Main router subnet shared on remote router (wifi/wired)

Veteran of quite a few DD-WRT installations/administrations here, who's done a few OpenWRT and now LEDE installs as well. Not an expert at this by any means but do know my way around the DD-WRT interface and am familiar with the basic concepts and nomenclature of networking.

I recently flashed a couple of routers with LEDE--a TP-Link wr1043nd (v 2.1) and a Linksys EA3500--and have begun setting them up. The TP-Link will be the main router and DHCP server, the one that hooks to a cable modem and acts as gateway in my apartment. The Linksys will, after being hooked via its WAN port to the main router using a long ethernet cable, be placed in a remote location. That router should act as what I think of as a DHCP forwarder, and should give out, on both it's wired and wireless interfaces, addresses on the main router's subnet.

First question, have I got the terminology right? Is "DHCP forwarder" the right designation for the remote router in this description?

The main router is set up and seems to be working fine. Where I'm now having problems is setting up the remote router. I did not manage to find any step-by-step directives for doing this sort of thing under LEDE and decided that, since I'd done this once before under DD-WRT, I should be able to figure it out by trial and error under LEDE. Owing in part to the way LEDE's web interface differs from DD-WRT's and partly owing to my rather basic understanding of networking, things are not going very well.

I've so far managed to at least get the remote router to give out IP's in the main router's subnet via wifi, but it will not serve any IP's over its wired ports. Worst of all, I now seem to be locked out of the remote router. I can ping it and both its ipv4 and ipv6 addresses show up under the main router's "overview" page, but I can neither ssh in nor can I access its web admin page. That's a little strange since, though I do not believe I configured it to serve the web admin page over its WAN port, I do recall configuring it to accept ssh connections via the WAN port.

A couple of questions in closing, then. First, what else might I try in order to get access to the remote router either via ssh or its web admin page? I fear I might have to reset the unit, which could introduce additional headaches such as needing to reconfigure it again from scratch, or even cause the unit to revert to the stock Linksys firmware (I've seen indications that loading LEDE onto these units does not completely displace the stock firmware). So, do I have, short of performing a reset, options for regaining access to the unit's administration page or ssh interface?

Second, can anyone provide or point out to me a set of step-by-step instructions for setting up a DHCP forwarder such as I'm describing here? Thanks in advance.

Not really, from your description I guess you actually want a variation of - unless you really, really, really need 5 ethernet ports (instead of just 4), I'd suggest to keep it simple.

  • disable the WAN port (proto=none)
  • configure your LAN to use an IP within the subnet of your main router
  • disable dnsmasq/ odhcpd
  • the firewall can be disabled or just ignored, it's not in the way
  • [optional] configure the wireless as desired

This way the main router will provide DHCP/ DNS to all clients, which are all part of the same subnet and broadcast domain. Your additional routers will just act as switch and AP, extending the main network.

You want to setup as a dumb AP. Best to reset to defaults (you shouldn't need to reload the stock firmware -- use failsafe mode and then use the guide for configuring the dumb AP.

Thanks for the replies and clarifications on terminology. Meantime I got things working a bit more sanely by doing some experimentation: I'd been hooking the ethernet cable from the main router to the remote router's WAN port, and switched it over to one of the LAN ports. Once I'd done that, the web interface became accessible again and IP's started being given out on the remote router's wired ports as well. So it's kind of working as intended, though I remain concerned that some of the settings I'd previously tweaked might need further tweaking.

As an example, I have the impression that the WAN port on the remote router might be wrongly configured. I guess I don't need a WAN port on this remote router, in the standard acceptation of that phrase: apparently in this scheme just about any of the wired ports on the remote router can be a sort of uplink port--right? But at the same time I would like to be able to utilize all five rj45 jacks on this unit. Under DD-WRT speak I think this would be called something like "assigning WAN port to LAN." But I'm a little confused as to how I'd go about doing that.

It seems that, for LEDE purposes, eth0 on this router is the 4 LAN ports, while eth1 is the router's WAN port, correct? More questions to come as I read the links provided and continue experimenting.

PS I did just now disable the firewall on the remote router.

I got this kind of working, though with some drawbacks. Rather than carefully follow what I take to be psherman's suggestion of essentially restoring all defaults on the remote router and reconfiguring it from scratch, I continued rooting through the web gui trying out things. I first tried following one of the directives at the link provided, assigning the WAN port of the remote router a static IP on my main router's subnet. Next, I continued trying to assign the WAN port on the remote router to its LAN (hoping I'd be able to use all 5 of its ports). On rebooting it, it was working as desired, with it giving out addresses within the main router's subnet on both its wired and wifi interfaces. The problem, however, was that I was no longer able to access its web admin page--I suppose due to the fact that I've got some conflicting settings (probably related to the static address I'd assigned while the port it's on is at the same time being assigned [bridged?] to the LAN). Will continue fiddling to see whether I can restore access to the remote router's admin page. Thanks