GetDotted Domains

Freeola Guides


Mikrotik Router Multi IP address set up

Last updated on by Freeola Support

Configuring a Public /29 Range on RouterOS

This guide was supplied by a Freeola customer, and used with their full permission.

This guide is a simple outline for altering a default Mikrotik routerboard configuration, in order to serve and route public IP addresses from a /29 allocation delivered over a PPPoE session. The last usable IP of the subnet will be used by the router as the gateway (our ISP returns this IP on PPPoE connection), and NAT for the private subnet allocation.

This configuration will serve the public IPs to devices over DHCP after they have been set as static leases (and thus will not default to serve them).

There are no firewall rules that apply to devices which are assigned public IP addresses. Keep that in mind when configuring your device, as it will be fully exposed to the internet.

This configuration is based on the default router configuration from Mikrotik, therefore the following assumptions have been made:

  • A network bridge exists for your private traffic, named bridge.

  • A DHCP server exists on the bridge, named defconf.

  • We're using the default interface groups, WAN and LAN.

  • We can pass on traffic as the 2nd rule in the firewall (after the counter entry).

  • Your Network Address is If not, you should adjust the values in the table below accordingly.

IP Address Purpose Network address Usable address for device Usable address for device Usable address for device Usable address for device Usable address for device Gateway (router) Broadcast address
PPPoE Configuration

We need to create a PPPoE profile, plus a client. You will need to set your own username and password (replace myusername and mypassword with the appropriate information).

/ppp profile

add change-tcp-mss=yes name=ISP use-compression=no use-encryption=no use-ipv6=no use-mpls=no


pppoe-client add add-default-route=yes disabled=no interface=ether1 name=isp-pppoe profile=ISP user=myusername password=mypassword


list member add interface=isp-pppoe list=WAN

IP Address Configuration

We need to set-up our IP range in a few places:

  • The router itself needs to be given the last address.

  • The DHCP server needs to be aware of the range in order to know how to serve information such as the gateway and DNS server. We do not need to define a pool since we're not going to freely allocate these addresses.

  • We need to create an IP list in the firewall for the usable subnet (excluding the router and IP itself) in order to tell the firewall to simply pass on traffic.

These figures are using the addresses from the table above, if you changed these then you should adjust accordingly.

/ip address

add address= interface=bridge network=

/ip dhcp-server network

add address= dns-server= gateway= netmask=29

/ip firewall address-list

add address= list=public-range

/ip firewall filter

add action=accept chain=forward comment="Allow all traffic to public IP range" dst-address-list=public-ip-range place-before=*1

Allocate IP Addresses

Finally, we just need to tell the DHCP server how to map these IP addresses to local client devices.

Just replace the IP with one from the usable range and the MAC address with the local client device.

/ip dhcp-server lease

add address= mac-address=A0:B1:C2:D3:E4:F5 server=defconf

Did you find this article helpful?

Freeola & GetDotted are rated Five stars

Check out some of our customer reviews below:

View More Freeola Reviews

Need some help? Give us a call on 01376 55 60 60

Go to Support Centre
Feedback Close Feedback

It appears you are using an old browser, as such, some parts of the Freeola and Getdotted site will not work as intended. Using the latest version of your browser, or another browser such as Google Chrome, Mozilla Firefox, Edge, or Opera will provide a better, safer browsing experience for you.