I want create a virtual router inside a physical router.
is it possible? How can I make or simulate internal routing?
I want create a virtual router inside a physical router.
is it possible? How can I make or simulate internal routing?
Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </>
" button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
ubus call system board
cat /etc/config/network
If you actually need to do that and have a decent amount of storage and memory, LXC is supported on OpenWrt. You can run an instance of OpenWrt inside OpenWrt. But it would help to know what problem you're trying to solve before seriously suggesting this as a solution.
I prefer use route or something less memory and processor consumer, but I don´t know how?
Can you describe your functional goal of creating a virtual router within a router?
What I want to do and learn if possible, is to perform internal routing to virtual interfaces using the least amount of memory and processing for educational purposes.
Where does the traffic originate or terminate in this virtual routing experiment?
Is there a reason that it needs to be a virtualized router inside a router? Why not just spin up a VM on your computer and run OpenWrt within the VM?
The physical wan port go to ISP, and the physical LAN port to client devices like phones and tablets.
Virtualized is only an Idea, I want route to and from virtual interfaces inside the real router. Maybe is possible only do the routing packets without the need of virtualized all the router functions.
I don't like PC because are big and more expensive than a router, a router have more physical ports, is cheaper and we can buy many of them.
So you need physical interfaces... specifically probably both ethernet and wifi.
What exactly does this mean? If the traffic is flowing between a set of physical interfaces, what is the specific purpose and method by which traffic flows through these virtual interfaces?
Agreed... but...
you're asking to setup a virtual router inside a router. That doesn't make a lot of sense for multiple reasons:
In theory, you could use netns
to create a new network namespace and then connect it via a veth
(virtual Ethernet) device. However, I believe netns
is not enabled by default everywhere and needs to be activated in the kernel. You can check if it's enabled with this command:
zcat /proc/config.gz | grep CONFIG_NET_NS
Sounds like he doesnt really mean "virtualization".
He might just want to create new network interfaces and attach one or more physical ports and ssids to it.That's a very simple process.
You can compile and install vrf
to enable multiple routing tables in one router, and use dummy
interfaces to bind to.
Each vrf instance is effectively a distinct router and you can route between vrfs inside a single physical router.
Yeah, VRF
is definitely the way to go. Is there an issue with VRF on OpenWRT since it’s not enabled by default in the standard distro?
This is the reason why VRF isn't included as standard:
You can get around with leaky bridges.
Multiple routing tables can be instantiated directly (complicated) or using the policy based routing package as a helper. This has the effect of separate routers in the same kernel. For example one wifi network routes all Internet usage to a VPN service while another network reaches the Internet directly.
As @mk24 suggested, you can create your own custom routing tables that can be used to isolate different subnets with simple routing rules.
These rules can be set up to match if a packet or connection comes from a specific interface or has a certain source or destination address. If the rule matches, you can then direct the packet to look for the next hop (i.e., destination) via a specific routing table. This can be done using standard interfaces in LuCI or by manually configuring /etc/config/network
and it doesn’t require any extra add-on packages.
And as others have pointed out, maybe you’re just looking to create VLANs?? (Virtual local area networks)
VLANs allow you to create different subnets that can then be used via Ethernet and/or WiFi - often in the form of a trusted lan, a guest network, iot, and so on. You can allow or prohibit routing between the networks based on your goals.
Is this the actual end goal??
I think it would make sense to get some specifics about what you want to achieve so that the community can point you in the right direction.
Yes!, can you help me how to do that?
Maybe it is the best solution, can you help me with an example or where to learn how to do it?
Thanks a lot