• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Ubiquiti Edgerouter Lite 3 IPs to 3 internal networks?

S

SNC

Platinum Member
I'm thinking about getting a couple of these to combine some older equipment and was wondering if anyone had experience with them. I'll need to route 3 IPs x.x.x48,49,50 to internal machines via Vlans, but for simplicity's sake lets just say 48 and 49 on eth0 to y.y.y2 on eth1 and v.v.v.2 on eth2. If I can get that to work then I can convert that over to Vlans and add the third network.
So from x.x.x48 ports 25, 80, 110, 443 to y.y.y.2 and from x.x.x49 ports 25, 80, 110, 443 to v.v.v.2.

Possible?
 
Possible?? I followed very little of that. Are you just asking if you can do port forwarding? Yes. But seems a lot more complex than that. I don't get where the VLANs come into play or what you want the router to do in regard to them.

Maybe you could describe your network in some detail, and what exactly you're trying to do. Perhaps with fewer example IP addresses.
 
Carson Dyle said:
Possible?? I followed very little of that. Are you just asking if you can do port forwarding? Yes. But seems a lot more complex than that. I don't get where the VLANs come into play or what you want the router to do in regard to them.

Maybe you could describe your network in some detail, and what exactly you're trying to do. Perhaps with fewer example IP addresses.
Click to expand...
Sorry if you didn't follow. With respect to the VLAN, there are only 3 ports, ETH0, ETH1, and ETH2 so with one dedicated to WAN that leaves only 2 for the 3 internal networks, so VLANS are necessary.
As for the rest of the question, ports 25, 80, 110, 443 on ip x.x.x.48 to internal address y.y.y.2, ports 25, 80, 110, 443 on ip x.x.x.49 to internal address v.v.v.2, 25, 80, 110, 443 on ip x.x.x.50 to internal address c.c.c.2
 
SNC said:
Vlans are not an issue, it the routing of multiple IPs and their associated ports to internal IPs I took a quick look at S and D NAT that looks like it is how that is done on these but I can find noting definitive.
Click to expand...
I don't think that the NAT is an issue either.

The real deal is IP aliasing. You want three addresses to the same subnet and interface. Searching with keyword "alias" leads to something else on the UBNT site(s). There are instructions for Linux distros, but even them can be split into two buckets: the old (eth0:0, eth0:1, etc) and the new (all addresses are directly on eth0).

The EdgeOS v1.8.0 apparently has option to add addresses to an interface. I do not know whether each address gets unique interface name (the old style).

There are also on the NAT side the DNAT rules, where you choose an incoming interface and a new destination address/port. If each address on the public interface has its own logical (alias) interface, adding those DNAT rules should be easy.

The SNAT (aka masquerade) affects only the connections that start from the inside and must go out via some interface. I presume that none of the 25,80,110,443 actually does that in a way that would require other than (S)NAT to the default public address.


Hypothetical. I have not done, nor can test the above.
 
Generally I would avoid NAT unless it is absolutely necessary, as it can cause application specific issues if the implementation didn't follow the rfc guideline.

How are those 3 IPs routed to you from the provider side? Are they directly connected to your gateway router? If they are not directly connected and your server supports rip or ospf, i would recommend you advertise those IPs directly from your server through one of the routing protocols available on the network stack.

If they are directed connected, then 1:1 static nat would be the best choice.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top