I have a Linksys router with 4 LAN interface and 1 WAN interface.
I just want to configure it to behave like a normal home router where
WAN interface connects to Telcom Modem using PPPoE
all 4 LAN interfaces would be issuing IP address via DHCP serer. Those LAN interfaces could be connecting to Endpoints or another access switch to extend network.
In past few weeks, I have spent a lot of time and reviewed Openwrt.org official documents (including DSA as I am using version 22) for at least 5 times, and tons of tutorials and videos on YouTube about how to configure it. I am still very confused despite I was a CCNP certified engineer though not familiar with Linux.
Can anyone share a comprehensive and insightful enough book or tutorial which could clear all confusions in a single place?
I have bridged LAN1~4 into lan-br device, bind "interface" WAN to "device" WAN with PPPoE configured, Configured static IP and Enabled DHCP on "interface" LAN. I enabled and created Wireless SSID, though not bridged to lan-br device.
When I connect my cellphone to this wireless SSID, it can surf internet. but I am confused, how could the wireless know that the traffic needs to be routed to WAN interface ???
lan->wan forwarding (with NAT for IPv4) is built into the default firewall configuration.
WiFi APs are attached to a network in the wireless config. Specifying 'lan' as the network will find the lan network is a bridge and add the AP to that bridge. WiFi interfaces should never be referenced directly in the network section.
What you describe is the default configuration, except for enabling an AP and changing the wan protocol from static to pppoe. Everything else can be left at defaults.
The default is a good starting point. But from the Luci interface, all you'd have to do is go to Network, Wireless and change the radio(s) to use the SSID and password you want for wifi. It's as simple as that. You plug in your cable modem to the wan port and your lan ports to connect wired devices. Don't over complicate it right away. As you learn more you can tweak things to optimize things and speed it up a little.
Honestly, I was not even know what are the default configuration.. let me go to /etc/config/network, and find out what exactly are the default configuration..
However, my current config comes from my manual config, hence it was not default config anymore. is that a way to restore default config ?
Yes, although the specifics of the interface names and switch configs are examples, as OpenWrt covers a broad variety of devices.
Yes, the default configuration is setup for the typical case of a home router. It requires no changes except for:
wireless (if applicable and desired):
set the SSID, encryption type, passphrase, and then enable the radio
wan connection method (if not DHCP)
by default it is DHCP, but some users may need to change it to PPPoE and add the credentials, or use static IP (rare) with information provided by the ISP.
I executed the command firstboot -y&&restart to rollback to default configuration, However, when I check the default network configuration file (/etc/config/network), I did not see any config that bridges the br-lan with wireless network as per we expected and below architecture topology.
I executed the command firstboot -y&&restart to rollback to default configuration, However, when I check the default firewall configuration file (/etc/config/firewall), I did not see any config that setting up the default route from LAN to WAN for internet surfing. Plus I am confused why default config already has http 80 / ssh 22 remapped, and why those specific IPs are pre-configured (192.168.45.2, 194.25.2.129).
Please see below for the default firewall config;
root@OpenWrt:/# cd etc/config/
root@OpenWrt:/etc/config# ls
dhcp dropbear firewall luci network rpcd system ubootenv ucitrack uhttpd wireless
root@OpenWrt:/etc/config# vi firewall
#config rule
# option src lan
# option proto ICMP
# option target DROP
# port redirect port coming in on wan to lan
#config redirect
# option src wan
# option src_dport 80
# option dest lan
# option dest_ip 192.168.16.235
# option dest_port 80
# option proto tcp
# port redirect of remapped ssh port (22001) on wan
#config redirect
# option src wan
# option src_dport 22001
# option dest lan
# option dest_port 22
# option proto tcp
### FULL CONFIG SECTIONS
#config rule
# option src lan
# option src_ip 192.168.45.2
# option src_mac 00:11:22:33:44:55
# option src_port 80
# option dest wan
# option dest_ip 194.25.2.129
# option dest_port 120
# option proto tcp
# option target REJECT
#config redirect
# option src lan
# option src_ip 192.168.45.2
# option src_mac 00:11:22:33:44:55
# option src_port 1024
# option src_dport 80
# option dest_ip 194.25.2.129
# option dest_port 120
# option proto tcp
- firewall 189/189 100%
thanks for pointing out, wireless config is as below, I am confused about option network lan. I understand that we have lan configured as interface in etc/config/network, I did not see anywhere lan was defined as a Network ?
Interface and network mean pretty much the same thing for most OpenWRT-related situations. Having a config interface 'lan' section in the network config file means you have a lan network on the router.
The section of the firewall config that you quoted are examples of what can be done. Those configs are not active as they are commented out by hash signs at the beginning of the line.
If you run brctl show you will see that the wireless AP is indeed in the bridge with the LAN ports. The way it got there is convoluted especially since DSA is involved, meaning that the LAN bridge is a combination of hardware and software L2 switching. But to the user, the single option network lan in the AP's section of the wifi config is all that is needed to connect it to the lan network.
And interface sort of means a network, most of the time. This syntax could be clearer.
Ok, then it seems that, in OpenWRT, interface name and network name is interchangable. This is surprising me as it is clear, from basic network knowledge perspective, that interface & network are completely different things.
If this is something unique in OpenWRT (though a bit wired, and not that easy to understand), I will simply just keep it in mind despite it makes me feel that OpenWRT terminologies are not prudently defined.
