Hello. My ISP provides several IP addresses that can be obtained via DHCP. I would like to assign my router another external IP address and associate it with a specific device. Is it possible to do this and how? If necessary, I can provide the required screenshots in LuCI.
The only way I can think of is by creating a new interface with a different mac address.
Unfortunately, it didn't work out. I tried to configure Static Routes and Firewall, but it didn't help either. The IP address didn't show up.
Network -> Interfaces
WAN2
Static Routes
(I need to give out another public IP address for LAN4.)
Firewall Zones
VLAN3 is tagged on the WAN port, is that what your ISP expects?
Why is it also tagged on the LAN4 port?
1 Like
I want the device that is connected to port 4 of the router to have a different public IP address.
WAN I thought it was necessary to mark it so that the IP address on VLAN3 would appear. But it had no effect.
In this case, I get the Internet by connecting the router to the Alcatel Lucent I-240G-P through the WAN port on the router.
Try marking VLAN3 as off on the CPU port, and untagged on WAN and LAN4, then configure the computer on that port as a DHCP client. But the router will not be able to do any filtering for the traffic of that device.
Back to my first reply, I was referring into something like:
config interface 'wan2'
option ifname '@wan'
...
But since you want to let one host to connect to the ISP dhcp directly, that would be as easy as to make LAN 4 port off in vlan1 and untagged in vlan2. VLan3 is not necessary at all.
If following your instructions, the IP address that was issued by WAN2 applies to all connected devices, but not to LAN4. At the same time, it is impossible to access the Internet on LAN4.
Which instructions did you follow? Because that was 2 different solutions. One for a wan2 that will be available for all hosts and one that will move lan4 in the same bridge with wan.
I did as following. As a result, IP-address from WAN2 was applied to all connected devices, and the device connected to LAN4 has no Internet connection at all.
You can use kmod-macvlan to spawn multiple virtual WAN interfaces sharing the same physical connection. After installing kmod-macvlan, follow Save ip link macvlan interfaces after reboot and use the resulting vethX interfaces to setup further WAN DHCP interfaces in LuCI.
Installed the package, added to my config the strings you suggested, rebooted the router, created a new interface with the same settings as before. The IP address didn't show up on it.
Is your provider expecting a specific MAC address by any chance?
No. The main thing is that they're not the same on several interfaces.
Could you mention your router model and share your current /etc/config/network?
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd44:a256:0a70::/48'
config interface 'lan'
option type 'bridge'
option ifname 'eth0.1'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
option macaddr 'Hidden:94'
config device 'lan_eth0_1_dev'
option name 'eth0.1'
option macaddr 'Hidden:bb'
config interface 'wan'
option proto 'dhcp'
option peerdns '0'
list dns '1.1.1.1'
list dns '1.0.0.1'
option ifname 'eth0.2'
option macaddr 'Hidden:f6'
config device 'wan_eth0_2_dev'
option name 'eth0.2'
option macaddr 'Hidden:bc'
config device 'veth0'
option name 'veth0'
option type 'macvlan'
option ifname 'eth0'
config device 'veth1'
option name 'veth1'
option type 'macvlan'
option ifname 'eth0'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option vid '1'
option ports '1 2 3 4 6t'
config switch_vlan
option device 'switch0'
option vlan '2'
option vid '2'
option ports '0 6t'
config interface 'WAN2'
option proto 'dhcp'
option hostname 'NoName29'
option peerdns '0'
list dns '1.1.1.1'
list dns '1.0.0.1'
option macaddr 'Hidden:70'
option ifname 'veth0'
Try changing the option ifname entries of the config device vethX sections from eth0 to eth0.2.
Not sure if this is going to work but worth a try. It could also be that the underlying switch prevents the use of MAC VLANs due to filtering but try it anyway.
It helped, the IP address was out. But it applied to all connected devices as it did last time. I need only one device on the network to use this IP address.
Step 2 would now be delegating that IP to a specific device as you wrote. Personally I likely would go with a pair of SNAT / DNAT rules but a proxy ARP entry could work too iirc.
Firewall rules (replace w.x.y.z with the IP of the LAN host you want to route the extra IP to):
config redirect
option name 'Rewrite secondary WAN IP to LAN host'
option proto all
option src wan # make sure to assign wan2 to your wan zone
option src_dip wan2 # use IP address of secondary wan interface
option dest_ip w.x.y.z # the LAN IP to forward to
option target DNAT
config nat
option name 'Rewrite LAN host to secondary WAN IP'
option proto any
option src wan
option src_ip w.x.y.z # the LAN IP to forward to
option snat_ip wan2 # use IP of wan2
option target SNAT