Dear Readers,

Today we switched our Internet Services from ISP A to ISP B and we are stuck with an issue which is not getting solved till now and its 1:15am here. We have our Own IPs from APNIC, which were previously advertised with ISP A using their ASN. The ISP A gave us a /30 subnet to bring our RB1100 on their network and then we put our own IPs on the Ether2 Interface for Public/Clients. The ISP A, subnet was also public IP and having Internet Access on it as well.
Now the ISP is changed, this ISP B, gave us a local IP for our RB1100 to connect with their network and this IP dont have Internet over it. The ISP B, advertised our IPs subnet at their end which we are using for Public/Clients.
The issue is this that on the 3rd Interface I configured a local subnet 192.168.1.1/24 which was Natted to Ether1 that is connected to ISP A/B. As i told above that ISP A, IPs have internet access so the Natting was working fine but now the ISP B, IPs have no Internet Access over them so the Natting is not working at all.
The Public IPs subnet which is advertised at their network and which we are using for clients is working fine. Is there any way out to solve this issue. Can we use our Own IPs someway as a gateway to our Natted IPs?
A friedn told me today to configure a Meta Router and issue one public IP from your own IPs to it and then use this router for Natting purpose virtually.

I am in a bit of hurry if you guys reply me with some solution to this problem i will be very much greatful to all of you. Also posting a diagram for you, may be it would be helpful in understanding the issue.

how to upload picture/network diagram image from my computer to the forum for your better understanding.

Upload the picture on a ftp or something, so it's accessible from the web, and put a link to it

CAN ANYBODY HELP NOW AS THE DIAGRAM IS UPLOADED ALSO.

Do you need all 254 addresses in your routed subnet for the systems on the second interface? Cos I don't really understand why you haven't tried using an IP address from your routed subnet, especially since there should not be any need to use metarouter in this case. It should be as simple as just assigning one of your routed IP's to the interface that's connected to your ISP.

With regards to the gateway for the 192.168.1.0/24 (192.168.16.0/24 according to the diagram) network, I would expect that to be the address of the ether3 interface of your mikrotik. Your computers on your local network don't need an internet routable IP address as a gateway to function properly.

I tried this brother but it is also not working. I assigned one of my routed IP i.e 103.237.34.1 to Ether1 in addition to 10.105.0.34 and then i tried by nating 192.168.1.1/24 but it didnt work. Can you describe in a little bit more detail.

Did you use src-nat instead of masquerade to setup the natting? Masquerade uses the interface address for the address translation. If you happen to have two addresses configured on the interface, I'm not sure which one takes priority but I am reasonably sure that there isn't any code in there that will prefer internet routable addresses over RFC 1918 addresses so you need to tell the kernel which address to use for translation.

yes dear i am using masquerade not src-nat . I have read in another article to add two IPs on Ether1 and in Routes in Gateway we can add Pref Source but this thing also not working in my case.

Any other suggestion?

Switch from masquerade to src-nat and specify what IP address you want the 192.168.1.0/24 subnet to use. You can also use the Torch tool on Ether1 to see what traffic is being sent out and spot an issue with how the packets are being processed.

Well, for starters, DON'T use masquerading when you have two IP's assigned to your WAN interface but use src-nat and specify the internet routable IP address as the 'to-address'.

From the documentation:

• masquerade - replace source address of an IP packet to IP determined by routing facility.
• src-nat - replaces source address of an IP packet to values specified by to-addresses and to-ports parameters

I'm pretty sure that your routing facility shows that all packets should be routed to the 10.105.1.34/30 network. This will make the masquerading facility choose the IP address assigned in the 10.105.1.34/30 range that's assigned to your WAN interface. All packets leave your router with that IP address as source while you would want them to get one of your internet routable IP addresses in the 103.237.34.0/24 range as the source address.