I can't seem to find an answer anywhere and I've never had to do this before. How would I tell OpenWRT to use the last two octets in the IP range for the pool? Would I tell it to start at 1.2 or 1.100 instead of just 2 or 100? An example would be that I want my subnet mask to be 192.168.255.255
Are you asking about the DHCP server? What size network are you working with here?
This is not a valid subnet mask.
Can you show us your config files:
Please copy the output of the following commands and post it here using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
cat /etc/config/network
cat /etc/config/dhcp
Sorry, I got things backwards on my subnet. I'm looking at 255.255.0.0. This is for a guest network at a medium sized church. I want to make sure I have enough addresses that we don't run out.
I don't anticipate THAT many people connecting but I'm thinking ahead in the worst case if everyone in the building connects at once, will I have enough. We also have a number of devices in classrooms that will allow for things like Apple Airplay so teachers can share content to a screen or leaders can share presentations in meetings.
Here's those config files. Note that I have not implemented either my final IP address scheme nor the subnet mask I plan on using. This will eventually have multiple subnets as well but I'm getting just a few things at a time set up. Getting the mesh and access points going is the first order of business. Nothing crucial is going on this network right away and the more sensitive devices are on a completely separate router at the moment.
/etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd12:1842:4a7d::/48'
config device
option name 'br-lan'
option type 'bridge'
list ports 'eth0'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option ipaddr '192.168.100.1'
config interface 'wan'
option device 'eth1'
option proto 'dhcp'
config interface 'wan6'
option device 'eth1'
option proto 'dhcpv6'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '1 2 3 4 0'
/etc/config/dhcp
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd12:1842:4a7d::/48'
config device
option name 'br-lan'
option type 'bridge'
list ports 'eth0'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option ipaddr '192.168.100.1'
config interface 'wan'
option device 'eth1'
option proto 'dhcp'
config interface 'wan6'
option device 'eth1'
option proto 'dhcpv6'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '1 2 3 4 0'
This is a /16 nework. Are you planning for 65K devices?? A subnet this big is unnecessary, and if you are ever approaching anything even over ~500-1000 devices, they should be further sub-netted because a broadcast domain that large will become very inefficient if clients can reach each other in any capacity.
I wouldn't suggest having anything larger than a /22 (1K hosts), and even that could be problematic. Most of the time a /24 (255.255.255.0, 254 hosts) or a /23 (255.255.254.0, 510 hosts) is sufficient.
If you are working with really large subnets, make sure that you use wifi client isolation and prevent clients from broadcasting to the network.
Anyway, if you want to increase the size of your network, you simply need to change the subnet (or use CIDR notation)
for example:
config interface 'lan'
option device 'br-lan'
option proto 'static'
option netmask '255.255.254.0'
option ip6assign '60'
option ipaddr '192.168.100.1'
The above will provide up to 509 addresses, ranging from 192.168.100.2 - 192.168.101.254.
You didn't post your DHCP file, but there are two parameters:
- Start = start of the DHCP pool. If you make that 5 (as an example) it will start at 192.168.100.5
- Limit = size of the pool. If you set that to say 500, your DHCP pool would range from 192.168.100.5-192.168.101.244 (if I've done my math correctly).
2 Likes
Ah, this makes sense. I do plan on dividing things into subnets eventually but it's more for security than efficiency. All internal resources will be on one subnet. Others will be on a separate subnet so they don't have direct access to the internet. This would be things like the digital sound board. There's no need for it to have a connection to the internet but since everything on stage is shifting to wireless in ear monitors with control from wifi connected phones, it would be nice to have internet access from the phones while also having a route to the sound board for control.
I actually plan on going with 172.16.0.0 for this network and using subnets based off that so if I have to VPN in at any point, it's far less confusing to tell it apart from my home network. I'd like to try to have my subnets nice and neat (172.16.0.0, 172.17.0.0, etc.) but I'm not really sure how to set it up like that now that you've presented having the subnet be less than the full two octets. Sorry for my ignorance on this. I've never needed to configure a network more complicated than a larger home network.
Also, sorry about the DHCP file. I must not have copied over the clipboard when I thought I had.
Edit: Nevermind. I figured out how to specify the subnet and still get ~500 hosts. Ironically, I understand CIDR notation better than the 255 notation. What I'm still not sure of is how do I specify the starting address for my DHCP server? Do I still just specify the first address in the last octet, in this case 2 or do I have to specify both the 3rd and 4th octet since our subnet is spanning that far? IE, 0.2?
It is the same principle. For subnet 172.16.0.0/16 a start of 256 means the first leased IP is 172.16.1.0
2 Likes
Ok, it's all making sense now. Thanks for the help!
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.