One LAN port without DHCP server possible?

I have a GL.iNET Slate (GL-AR750S-Ext).
I want the WAN port with the normal router function (getting the IP from an DHCP server).
Also the first LAN port should get the IP from an DHCP server.
The second LAN port and WiFi should act as a DHCP server.

The idea is that i can connect the first LAN port to my switch at home and the Slate gets an IP from my pfSense router.
Everything connected to the second LAN port or WiFi should get an IP from the Slate.

Is that possible?

So you want one of the ports to effectively be a pass through of the wan? Sure, that is possible.

Please copy the output of the following commands and post it here using the "Preformatted text </> " button:
grafik
Remember to redact passwords, MAC addresses and any public IP addresses you may have:

cat /etc/config/network
1 Like

WAN pass through? I guess not?
WAN should still be router/firewall.

My whole Network is 10.110.192.0/18 (10.110.192.1 - 10.110.255.254 / 255.255.192.0).
I want the Slate DHCP Server to deploy 10.110.230.2 - 10.110.230.254 on LAN port 2 and WiFi.
LAN port 1 should receive its IP from pfSense.

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd5c:e6ae:028f::/48'

config interface 'lan'
        option type 'bridge'
        option proto 'static'
        option ip6assign '60'
        option multicast_to_unicast '0'
        option hostname 'GL-AR750S-aa6'
        list ipaddr '10.110.230.1/18'
        option ifname 'eth0.1 eth0.2'

config interface 'wan'
        option proto 'dhcp'
        option ipv6 '0'
        option metric '10'
        option hostname 'LISA-ROUTER'

config interface 'wan6'
        option proto 'dhcpv6'
        option disabled '1'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option ports '2 3 0t'

config switch_vlan
        option device 'switch0'
        option vlan '2'
        option ports '1 0t'

config interface 'guest'
        option ifname 'guest'
        option type 'bridge'
        option proto 'static'
        option ipaddr '192.168.9.1'
        option netmask '255.255.255.0'
        option ip6assign '60'

Is the Slate connected to anything through the WAN port when you're at home? If not, and if everything connected to the Slate (other than the switch connected at LAN1) is on a different subnet, why not just use the WAN port to connect to the switch instead? And keep all the LAN ports on the Slate subnet?

Can you explain what the purpose of 3rd port will be? You said one port is wan. The next port is lan with dhcp enabled. Iā€™m not understanding what you are asking for on the third port?

At home there would be nothing on the WAN port.
First i thought i use the WAN port and let it get an IP from pfSense.
But then i have double NAT? Also DMZ and opening ports did not work.

I want a setup i can use at home and when I'm somewhere else without the need to change settings.

@psherman , second port with receiving DHCP. Third port DHCP server for a RPi music player.

The DHCP server on the LAN is fine. But if you want the second port 'receiving' DHCP, it is quite similar to the WAN scenario in that it must be on a different subnet relative to your LAN.

In most contexts, this would cause a double-NAT situation. But if your main router has the ability to specify static routes, you can set a static route and use symmetric routing so that your second network doesn't experience double-NAT. However, it is still a routed network -- anything behind the Slate will be on a different network.

It just occurred to me that you might be running the Slate as a media server... if the media is served directly from the Slate, you can do this fairly easily by creating a new network with proto of dhcp client that is connected to the 2nd physical port. Then put that network into the lan zone. Keep in mind that your slate's LAN must still be a different subnet than your upstream network... but this would be pretty easy to configure.

Travel routing is always necessarily double-NAT since you don't control the upstream network and can't install routes into it.

These two use cases (network router with integral media server vs LAN-based media server) are different enough that one configuration is not going to cover both of them. Set up each case separately and save config archive files so you can rapidly change between them.

Why does it need to be a different subnet?
Can the first LAN not receive 10.110.230.1 from pfSense and the second send out 10.110.230.2 -10.110.230.254?

The media is not served from the Slate. The Slate is just WLAN (like a HotSpot) for the media player because handling HotSpot on this single board computers is a pain. The USB WLAN sticks are not made for this. I connect with my phone via WLAN to the Slate and can control the player.

Everything portable because the Odroid (its not a RPi) and the Slate get there juice from a power bank.

These are the same subnet... this means it cannot be routed (L3). It would be switcheed (L2), and as such, there must only be a single DHCP server on any given subnet. Therefore, if the pfSense router is the DHCP server for the 10.110.230.0/24 network, the Slate must have the DHCP server disabled. So it is not possible (without considerable additional complications -- essentially enterprise level configurations) to run a DHCP server on your Slate and have its LAN on the same subnet as the pfSense router (which is already running a DHCP server).

@mk24 was correct when stating:

It appears that you're really looking to make the Slate into a dumb AP when at home and a travel router when on the go. So two configurations are necessary to achieve that.

If you are okay with the stuff behind the Slate being on a different subnet, you could theoretically achieve your goal with a single configuration.