OpenWRT newbie here.
I am planning to use OpenWRT on a TP-Link Router acting as a Wireless Bridge.
I am connecting to a network as a client, it delivers an IP on a Class B (subnet mask 255.255.0.0) my OpenWRT router will also be a DHCP server to devices connecting on a Class C network (Subnet Mask 255.255.255.0).
How would one configure OpenWRT?
Will it automatically be able to route the traffic if the subnets are on different classes?
This is a diagram of the networks
This isn't a "bridge" config.
Just configure OpenWrt as a wireless client and as long as the subnets between WAN and LAN are different it should all just work.
That is what I expected but it doesn't work.
If you use NAT (masquerade), which is the default configuration, clients on the primary network will not be able to reach back to the secondary network except by opening ports for them on the secondary router.
So you may want to turn off NAT and use conventional two-way routing. The primary router needs a route installed to the secondary network via the secondary router. In other words the gateway to 192.168.1.0/24 is via the secondary router's IP address on the primary network.
The size of the networks being different does not matter. Wherever you configure a network use the proper netmask associated with that network.
Is the main network really configured as 200.1.1.1/16? That is not a private address...
Anyway, you must not be worried about being different classes, just decide whether you want a real bridge or a router.
Thanks MK24
The only requirement is Internet access for the secondary network, no Lan access.
The primary network also only provides Internet access but for a different set of users and is provided by another company who themselves got it implemented by a third company.
It is a basic Internet service for a set of apartment complexes.
Is there anything from the image above that might explain why users on secondary network can't get Internet access?
I have used a factory reset and it all seems fairly logical, but for some reason I can't get the internet connection.
I was told that client config is the only one that works and that OpenWRT is the best if not only way to get it working on a router.
I do not know how to turn off NAT, can it be done with LUCI?
No 200 subnet it is an example, I wanted to make it clearer, I think it might be 100 but it seems to change every time.
I do not know the difference between a real bridge or router. Total newb, just trying to get a decent Internet connection.
The basic routed client, where you make the WAN connection wireless in an otherwise default configuration, is what you should do. If it's a router with more than one Ethernet port, a network named 'wan' should already exist. Remove the Ethernet port from wan physical settings and build out a wifi client with credentials to connect to the primary network. On the wifi page, choose wan as the client's network.
Network classes have been abandoned in 1993(!). Since then we use CIDR. Wonder how people still come up with classes...
Do you feel better now?
Well, one should use CIDR. Makes it a lot easier to understand.
You should set up your one OpenWRT router as a wireless client. It will act as a NAT-gateway for all devices downstream. Your setup looks quite ok already.
What will not be possible is accessing clients inside 192.168.1.0/24 from 200.1.0.0/16 (or whatever actual range you are using). But if you have OenWrt on both wireless devices, you can easily set up routing between the two segments. But that won't happen automatically.
I hope you feel better.
If you bothered to read the thread and look at the image you will see that I did configure as a client, but it did not work, hence the thread.
It looks OK but no internet.
Never asked to do that, if you read the thread so far you will see I already said the only requirement is internet.
I also explained; the primary network also only provides Internet access but for a different set of users and is provided by another company who themselves got it implemented by a third company.
So I do not have access to the devices supplying the Internet, I only know another building used OpenWRT.
Yes. Thinking in network classes just makes my head hurt.
Yes, it should work out of the box. Can you share the configuration screen?
If you login via SSH to your OpenWrt, can you ping hosts on the internet? Can you ping IP addresses (e.g. 8.8.8.8)?
@treysis, kudos to you for your grace to continue to assist while the OP came at you. I actually had a "spidy sense" when I saw "class" and decided not to respond (my first question was gong to be why use over 65,000 IPs...but then I remembered "yea, classes").
I just assumed the OP would be confused or get mad cause a suggested a smaller CIDR range.
@DavidJ, welcome to the community!
If on the same Layer 2/VLAN, you'll need to route between them.
Or...
tbf, I came at him first with a bit too rough tone instead of friendly explanation.
Thanks
Maybe best I start over, it is a group of residential buildings, network access is provided by hotspots from kit around the estate. I have no access to that kit, the kit is controlled by an ISP and implemented as a CGNAT (remember I am an OpenWRT newbie so please do not assume I know what I am talking about).
Users see a wifi radio and connect to it using say a windows laptop and get an IP in the 100.x.x.x range, but the signal strength is awful, so putting in a router as a repeater / access point improves things.
I can see on the OpenWRT status screen that the 100 subnet IP is delivered to the router as follows (The 100. IP changes at random times when a new login is required).
IPv4 Upstream
Protocol: DHCP client
Address: 100.59.172.164/16
Gateway: 100.59.0.1
DNS 1: 192.168.55.55
DNS 2: 192.168.66.66
Expires: 0h 3m 12s
Connected: 0h 56m 48s
However from the device you cannot connect to the internet. Looking at the router
Normally going to any website would take you to a login screen on a url like this
https://www.examplewifi.com:8443/home
Even if you go to the appropriate URL you get
This site can’t be reached
www.example.com’s server IP address could not be found.
Try:
Checking the connection
Checking the proxy, firewall, and DNS configuration
Running Windows Network Diagnostics
ERR_NAME_NOT_RESOLVED
In Windows the Ipconfig shows
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : lan
IPv4 Address. . . . . . . . . . . : 192.168.1.185
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
In Windows a tracerout to 8.8.8.8 knows it is Google
Tracing route to dns.google [8.8.8.8]
over a maximum of 30 hops:
1 1 ms <1 ms <1 ms OpenWrt.lan [192.168.1.1]
2 * * * Request timed out.
... repeated until
30 * * * Request timed out.
then on Router Diagnostics
PING openwrt.org (139.59.209.225): 56 data bytes
--- openwrt.org ping statistics ---
5 packets transmitted, 0 packets received, 100% packet loss
Also on Router Diagnostics
Traceroute gives following error on a yellow bar after 30s or so
Error: XHR request timed out
and again on Router Diagnostics
NSLookup seems to work
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: openwrt.org
Address 1: 139.59.209.225
Address 2: 2a03:b0c0:3:d0::1af1:1
Does this give any clues to help diagnose where it is going wrong?
Wait...
Not much.
Can you ping the DNS servers they issued in DHCP? 
Also, I noticed your lease is only 1 hour...it doesn't seem like this ISP wants these kinda connections.
Their network seems to be holding some 192.168 IPs as well, so you need to be careful allocating your LAN IP to not overlap and conflict. A tracert (that's how DOS spells it) on the Windows machine that is directly connected and logged in and active may have some insight.
Since it is a captive portal, the router must be logged in. After connecting your router to their network connect a PC to the LAN side of your router and open a web browser to try to get the captive page. Then follow the login process. Their network sees the MAC of your router, so after doing this once you should have Internet on the router itself and all machines on the LAN.
Yes &
Yes, they suggested this when complaints were made about quality of the service.
What a shame
No and I am not surprised because it only gets as far as the OpenWrt router.
It varies, I think it doubles each time, so the first might be 30m then 60m and so on. I have seen it last for over 4 hours.
That has got me thinking, should I be segmenting the 192.168. DNS subnets somehow and then creating a route for it? I am not saying I know HOW to do that !!??
Problem is that the Gateway: 100.59.0.0 subnet changes each time and yet they all have the same 192.168.x subnet for DNS but whatever subnet they use the first address is always the gateway (100.59.0.1 in example above)
However, I think the 192.168. DNS may be a red herring, when I go to the next building and connect with a laptop so I have an Internet connection I cannot ping or tracert the 192.168 DNS addresses.
When I tracert I get as far as the Gateway: 100.59.0.1, I can't hard wire that in as the 100. subnet changes each time.
My thinking is that the DNS 1: 192.168.55.55 are there until a login is achieved and then it uses something on the gateway (100.59.0.1)
I can see from ping that they do use other 192.168 subnets so I guess I could either find some way to segment 192.168.1.0 or use a different private network, although I would have thought they would be more likely to use the 172 or 10 subnets.
My understanding from the next building is that the first user to connect gets the login and all users thereafter use that connection until lease expires.
I had the same thought about the router logging in and that will be next experiment.
