Network Assistance - OpenWrt AP, DHCP, P2P


So I'm hoping someone can give me some guidance on this - I've been trying for the last few days, looked at various support articles, and across various communities, but either I'm looking it it wrong, or messing up somewhere.

I've attached a diagram to help understand things visually.

  • I have an internet connection that comes into an ISP provided modem. This modem acts as a modem, WiFi and DHCP.
  • To that modem, I have a (Point to Point) P2P device directly connected, which is then connected to another bridge P2P device, giving connectivity to the home office.
  • That bridge P2P device is connected to a Synology router. This Synology router also acts as a DHCP server for all devices connected to it. Although the subnet is the same, the IP range is different

I'm trying to add in an OpenWrt AP between the modem and the P2P device, so, if anyone connects via WiFI, they connect to the OpenWrt router. The OpenWrt router, get's it's DHCP from Synology router, while the Synology router uses the same network to also get to the gateway for Internet.

I'm trying to do this so all traffic routes through the Synology router, which gives me greater control over the bandwidth. Forced to work from home because of COVID-19 (alongside 2 others in my family also working from home) with this lockdown/quarantine, and the kids not being in school, it's draining the internet. The Synology router, gives me much greater control, but because of the location where the internet comes in (to the house) and the P2P devices connecting it to the home office, while the home office has the Synology router, I'm unsure where I'm going wrong. I did set the OpenWrt to AP mode, disable DHCP, set the IP to that within the Synology router range ( but it didn't seem to want to work. Do I need to also add in an IP to connect to the modem, too, despite not wanting DHCP from that?

Bare in mind, everything works fine, without the OpenWrt AP. I.e the ISP modem which has WiFi activated and DHCP, and then the router in the home office on a different IP range - all that works.

Issues arise when I try and add the Open Wrt AP between the modem and the P2P device - then the home office stops receiving the internet etc.

Thoroughly appreciate your help.


I'm not sure if I know what a P2P bridge exactly does. But what I noticed is that you will probably have to do a double NAT. As you graphic shows your "Internet Modem" is in a 192.168.1.x subnet. So it probably doesn't even know where 10.0.4.x packets should go. One solution to this would be to do double NAT and Masquerade all packets coming from 10.0.4.x. Or you add that route to your internet modem, whereby I suspect that you can't do that.

1 Like

Thanks for your reply @C4ne, thoroughly appreciate it.

I'm not as familiar with double NAT, will surely look into it. However, it doesn't seem the ISP provided allows me to change the NAT rules, despite having that there as an option.

Would the double NAT be done on the OpenWrt router?

I know you mention it wouldn't know where the internet packets should go, however, the 'strange' thing is though, in the first image (on the first post on this thread), where I put what it 'currently looks like', despite not having any NAT rules set-up, the Synology router (on a different IP range) functions brilliantly, with no issues what so ever.

Issues only arise, once I plug in the OpenWrt router, as per the 2nd diagram/picture above, so, it seems maybe the NAT rules need to be applied purely to the Open WRT?

Any guidance, from anyone, would be valued!

Yes. The addresses would be translated at your ISPs router and at your OpenWRT router.

That's the point where I noticed that I did not understand your post correctly. So let me try to sum up in my own words, so we are on the same page: Your OpenWRT router should act as an wireless access point, hooked up to your internet modem. The OpenWrt AP should send all traffic to the Synology router. If you disable your current AP and plugin your OpenWrt AP, you can't access the internet through the Wifi of the OpenWrt AP. Sorry for not reading your question correctly.

What confuses me is that your P2P device is hooked up to the OpenWRT router. Why don't we just connect the OpenWrt AP to the Synology Router? Or why is the P2P not connected to the ISP router anymore in your second image? Both would simplify the configuration a lot, I think.

1 Like

Thank you for the response.

I'm going to answer this backwards, as it will give context.

[Replying to quote above] Apologies, maybe I used an incorrect acronym 'P2P'. So the distance between the house (where the internet comes into) and the office on the other side of the back yard, is too great for either WiFi to pick up, or run an Ethernet, therefore, I have a P2P (Point to Point) device, that bridges the connection, and gives the office, on the other side of the yard internet connection. I previously had an OpenWrt router at the 'home office', but the Wireless just didn't cut it, therefore I purchased this Synology router, and WiFi seems much stronger around the office area. The only difference between the OpenWrt AP and Synology router, is that previously, all the devices (in the house) and the office were on the same IP range. In order to use the advanced features on Synology, it needs to act as a router, therefore, it put the network on a different IP range - reason why the IP range from the house to the office is different.

In an ideal scenario, the Synology router would sit directly behind the ISP modem, then everything else through there, which I guess would make things significantly easier. However, as the Synlogy router is used for it's WiFI range, I am trying to route all traffic through there, and also use it as DHCP. It would then allow me to control data usage at a more granular level for the kids, while they're at home.

Sort of, partially correct, let me try rephrase;

Currently, its like this;
ISP modem (acts as both modem, DHCP and WiFi AP) [] --> connected to Point to Point 1 via Ethernet [] --> this connects to Point to Point 2 [] at the home office in the back yard (wirelessly, long range) --> Point to Point 2 [] connects to an Open Wrt AP only (DHCP from ISP modem back at the house). (In the last week, changed the Open Wrt AP to a Synology router []) All devices connected at the home office are on IP range 10.0.4.x.

The Synology router, which has replaced the Open Wrt at the office, it now gives DHCP (only to the wireless devices connected at the home office).
I am trying to make it the DHCP location for the devices at home, too, so all the kids devices, they come through the Synology router, giving me more control, to limit their bandwidth. That is why, I am trying to place an OpenWrt 'dumb' AP (with IP range same as Synology) in front of the ISP modem, turning off the WiFi on the ISP modem. As the Synology is on the same network, OpenWrt wifi clients should, in theory, route to the Synology to get DHCP and also internet goes through that device.

Issue I am having - I set up the Open Wrt in Dumb AP mode, place it in behind the modem (connect ethernet port to ethernet port on OpenWrt), then every other device goes through OpenWrt (at least at the house) and then as the Synology is also connected on the same network (same subnet, different IP range), it hopefully pushes everything through there.

I hope this makes it simpler. If I am going about it wrong, please advise, if I should do things differently.

Thank you for your help, appreciate it a lot.

Hi! That clears things up. I think I have a solution for you. The only problem that I see is that the internal DHCP server of the Synology router. The problem is that I am pretty sure these DHCP server only listen for DHCP requests on their "LAN" interfaces (e.g. wifi and ethernet ports), but not on their WAN interfaces (The physical port that is currently connected to your P2P 2 device). We will have to know if we can change that behavior. So: Is that Synology router running OpenWRT too? Which model is it? (So I can google what DHCP server settings we can change). The same goes for the DNS server running on the Synology router.

A summary of my current suggestion:

  • We don't do double NAT as this introduces some problems with UDP punching as far as I know. Generally you want to avoid that.
  • ISP router:
    • DHCP OFF
    • WIFI OFF (Because we probably can not set any routes for the wifi interface)
    • IP: on all ethernet interfaces
  • OpenWrt AP: setup as a "dump AP" but the "main router" is (I am assuming you configured your OpenWRT router according to this page)
  • Synology router:
    • on his WAN and LAN ethernet interfaces
    • DHCP and DNS listening on all ethernet and wifi interfaces
    • I think all devices that are connected per wifi or ethernet can be given a 192.168.1.x address if these devices are addressed by their MAC addresses. If that doesn't work we will have to change the routing table of your ISPs router. If that doesn't work either we will have to leave these devices in the 10.0.4.x range.
  • P2P 1+2: I am assuming they are configured with a static lease. The static leases should be configured in the Synology router, so the DHCP server reserves them. The first is connected to a ethernet port on your ISPs router

But still, the biggest problem is to change the behavior of the DHCP and DNS server on your Synology router.


EDIT: I just realized why you want to put the OpenWrt AP between the P2P1 and the ISP router. That way you can allow traffic between wifi devices connected to the OpenWrt AP and the devices connected to the Synology router. But then the OpenWrt AP must also route packets coming from the Synology to the ISP router. That's probably the reason why the article linked way above does not work. But the cons of this is that if your OpenWRT Device fails you won't have a internet connection in your office too. And it's probably a bit more complex to set up

1 Like

Hi @C4ne.

I did try this out, but it seems after various attempts, and trying out different methods, it sadly didn't want to work.

I will have to think of something completely different, to get around this.

Thoroughly appreciate your help, @C4ne!

1 Like