Why you say it has to be masqueraded? Src nat to a ip works just fine and adds control.
Shawn C. Peppers Video Direct Satellite & Entertainment 866-680-8433 Toll Free 480-287-9960 Fax http://www.video-direct.tv > On Sep 21, 2016, at 12:21 PM, T tech via Mikrotik-users > <[email protected]> wrote: > > Assigning a public IP should be done with routing not nating public on > customer router. Nating a private IP /24 to a public is a masquerade. > Multiple /24 private to different public IP multiple routers is best. > >> On Sep 21, 2016 12:32 PM, "Ken Patrick via Mikrotik-users" >> <[email protected]> wrote: >> Sort of this is what i have now with src-nat >> >> /ip firewall nat add chain=srcnat action=src-nat src-address=192.168.0.64/27 >> to-address=8.8.8.1; >> /ip firewall nat add chain=srcnat action=src-nat src-address=192.168.0.96/27 >> to-address=8.8.8.2; >> /ip firewall nat add chain=srcnat action=src-nat >> src-address=192.168.0.128/27 to-address=8.8.8.3; >> /ip firewall nat add chain=srcnat action=src-nat >> src-address=192.168.0.160/27 to-address=8.8.8.4; >> /ip firewall nat add chain=srcnat action=src-nat >> src-address=192.168.0.192/27 to-address=8.8.8.5; >> /ip firewall nat add chain=srcnat action=src-nat >> src-address=192.168.0.224/27 to-address=8.8.8.6; >> >> Do i need to change it to masquerade and then add out interface ether1 >> >> >> >>> On Wed, Sep 21, 2016 at 4:23 PM, Shawn C. Peppers >>> <[email protected]> wrote: >>> Your confusing me a bit. Are you thinking you can src nat a bunch of >>> private ips out one public ip and expect to dst nat from one outside public >>> ip to a bunch of private ips? >>> >>> You need to research carrier grade natting long term if you plan to keep >>> natting you customers. >>> >>> Shawn C. Peppers >>> Video Direct Satellite & Entertainment >>> 866-680-8433 Toll Free >>> 480-287-9960 Fax >>> http://www.video-direct.tv >>> >>>> On Sep 21, 2016, at 10:18 AM, Ken Patrick <[email protected]> wrote: >>>> >>>> Socket I also need dst nat rules as currently with Src nat rules the users >>>> complain they can't access Playststion network and streaming video on some >>>> sites is slow whereas if I assign a static public ip the issues go away >>>> but can't continue since I am running out >>>> >>>> >>>>> On Wed, Sep 21, 2016 at 4:10 PM Shawn C. Peppers >>>>> <[email protected]> wrote: >>>>> I don't understand your dst nat question. >>>>> >>>>> You can src nat the the /24 by breaking up the /24 subnet into smaller >>>>> subnets in the firewall/nat rules. >>>>> >>>>> Shawn C. Peppers >>>>> Video Direct Satellite & Entertainment >>>>> 866-680-8433 Toll Free >>>>> 480-287-9960 Fax >>>>> http://www.video-direct.tv >>>>> >>>>>> On Sep 21, 2016, at 10:03 AM, Ken Patrick via Mikrotik-users >>>>>> <[email protected]> wrote: >>>>>> >>>>>> Hi list, >>>>>> I have run out of public IPV4 address and not ready to go to IPv6 yet. >>>>>> >>>>>> I am trying to share 6 public IP address /27 to my /24 private IP >>>>>> address using a mikrotik router and want the Same public IP address to >>>>>> be used by the Src Nat and dst-Nat >>>>>> >>>>>> I.e. 24 private hosts will always be assigned a particular IP address >>>>>> and next batch of 24 will shared the next IP address >>>>>> >>>>>> Regards >>>>>> >>>>>> >>>>> >>>>>> _______________________________________________ >>>>>> Mikrotik-users mailing list >>>>>> [email protected] >>>>>> http://lists.wispa.org/mailman/listinfo/mikrotik-users >> >> >> _______________________________________________ >> Mikrotik-users mailing list >> [email protected] >> http://lists.wispa.org/mailman/listinfo/mikrotik-users >> > _______________________________________________ > Mikrotik-users mailing list > [email protected] > http://lists.wispa.org/mailman/listinfo/mikrotik-users
_______________________________________________ Mikrotik-users mailing list [email protected] http://lists.wispa.org/mailman/listinfo/mikrotik-users
