NATing to a unicast address, but again not helpful. It's definitely a frustrating situation, as the software development company is extremely unhelpful in trying to come up with a solution.

Except the fact that it would break the standard restricting a broadcast domain to its own subnet, this could be a useful feature.
It would enable e.g. workgroup/SMB browsing across subnets without using a WINS server. But this tends to become kind of obsolete.

With PIM and IGMP Proxy, it seems you can restrict the source of the rebroadcasted packets, which is what I was hoping for here. That would help to keep the broadcast domain restricted.


Thanks for the replies everyone. Maybe someone will have an idea.

I have spare and relatively cheap Mikrotiks in my inventory, but cannot say the same about Cisco routers. However, the "ip forward-protocol" and "ip helper-address" features in Cisco OS seem to be what I am looking for. I wonder if there is anything similar in RouterOS. There's the DHCP-Relay, but that is definitely a unicast forward.

@sob
would EOIP tunnel do the same thing here? passing boadcast traffic?

@sob
would EOIP tunnel do the same thing here? passing boadcast traffic?

Not highjacking your question or @Sob answer, but would both networks not need to be on same subnet range then?

Yeah, and I want to turn water into wine as well.

That's a very good example of a post that is both unhelpful and not related to the conversation, the exact reason posts like this become long and hard to traverse.

But your requirements are completely non-sensical, hence my sarcastic reply.
The whole point of separate subnets is to isolate broadcast traffic. If you want the broadcast traffic then put them in the same subnet. It's not rocket science.

It's definitely a frustrating situation, as the software development company is extremely unhelpful in trying to come up with a solution.

That's because there isn't one.

Thanks for the replies everyone. Maybe someone will have an idea.

Have you not worked it out yet? There isn't an answer. It's the same as turning water into wine. Not possible.

Maybe when you had 2 routers between the networks, on the 1st router you could dst-nat the specific traffic to a destination address on the 2nd router, then there you could dst-nat it to 255.255.255.255 again.
Not sure if it would work, there could be some sanity check somewhere that refuses to do it.

When you can do it on two routers, it may be possible to do it on one router as well when you make a loopback IPIP tunnel to the router itself.
(a solution for other "impossible configurations")

However, the "ip forward-protocol" and "ip helper-address" features in Cisco OS seem to be what I am looking for. I wonder if there is anything similar in RouterOS.

As far as I know, there isn't. But when I wrote about convincing MikroTik before, I didn't know that argument "but Cisco can do it!" is an option, so that could help.

@solar77: I don't think that EoIP would do any good here. By itself it's just another interface and it doesn't help. It would have to be bridged ... and then you can just bridge existing interfaces. Which might not be as bad as it sounds.

A bridge between two networks, with proper filtering (i.e. let only the required broadcasts pass and drop the rest) might actually work. It depend on what kind of broadcasts the software uses.

@pe1chl: Probably not, broadcasts and dstnat don't seem to play well together.

I'm following this tread with great interest, as I have a very similar issue

Currently I have an extra Linux box on the workstations network, just for this job, running: I don't know if this is a solution for you

Guys, just build the nets correctly. That's all.

Yikes, I missed a lot since I started this thread. I did end up getting a Cisco router in place and using the "ip forward-protocol" feature built into it. It worked like a champ.

In response to "build the network better" type answers, the network was well established before this came into play. The software was on the same subnet as the main users, but new server room requirements meant that the servers would now live in a different physical location on a different subnet. That new subnet was again already established, and finding a workaround such as this thread was meant to do was a much better solution than requiring taking down multiple subnets to join them into a single larger one. The software company I feel was at fault for not supporting a unicast option, rather than only allowing broadcast traffic.

Seeing the unhelpful responses makes me realize how so many forum posts get into stupid arguments so easily. Thanks to you folks that provided potential solutions. I never did try it, but I agree that perhaps the bridge option could potentially work. I'd love to hear if anyone tries it out.