How create virtual router?

I want create a virtual router inside a physical router.

is it possible? How can I make or simulate internal routing?

Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:
grafik
Remember to redact passwords, MAC addresses and any public IP addresses you may have:

ubus call system board
cat /etc/config/network

If you actually need to do that and have a decent amount of storage and memory, LXC is supported on OpenWrt. You can run an instance of OpenWrt inside OpenWrt. But it would help to know what problem you're trying to solve before seriously suggesting this as a solution.

I prefer use route or something less memory and processor consumer, but I don´t know how?

Can you describe your functional goal of creating a virtual router within a router?

What I want to do and learn if possible, is to perform internal routing to virtual interfaces using the least amount of memory and processing for educational purposes.

Where does the traffic originate or terminate in this virtual routing experiment?

Is there a reason that it needs to be a virtualized router inside a router? Why not just spin up a VM on your computer and run OpenWrt within the VM?

The physical wan port go to ISP, and the physical LAN port to client devices like phones and tablets.

Virtualized is only an Idea, I want route to and from virtual interfaces inside the real router. Maybe is possible only do the routing packets without the need of virtualized all the router functions.

I don't like PC because are big and more expensive than a router, a router have more physical ports, is cheaper and we can buy many of them.

So you need physical interfaces... specifically probably both ethernet and wifi.

What exactly does this mean? If the traffic is flowing between a set of physical interfaces, what is the specific purpose and method by which traffic flows through these virtual interfaces?

Agreed... but...
you're asking to setup a virtual router inside a router. That doesn't make a lot of sense for multiple reasons:

  1. You need a fairly high spec router to have enough resources (flash storage, RAM, and CPU power) to run any type of virtualized environment.
  2. Docker is a popular choice within OpenWrt... but running OpenWrt within a container isn't really supported and things generally don't work the same way as they would on bare metal or a proper virtualized environment (docker is containerized).
  3. A virtualization environment would need to be available on the both the physical architecture of your device and supported within the OS... OpenWrt isn't really designed to run virtualizers (it does run Docker, but that's a containerized system, not a pure virtiualizer).
  4. Once you start to get to platforms that can run proper virtualization, you're typically leaving the territory of a router and moving more towards an SBC or x86 type system.
  5. If you are looking for devices with lots of physical ports that are cheap and easy to buy, just use a regular consumer router with OpenWrt... you can do all your routing -- you don't need a router-within-a-router.
  6. I'm not even sure what value a router-within-a-router would have?? Maybe you can elaborate as to why you don't want to just use the standard router + bare metal OpenWrt??

In theory, you could use netns to create a new network namespace and then connect it via a veth (virtual Ethernet) device. However, I believe netns is not enabled by default everywhere and needs to be activated in the kernel. You can check if it's enabled with this command:

zcat /proc/config.gz | grep CONFIG_NET_NS

Sounds like he doesnt really mean "virtualization".

He might just want to create new network interfaces and attach one or more physical ports and ssids to it.That's a very simple process.

1 Like

You can compile and install vrf to enable multiple routing tables in one router, and use dummy interfaces to bind to.
Each vrf instance is effectively a distinct router and you can route between vrfs inside a single physical router.

2 Likes

Yeah, VRF is definitely the way to go. Is there an issue with VRF on OpenWRT since it’s not enabled by default in the standard distro?

This is the reason why VRF isn't included as standard:

You can get around with leaky bridges.

Multiple routing tables can be instantiated directly (complicated) or using the policy based routing package as a helper. This has the effect of separate routers in the same kernel. For example one wifi network routes all Internet usage to a VPN service while another network reaches the Internet directly.

2 Likes

As @mk24 suggested, you can create your own custom routing tables that can be used to isolate different subnets with simple routing rules.

These rules can be set up to match if a packet or connection comes from a specific interface or has a certain source or destination address. If the rule matches, you can then direct the packet to look for the next hop (i.e., destination) via a specific routing table. This can be done using standard interfaces in LuCI or by manually configuring /etc/config/network and it doesn’t require any extra add-on packages.

1 Like

And as others have pointed out, maybe you’re just looking to create VLANs?? (Virtual local area networks)

VLANs allow you to create different subnets that can then be used via Ethernet and/or WiFi - often in the form of a trusted lan, a guest network, iot, and so on. You can allow or prohibit routing between the networks based on your goals.

Is this the actual end goal??

I think it would make sense to get some specifics about what you want to achieve so that the community can point you in the right direction.

2 Likes

Yes!, can you help me how to do that?

Maybe it is the best solution, can you help me with an example or where to learn how to do it?

Thanks a lot