MikroTik

Hello and Welcome Everyone,

I have two routers, and they both have access to the Internet. Both routers are also connected via a /30 PTP IP and can ping one another.

I have different network subnets in my 2nd router and all my network is connected from it. I just want to shift some Network prefixes to my 1st router from my 2nd router and apply NAT and QOS policies on those prefixes on 1st router also these prefixes have access to the internet via this 1st router.

can you please let me know what setting is required on both ends I searched too much about its solution but did not reach any results.

The diagram is attached.

Double posting is considered poor form and both lack device configurations.
viewtopic.php?t=214573

Double posting is considered poor form and both lack device configurations.
viewtopic.php?t=214573

duplicated topic was locked

It seems so easy that I am afraid I have missed some important point. And if there is indeed none, it may be the reason why you cannot find anything online - this is a very basic routing scenario so no one bothers to boast "I have made it".

• assign addresses from the subnets you want to live on the 1st router to interfaces on the 1st router, and assign addresses from subnets you want to live on the 2nd router to interfaces on the 2nd one.
• if not done yet, make default routes on both routers use the remote address in the uplink /30 subnet.
• also on both routers, create a route to 172.16.0.0/20 with the address of the other router within the 10.10.12.0/30 as a gateway.

If multiple routes match the destination, the one with the longest (i.e. most precisely matching) prefix wins, so the routers will only send to each other the traffic for those subnets within 172.16.0.0/20 that they have no own address in.

If someone sends a packet to an address from the 172.23.0.0-172.31.255.255 range, which is not used on any of the two routers, the packet will circulate between the routers until its TTL expires. If you expect this to happen too often, you can add blackhole routes to 172.23.0.0/16 and 172.24.0.0/21 on both routers.

If you want it fancy, you can configure OSPF or another dynamic routing protocol so that you could move the subnets between the router easily in the future, but for just two routers, it seems to me more like an exercise if you want to improve your skills in this direction. If you do that, the OSPF will install only routes to subnets used on the other router into the fib, but you will still need a blackhole route to 172.16.0.0/20 to prevent any eventual traffic towards unused addresses to be sent to the internet (and waste your uplink bandwidth).

Dear Sindy,

Thanks for your reply and explanation. I have tried OSPF, but the issue is that I have my 172.16.0.0/16, 172.17.0.0/16, 172.18.0.0/16, and other prefixes in the Router B routing table with /16 subnet and I want to send prefixes shared in the image with /24 subnet.

for your information I don't have any IP routing in Router A and all prefixes are routed in Router B and just want to send a few prefixes with /24 to Router A and also apply NAT and QoS policy on them in Router A.

I have my 172.16.0.0/16, 172.17.0.0/16, 172.18.0.0/16, and other prefixes in the Router B routing table with /16 subnet and I want to send prefixes shared in the image with /24 subnet.

So after all it is not that simple as you've outlined in your first post, thus my suspicion that I was missing something was correct

But it is nevertheless strange - although the router adds the routes learned via dynamic routing protocols with high distance values by design, the prefix length is taken into account first. So for a destination address 172.21.x.y, a route to 172.21.0.0/24 with distance=110 wil be chosen although a route to 172.21.0.0/16 with distance=1 exists. I.e. my suggestion to add just a route to 172.16.0.0/12 cannot work as you have added those /16 routes that shadow the /12 one, but OSPF should shadow those /16 ones by /24 ones.

So we have two mysteries now - why do you need those /16 routes at all, given that no other destinations within 172.16.0.0/12 than the /24 ones are shown on your diagram, and why OSPF does not shadow them.

I don't have any IP routing in Router A and all prefixes are routed in Router B and just want to send a few prefixes with /24 to Router A and also apply NAT and QoS policy on them in Router A.

Here I am confused. If you add an address from some subnet to a router, a route to that subnet is added dynamically as well. If you add addresses from multiple subnets, the hosts in these subnets can use the router's addresses in their own subnets as gateways to the other subnets.


So if we forget all the above, which stems from my initial understanding of your post - maybe I got it totally wrong and what you actually have in mind is that you want all the hosts in all the subnets (including 172.20.0.0/24 and 172.21.0.0/24) to stay connected to CCR2 and use it as their gateway, but you want the hosts in 172.20.0.0/24 and 172.21.0.0/24 to access the internet via CCR-1, using its internet uplink?