I am trying to use a RB1000 as a core router and join networks without leaving Internet for traffic between these networks as internal. I put a simple diagram at the end with a little config.

I have 2 internet providers. One of them gives me two ip ranges, a / 27 and another / 28 on the same link and the other give to my an / 24.
In the configuration I'm using works correctly if Nat or I make a masquerade or a subnet of plublic ips with other gateway in the mikrotik using proxy-arp.
Only use this network server and not help the fact subnets, besides that already are being used the ips that would be outside to do it and I can not change them.
I do not work with private ips.
I make a bridge and trace show the right thing but to access the servers of another segment is to slow, the opposite of when Nat or make another subnet with proxy-arp in the interface.

How should I carry the entire network to switch and use the GW gives me the supplier to make the traffic between public ips networks as internal?

Thanks in advance

Greetings to everyone.





ISP1 -----------(eth0)--| RB1000 |--(eth3proxy-arp)--------| SWITCH |----- LAN
200.x.x.1/27 ---------------|
200.x.x.33/28 -------------|
ISP2 -----------(eth1)-------|
190.x.x.1/24


/ip address
add address=192.168.88.1/24 broadcast=192.168.88.255 comment="default configuration" disabled=no interface=SW1 network=192.168.88.0
add address=190.x.x.253/24 broadcast=190.x.x.253 comment="" disabled=yes interface=ISP2 network=190.x.x.253
add address=200.x.x.2/27 broadcast=200.x.x.31 comment="" disabled=no interface=ISP1 network=200.x.x.0
add address=200.x.x.45/28 broadcast=200.x.x.47 comment="" disabled=no interface=ISP1 network=200.x.x.32

/ip route
add comment="" disabled=yes distance=1 dst-address=0.0.0.0/0 gateway=190.x.x.1 routing-mark=mark_WAN3 scope=30 target-scope=10
add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=200.x.x.1 routing-mark=mark_WAN1 scope=30 target-scope=10
add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=200.x.x.33 routing-mark=mark_WAN2 scope=30 target-scope=10

/ip route rule
add action=lookup comment="" disabled=no interface=ISP1 routing-mark=mark_WAN2 src-address=200.x.x.40/30 table=mark_WAN2
add action=lookup comment="" disabled=no interface=ISP1 routing-mark=mark_WAN1 src-address=192.168.88.2/32 table=mark_WAN1
add action=lookup comment="" disabled=no interface=ISP1 routing-mark=mark_WAN2 src-address=192.168.88.3/32 table=mark_WAN2
add action=lookup comment="" disabled=no table=main

/ip firewall mangle
add action=mark-routing chain=prerouting comment="" disabled=yes new-routing-mark=mark_WAN3 passthrough=no src-address=190.x.x.0/24
add action=mark-routing chain=prerouting comment="" disabled=no new-routing-mark=mark_WAN1 passthrough=no src-address=192.168.88.2
add action=mark-routing chain=prerouting comment="" disabled=no new-routing-mark=mark_WAN2 passthrough=no src-address=192.168.88.3
add action=mark-routing chain=prerouting comment="" disabled=no new-routing-mark=mark_WAN2 passthrough=no src-address=200.x.x.40/30

you could try putting static DNS entries in your RB1000 so that internal PC's resolve a 192.168.x.x address for the servers instead of the real world ip address - that way they won't even pass through the RB1000 - just the switch.

This assumes of course, that your are using the RB1000 as a caching DNS server for your LAN, and not just using your ISP's DNS on your LAN PC's.