Disable NAT but keep SQM and dnsmasq settings

Hi, i have dual nat situation with my isp and my LEDE routers, my ISP gave me a Huawei router which i cannot set to bridge mode, and im using a D-Link DIR-835 as my LEDE router for accessing to the internet, so it goes like this

INTERNET-> Huawei (Lan 192.168.100.0/24) -> DIR-835 (WAN 192.168.100.0/24) -NAT- LAN (192.168.1.0/24) -> Clients

I have the DIR-835 set as DMZ in the Huawei, i must say that everything is working great with this setup, also i have SQM for bufferbloat and dnsmasq pointing to a hosts file for adblocking.

Before anything else i must say that i cannot set the Huawei modem to Bridge mode, my ISP has blocked admin access to it, even the custom rom that it has wont let connect thru serial... so, no bridge allowed...

What i want to try is, to bridge wan and lan in the DIR-835 and keep 1 ip range (192.168.100.0/24) but.. i want to keep the sqm and dnsmasq working as well... so it would be like disabling nat in the LEDE router and maybe add some firewall rules to keep the huawei as the only gateway and use everything else, but i dont know how to do it...

OK.. i think i got... it?.... here is what i did, i removed the wan network and its firewall rules and added the wan port to the 'lan' vlan, so now i've got a full switch with no wan ports.

Then i configured the lan network as follows Lede router ip 192.168.100.254/24 with gateway 192.168.100.1 (huawei lan ip), the clients now get ips from 192.168.100.100/24 thru .150/24 and the gateway assigned is the lede lan ip (192.168.100.254). I even added the lede ip to the huawei dmz.

With this setup there is no NAT on the LEDE router, only routing rules and all of my services are working normally (upnp, sqm, dhcp, NAS sharing, ads and web filtering) all managed through LEDE. I even notice the internet more fluid than with the double nat (..or maybe is just a placebo?).

I think this setup could be an alternative for people with two routers like myself.

I know this is an old post but can someone clarify what this person did?

Huawei Router     →     DIR-835          →      LAN Clients.
(NAT)                  (simple switch)

What I don't see is the SQM without bridging interfaces?

Well, this.. is.. old.. and I don't really remember xD but,

For this to work you need to disable your ISP modem dhcp and enable it in the openwrt router but pointing to your ISP router, all of this in the lan section of the firewall, you can leave the wan section alone as you would only be using openwrt as a normal switch. After that you could setup sqm in the lan but beware, you won't have normal lan speeds but the limits you set in sqm.

After all this the real solution I came up was to buy an unlocked fibre modem on ebay and stash away mi ISP modem, the new modem was set to bridge, then I took a netbook I had lying around and installed archlinux on it and dedicated it for modem and router with an usb ethernet adapter (to have 2 ports) so the new lan port is connected to the lan port of my openwrt router just to add wifi to my network.

This have been working great with all packages one could imagine, I am even hosting a webpage in the netbook.

1 Like