Hi,
Sorry, but I don't even know enough, to phrase a succinct question! But if you could have a look at the following image, I hope you can point me in the correct direction.
The use case is: From PC 192.168.0.X (X=DHCP assigned), I want to view the web server on 192.168.8.250. Each net must operate interdependently when the routing openWRT (big question mark) is not in operation.
I think I have been able to create the outward facing (<<5GHz - 2.4GHz>>) clients? But I'm stuck on the method to set up the necessary controls to route the X.Y.0.Z to X.Y.8.Z traffic between nets.
So you managed to put a second "BT Home Hub 5a" in between those networks, which acts as individual wifi clients already?
In that situation, your device in the middle has two different IP addresses. One on its 5GHz wifi client connection on the 192.168.0.1 subnet and another one on its 2.4GHz wifi client connection to the 192.168.8.1 subnet.
I assume you have /24 subnets. If not, please adjust the following list accordingly.
Go to your 192.168.0.1 device and set the IP address it assigned to the middle device via DHCP to static. It should not randomly change when one of those devices reboot.
Go to your 192.168.8.1 device and do the same, set the IP address it assigned to the middle device via DHCP to static.
Maybe use a common numbering scheme, e.g. 192.168.0.2 and 192.168.8.2 for your middle device. That's not a must, can be any number matching the respective subnet, but I like to keep my numbers so that I can remember them.
Go to the 192.168.0.1 device and simply add a route.
This can easily be done via Web-UI. Go to "network => routing".
Add a new static IPv4 route
Target is 192.168.8.0/24 (the subnet you are trying to reach, the right one)
Gateway is 192.168.0.2 (the local leg of your middle router, the 5GHz link)
Go to the 192.168.8.1 device and mirror that.
Target is 192.168.0.0/24 (the subnet you are trying to reach, the left one)
Gateway is 192.168.8.2 (the local leg of your middle router, the 2.4GHz link
Now you might need to adjust both wifi links on your middle router to open up the firewall. You can either create two different new firewall zones and make them allow the other one explicitely, or you can put both wifi links in the same firewall zone and make the default forward behavior "allow".
Thank you Stephan,
My apologies for not acknowledging sooner. Been called away for a few days.
Because of the two versions of openWRT (23.03.5/19.07.8), I'm not sure that I'm getting the Routing bit right?
Installing the static routes in the two main routers is independent of their OS. Indeed this scenario is often used when they have manufacturer's or other non OpenWrt firmware. Almost all firmware allows adding static routes.
Since you've added a LAN on the middle router, a route to that 192.168.4.0 network will also need to be installed in the main routers. In the pure "connect two apartments" use case, every endpoint user machine is on one of the two main networks. Also in order for the .4.0 network to reach the Internet, you will need to choose one side to be the center router's default route.
Also of course one or both links to the center router can be Ethernet wired, if the physical installation allows it. The routing principle is exactly the same. If the two main routers are in wifi or wired reach of each other, you can do without the center router entirely.
Hi MK24,
The new (in drawing) PC/LAN at 192.164.4.10 is only there to make it easier for me to setup the middle router (192.168.4.1). It will be removed once things are working. Is that okay?
Yes, I'm sure that the static route function is the same in the left & right routers (23.03.5 & 19.07.8). What I was pointing out was, that I am not able to mirror the settings between them as advised by Stephan because the two interfaces are different.
Thank you both,
All working now. Just one more note for any others coming across this post.
I'll not throw-up another drawing, as the only addition to the last (apart from the route issue on the openWRT 19.07.8) was to turn off the Firewall as well as the DNSMASQ service (disable service in the LuCI | System | Startup).
Why? Too lazy to finish the job properly!!
Regards, M.
