Page 1 of 1
PPPoE + Routed subnet
Posted: Fri Feb 26, 2010 5:30 pm
by ciphercore
Here is what I would like to do:
I would like to have the RB750G act as PPPoE client. Then be able to pass a routed subnet (from PPPoE connection) /30 to a differnet interface. The device behind the RB750 would either have the IP setup static or perhaps I could setup the DHCP server to hand it (routed subnet) out. Can someone point me in the correct way ?
PPPoe in (plus /30) ->RB750G -> /30 (static or DHCP)
Re: PPPoE + Routed subnet
Posted: Mon Mar 01, 2010 9:32 pm
by ciphercore
Any thoughts ? Am I retarded ? Can this be done ?
Re: PPPoE + Routed subnet
Posted: Mon Mar 01, 2010 9:49 pm
by ciphercore
PPPoE client : 1.1.1.105
Routed subnet 1.1.1.104/30
I want to hand 1.1.1.106 out
Re: PPPoE + Routed subnet
Posted: Mon Mar 01, 2010 10:14 pm
by dog
Where is your problem?
Just configure the LAN interface as 1.1.1.105/30 and the PC as 1.1.1.106/30 with GW 1.1.1.105
ROS will start routing automatically.
Re: PPPoE + Routed subnet
Posted: Tue Mar 02, 2010 5:06 am
by roadracer96
ppp connection 1.1.1.1 to client 1.1.1.2
lan interface on client side of 10.10.10.1/30
add a route on the server side 10.10.10.0/30 gateway 1.1.1.2
itll work automatically whenever the ppp link comes up.
Re: PPPoE + Routed subnet
Posted: Tue Mar 02, 2010 3:22 pm
by ciphercore
Thanks for pointing me in the correct direction. I will be giving it a go later this morning.
Re: PPPoE + Routed subnet
Posted: Fri Mar 05, 2010 4:57 pm
by ciphercore
So I still am having issues. I will list my steps, and hopefully someone can help.
setup -r (to remove default config 88.1/24)
add PPPoE client on ether1 (this gets 66.78.x.105 static) the PPPoe is getting 66.78.x.104/30
add 66.78.x.104/30 to ether2
on my test PC :
66.78.x.106
255.255.255.252
66.78.x105
I cannot ping out via IP or DNS. I am sure I am just missing something. Does ether2 need to be a slave to ether1 ? ANy other thoughts ?
Re: PPPoE + Routed subnet
Posted: Fri Mar 05, 2010 5:09 pm
by dog
So you have:
+-----+ pppoe-out1 +----+ 105 ether2 106 +----+
| ISP |----- 66.78.x.105/32 ----| RB |------ 66.78.x.104/30 -------| PC |
+-----+ +----+ +----+
That is a tricky setup as two interfaces have the same IP.
I would then go another way: Instead of giving this public IP to the PC use a simple 1:1 NAT:
/ip fire nat
add chain=srcnat src-addr=192.168.0.101 action=src-nat to-address=66.78.x.106
add chain=dstnat dst-addr=66.78.x.106 action=dst-nat to-address=192.168.0.101
(keep in mind to setup proper firewall filtering)
Re: PPPoE + Routed subnet
Posted: Fri Mar 05, 2010 5:15 pm
by ciphercore
That was what I was thinking (1:1 NAT). I will have to read up a bit more... thanks.
Re: PPPoE + Routed subnet
Posted: Fri Mar 05, 2010 5:39 pm
by ciphercore
This is working great with 1:1 NAT. Currently I have the PPPoE as a static. Is there a way to allow me to use a dynamic IP on the PPPoE ?
Something like:
add chain=srcnat src-addr=192.168.0.101 action=src-nat to-address=pppoe-out1
?
Re: PPPoE + Routed subnet
Posted: Fri Mar 05, 2010 7:51 pm
by roadracer96
I totally mis-understood your question. LOL!
Re: PPPoE + Routed subnet
Posted: Fri Mar 05, 2010 8:09 pm
by ciphercore
no worries roadracer69, i appreciated the effort.
Re: PPPoE + Routed subnet
Posted: Sat Mar 06, 2010 12:48 am
by dog
There is a way to do this for dynamic IPs BUT:
It will only work for one IP.
/ip fire nat
add chain=srcnat out-interf=pppoe-out1 action=masq
#to create an "exposed host":
add chain=dstnat in-interf=pppoe-out1 action=dst-nat to-addr=192.168.0.101
#or to only forward specific ports
add chain=dstnat dst-address-type=local dst-addr=!192.168.0.1 action=dst-nat to-addr=192.168.0.101 proto=80 dst-port=80
The last rule might look a bit complicated, but that is a little trick necessary so you can do Hairpin NAT.
Re: PPPoE + Routed subnet
Posted: Mon Mar 08, 2010 3:20 pm
by ciphercore
Thanks dog...
I will give this a try sometime today.
thanks
Re: PPPoE + Routed subnet
Posted: Mon Mar 08, 2010 9:36 pm
by ciphercore
This seem to work well. However when adding the last NAT rule
add chain=dstnat dst-address-type=local dst-addr=!192.168.0.1 action=dst-nat to-addr=192.168.0.101 proto=80 dst-port=80
I get an error saying that I need to select tcp or udp if dest port is specified. It does seem to work without this rule... do i need it ?
Re: PPPoE + Routed subnet
Posted: Mon Mar 08, 2010 9:52 pm
by dog
This rule was an example.
You could have
either used the last or the one before that.
In general the last one would be more secure as it is only simple port forwarding, the other creates an Exposed Host (you can google that).
Also I made a little typo. Correct would have been:
add chain=dstnat dst-address-type=local dst-addr=!192.168.0.1 action=dst-nat to-addr=192.168.0.101 proto=tcp dst-port=80
Re: PPPoE + Routed subnet
Posted: Mon Mar 08, 2010 10:05 pm
by ciphercore
Dog:
I figured it was an example but wanted to be sure that I understood. It is working exactly as I wanted, now I am just going to add another modem and do some mlppp.
Thank you again, you made my day.