Not sure if you can do a range of IPs, I always did subnets. Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Sep 13, 2011 5:17 PM, "Bill Prince" <[email protected]> wrote: > Yup, that's pretty close to what I'm saying. The new AP is on ether7, > and it's not part of a bridge. > > The only chain I'm specifying is srcnat. The typical (almost generic) > NAT rule is like this: > > add chain=srcnat action=masquerade out-interface=WAN > > So I tried to add this: > > add chain=srcnat action=masquerade in-interface=ether7 > out-interface=ether1 > > That gave me the error. > > Looks like the following will work? > > add chain=srcnat action=masquerade out-interface=ether1 > src-address=10.10.107.20-10.10.107.99 > > > > > > bp > > > On 9/13/2011 1:42 PM, Josh Luthman wrote: >> You could src-address=10.2.3.0/24 if that's what you're asking? >> >> What ingoing interface did you try? Is it part of a bridge? Why are you >> specifying the output chain??? >> >> Josh Luthman >> Office: 937-552-2340 >> Direct: 937-552-2343 >> 1100 Wayne St >> Suite 1337 >> Troy, OH 45373 >> >> >> On Tue, Sep 13, 2011 at 4:35 PM, Bill Prince< >> [email protected]> wrote: >> >>> Hrrmmmm. >>> >>> Setting up to do masquerade on just the interface this AP is on does not >>> work. It says "ingoing interface matching not possible in output and >>> postrouting chains". >>> >>> So what do I do to just NAT for this group of subs? Is it possible to >>> match the source address from this subnet? >>> >>> >>> >>> bp >>> >>> >>> >>> On 9/9/2011 5:17 PM, Bill Prince wrote: >>> >>>> Well, the old AP is on ether2, and all the old SMs are there too and on >>>> the /26 subnet. >>>> >>>> The new AP is on ether7, and the new SMs will not talk to the old AP. So >>>> they will have to go somewhere, and I don't have enough spare IP addresses >>>> to just plunk down a new subnet on the new AP. >>>> >>>> We're in the midst of getting a block of IPs from ARIN, and I don't think >>>> I will get the addresses before the AP/SM switch happens. >>>> >>>> Just doing a NAT for the new guys until the switch is over might make the >>>> most sense... >>>> >>>> bp >>>> >>>> >>>> On 9/9/2011 4:21 PM, Scott Reed wrote: >>>> >>>>> You can not have 2 ports on the same device in the same subnet. It won't >>>>> know which to use. >>>>> But, with what you are saying, why can't you just split the /26 into 2 >>>>> /27s and be done? >>>>> Here is maybe the thing that is getting you. If you split the /26 into 2 >>>>> /27s and put them on separate interfaces on the router, the router is happy. >>>>> The clients can still have /27, PROVIDED their default gateway is the same >>>>> half the subnet they are in. The clients can not talk to each other because >>>>> they think they don't need to route. If the clients don't need to talk, >>>>> this should be fairly easy. >>>>> >>>>> On 9/9/2011 6:45 PM, Bill Prince wrote: >>>>> >>>>>> My thinking was that all the lower addresses (1-30) will be in the /26, >>>>>> and all the upper addresses (33-62) will be in the /27. Once they're moved, >>>>>> then I can go back and switch all the lowers to a /27. >>>>>> >>>>>> This will all be on the same router (RB493). The /26 is on ether 2, and >>>>>> the /27 will be on ether 7. While I'm switching all the folks that need to >>>>>> go over to the new AP (which is on ether 7), I will have ether 2 configured >>>>>> as the master for ether 7 (the old AP is on ether 2). >>>>>> >>>>>> Actually, now that I think about it, it should only take me about 15 or >>>>>> 20 minutes to make both /27 subnets and just switch everyone enmass... >>>>>> >>>>>> bp >>>>>> >>>>>> >>>>>> On 9/9/2011 3:13 PM, Scott Reed wrote: >>>>>> >>>>>>> Routing will be a problem. >>>>>>> How are you going to tell a router customer .1 is here, .5 is there, >>>>>>> etc.? >>>>>>> There are thousands of /26 networks available that are non-routing. >>>>>>> What about creating a new /26 out of 10.x.x.x and NAT it until you get >>>>>>> everyone moved? >>>>>>> >>>>>>> On 9/9/2011 5:34 PM, Bill Prince wrote: >>>>>>> >>>>>>>> We put up a new AP on a POP where we already have 6 operating APs. >>>>>>>> The plan is to split off about 25 existing subscribers on one of the old >>>>>>>> APs and put them on this new AP. >>>>>>>> >>>>>>>> So we have all the subs (about 50) in one /26 (x.y.x.0/26). The >>>>>>>> ones we're going to move I need to put on a separate subnet, as everything >>>>>>>> is different, but I don't have enough IPs in a completely different subnet >>>>>>>> to just move them over at the moment. >>>>>>>> >>>>>>>> Would there be an issue to create a new subnet (x.y.z.32/27), and move >>>>>>>> all the ones we want on the new AP to this subnet? This would overlap with >>>>>>>> the old subnet for the short time we're moving everyone. >>>>>>>> >>>>>>>> Then after they're moved, I'll take the old x.y.z.0/26 and change it >>>>>>>> to x.y.z.0/27. >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> ______________________________**_________________ >>>>>> Mikrotik mailing list >>>>>> [email protected] >>>>>> http://www.butchevans.com/**mailman/listinfo/mikrotik< http://www.butchevans.com/mailman/listinfo/mikrotik> >>>>>> >>>>>> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik >>>>>> RouterOS >>>>>> >>>>>> >>>>> ______________________________**_________________ >>>> Mikrotik mailing list >>>> [email protected] >>>> http://www.butchevans.com/**mailman/listinfo/mikrotik< http://www.butchevans.com/mailman/listinfo/mikrotik> >>>> >>>> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik >>>> RouterOS >>>> >>>> ______________________________**_________________ >>> Mikrotik mailing list >>> [email protected] >>> http://www.butchevans.com/**mailman/listinfo/mikrotik< http://www.butchevans.com/mailman/listinfo/mikrotik> >>> >>> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik >>> RouterOS >>> >> -------------- next part -------------- >> An HTML attachment was scrubbed... >> URL:< http://www.butchevans.com/pipermail/mikrotik/attachments/20110913/0d059420/attachment.html > >> _______________________________________________ >> Mikrotik mailing list >> [email protected] >> http://www.butchevans.com/mailman/listinfo/mikrotik >> >> Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS >> > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < http://www.butchevans.com/pipermail/mikrotik/attachments/20110913/68173e1b/attachment.html > > _______________________________________________ > Mikrotik mailing list > [email protected] > http://www.butchevans.com/mailman/listinfo/mikrotik > > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.butchevans.com/pipermail/mikrotik/attachments/20110913/09a12b33/attachment.html> _______________________________________________ Mikrotik mailing list [email protected] http://www.butchevans.com/mailman/listinfo/mikrotik
Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
