Sidebar
docs:guide-user:network:wan:multiple_public_ips
Table of Contents
Using multiple public IPs on wan interface
Use case
Some users get from their ISP more than one routable public IP address.
In this case you need to assign these IPs to new wan interfaces and then add a DNAT and SNAT rule in firewall.
In our example we assume that our ISP assigned us 100.64.0.0/29 (or 255.255.255.248) with gateway 100.64.0.1
wan interface already has the first available IP, 100.64.0.2, so we'll add .3, till .6 and they will be assigned to internal hosts on IPs 192.168.1.x
Configuration examples
Add a new wan interface in /etc/config/network:
config interface 'wan_3' option proto 'static' option ifname 'eth1' option ipaddr '100.64.0.3' option netmask '255.255.255.248' option gateway '100.64.0.1'
Add DNAT (for incoming) and SNAT (for outgoing) connections in /etc/config/firewall:
config redirect
option name 'dnat3'
option src 'wan'
option src_dip '100.64.0.3'
option dest 'lan'
option dest_ip '192.168.1.3'
option proto 'all'
option target 'DNAT'
config redirect
option name 'snat3'
option src 'lan'
option src_ip '192.168.1.3'
option src_dip '100.64.0.3'
option dest 'wan'
option proto 'all'
option target 'SNAT'
Restart network and firewall services.
service network restart service firewall restart
docs/guide-user/network/wan/multiple_public_ips.txt · Last modified: 2019/12/09 09:14 by bobafetthotmail
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
