hi i have two openwrt routers connected with ethernet cable, with dual nat, because it seems to work better than having only one nat on the first router, and dump ap on the second. router one is low powerfull, router two is powerfull . I can't invert the two devices,because the first one is a modem.now my question is can i disable nat, masquerade on the first router and have router1lan router2wan connection? and have nat only on the router two? to be more precise I use router 1 only for modem,only router two is connected to router one, also wifi is disabled on router one.
Maybe a sketch of what you have now, and what you want to end up with? (Either link or paste the result as a code snippet in your reply, so formatting isn’t lost)
http://www.asciidraw.com/
Before getting too much further into this, do you have any hard numbers that show router 1 really can’t keep up with the load you have running? Or is your goal just to remove the double Nat?
1 Like
I can believe that splitting network broadcast domain can improve quality in some cases, but adding another NAT unlikely can help.
Yes you can.
If you bridge the modem router 1 and disable dhcp and wifi, router 2 can do everything (PPPoE or DHCP for WAN, NAT, DHCP server, and Wifi)
1 Like
strange but true, if i use dump ap on the second router, all is slower. nat, masquerade work better on a powerful device or is there no difference with a less powerful device? yes my goal is just to remove dual nat, really remove on router one, just for testing
1 Like
I hope you understand that you can separate network broadcast domains without NAT and just use plain routing to forward traffic between different subnets within your LAN.
no, i don't understand that i'm not an expert user, but if you tell me how to do that i'll understand. i just simply want disable nat on first router.
i just disabled masquerade via luci on the first router, and i assigned a static wan ip address to router two. is that correct?
Plain routing requires both routers to have routes to each other network.
So you disable NAT on R2 and add route to LAN2 via R2 on R1.
Alternative is:
i'll try the second option, for me looks simpler, now i have to disable dhcp wan or lan of router one?
Yes, I would disable dhcp on the wan interface. And leave dhcp enabled on the lan.
You can change the ip ranges if you need to later , but the below should work as a PoC to see it working.
for the lan interface on router one
- use ip 192.168.1.1 (and therefore that whole range up to 254) on the lan port.
- Create a static route for 192.168.2.0 (/24) 255.255.255.0 , gateway 192.168.1.2
On router two,
- use ip 192.168.2.1 for its lan.
- assign 192.168.1.2 to its wan port .
- Add static route for 0.0.0.0 or default gateway if option is available to point to 192.168.1.1
- Disable dhcp on the wan interface, but that should already be the case after assigning an Ip.
- Ensure natting/ masquerade is disabled on the wan interface
Connect an eithernet cable between any lan port on router 1 , into the wan port on router 2.
Should work. The above assumes you haven’t modified the dhcp defaults on the lan interfaces, which only use ip ending between .100 and up to .254 , leaving the low ends from .1 up to .99 available for static assignment.