Hello everyone, my openwrt has two wan connection,
wan0 used as default route, (dev name pppoe-wan)
wan1 currently not used (dev name pppoe-another_isp)
and two wlan interface
wlan0 5G wifi
wlan1 2.4G wifi
currently all traffic routed through wan0, now I want to create another ssid , all traffic of this new ssid route through wan1.
I'm following https://openwrt.org/docs/guide-user/network/wifi/basic guide to create another wifi interface(it named wlan0-1 in ip addr output) successfully and it worked (still route through wan0 ), how can I makes all traffic from this new ssid route to wan1 ?
I'm thinking about
iptables -t nat -I PREROUTING -i wlan0-1 --???route to another_isp???
but don't know how to do this? Thanks for advising
---update--
(I hope to using wan1 dev name pppoe-second_isp as target, instead of its ip address)
Thanks for suggestion , I'm trying pbr package, but currently I can't make wlan0-1 interface connected device using specified rule (but using ip is OK). according to doc, I should use @wlan0-1 as src_addr, but it didn't work
I have never used the @wlan0 option. You can verify if it works by checking the mangle table of iptables.
Or try with source IP addresses. In any case for further troubleshooting you need to supply a few things.
it do create corresponding entries in mangle table, now I have
Chain PREROUTING
...
464K 435M VPR_PREROUTING all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0x0/0xff0000
Chain VPR_PREROUTING (1 references)
pkts bytes target prot opt in out source destination
171K 122M MARK all -- * * 192.168.1.230 0.0.0.0/0 /* chmob */ MARK xset 0x60000/0xff0000
0 0 MARK all -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in wlan0-1 /* chmob */ MARK xset 0x60000/0xff0000
src_addr set to 192.168.1.230 worked , but if I using @wlan0-1 as src_addr, this rule (PHYSDEV match rule) never matched (0 package), seems this rule didn't match package from wlan0-1
Thanks for suggestion, but I've already confirmed using source IP worked. My intention is to make all device connect to SPECIFIED WLAN auto route to second wan.
I've followed the instruction , now my openwrt has another bridge with different subnet, and my additional wifi (guest wifi in reference) can be connected (with correct dhcp response), but "policy based rounting" part seems not work, my traffic from additional wifi still goes through default wan interface.
I've tried using pbr package to route this subnet ip to my second wan and it worked. since they're both using rule based route so should both work, or neither work. I think my setup problem is that my default setup already has a special rule (even without second lan/wan) for transparent proxy,
0: from all lookup local
1: from all fwmark 0x1 lookup 100 ----> my transparent proxy rule
2: from all iif br-chmob lookup 80 -----> route specific lan to specific wan rule
3: from all iif pppoe-wan_chmob lookup 80
10000: from 192.168.2.1 lookup 80
10000: from 100.79.173.189 lookup 80
20000: from all to 192.168.2.1/24 lookup 80
20000: from all to 100.79.173.189 lookup 80
32766: from all lookup main
32767: from all lookup default
90157: from all iif lo lookup 80
90161: from all iif lo lookup 80
transparent proxy rule matched first so my setup break. using pbr create following rules:
0: from all lookup local
0: from all fwmark 0x10000/0xff0000 lookup 201
0: from all fwmark 0x20000/0xff0000 lookup 202
0: from all fwmark 0x30000/0xff0000 lookup 203
0: from all fwmark 0x40000/0xff0000 lookup 204
0: from all fwmark 0x50000/0xff0000 lookup 205
0: from all fwmark 0x60000/0xff0000 lookup 206
0: from all fwmark 0x70000/0xff0000 lookup 207 --->pbr rules
1: from all fwmark 0x1 lookup 100 ---------> my transparent proxy rule
32766: from all lookup main
32767: from all lookup default
pbr rules came first so it worked (I think)
anyway second bridge/subnet is requirement for successful setup (although I still use pbr for route, but that's ip rule order problem).