Discontiguous WAN Addressing

Solved
danhornbeck
Comes here often

Discontiguous WAN Addressing

Hi there. I have a dedicated internet connection setup with my ISP. They have provided me point to point addressing for the link...

 

ISP (Default Gateway): 204.1.1.1

Me: 204.1.1.2

Subnet mask: 255.255.255.254

 

Works great.

 

Now I've asked ISP to provide me with additional public IP addresses. They say they can do it but it will be a discontiguous block of addresses. They will configure it with an IP Route statement.

 

Subnet: 204.1.2.8 /29

 

They've told me that I need to assign the first usable address from the additional range to an inside interface on my router (so 204.1.2.9) and that I can have additional devices (my servers, etc) assigned the remaining addresses.

 

I don't understand how to configure this. I attempted to add a Static Route to my MX but it errors out claiming that the next hop isn't valid (I used 204.1.1.1 as per my ISP....which is the far end interface that has the IP route statement applied).

 

Has anyone run into this with their ISP? Can you even have discontiguous IP addresses on the WAN interface?

1 Accepted Solution
jdsilva
Kind of a big deal

You shouldn't have to configure one of the IP's in the second block to actually be on your provider facing devices...  In this case you should just be able to start using them in the 1:1 and 1:Many NAT section of the MX and away you go. 

 

The provider should be routing the new block to the next hop IP of 204.1.1.2 (Your MX).

View solution in original post

7 Replies 7
jdsilva
Kind of a big deal

You shouldn't have to configure one of the IP's in the second block to actually be on your provider facing devices...  In this case you should just be able to start using them in the 1:1 and 1:Many NAT section of the MX and away you go. 

 

The provider should be routing the new block to the next hop IP of 204.1.1.2 (Your MX).

danhornbeck
Comes here often

This feels right to me. Let me check it out and I'll let you know. Thanks for the speedy response.

MRCUR
Kind of a big deal

Your MX will need to be within the /29 block. You can only create NAT rules for the subnet configured on the WAN interface. Typically in this scenario (where there is a /30 uplink subnet and then an additional subnet for static IP's) you'd put a L3 switch in front of the MX. 

MRCUR | CMNO #12
jdsilva
Kind of a big deal

That's incorrect @MRCUR

 

https://documentation.meraki.com/MX-Z/NAT_and_Port_Forwarding/Port_Forwarding_and_NAT_Rules_on_the_M...

 

" It can also translate public IP addresses in different subnets than WAN interface address if the ISP routes traffic for the subnet towards the MX interface. "

 

 

danhornbeck
Comes here often

Thanks - I had come across this but it didn't really mesh with what my provider was telling me. I'll read it again. Cheers
MRCUR
Kind of a big deal

@jdsilva Interesting - I was not aware of that functionality nor have any of the engineers I've discussed this with been familiar with it. This is the first time I've noticed that sentence in the doc. Thanks for pointing that out. I wonder if this is a recent (past year or two) addition as I've previously had to put L3 switches in front of MX devices to get this working. 

MRCUR | CMNO #12
jdsilva
Kind of a big deal

@MRCUR That could very well be the case. I've only been working with Meraki gear for about a year so I can't say how long it's been there. I'm glad it is there because I would have been very frustrated if I went to do this and needed a whole new piece of hardware to get it done.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels