Replacing ISP router's DHCP

Hi,
in my network setup, I have connected OpenWrt router to my ISP router's LAN subnet 192.168.178.0/24.
This OpenWrt router has a dedicated upstream, means there's no NATed upstream and the client connection to LAN 192.168.178.0/24 is only to get access to other connected clients in this subnet.

I prefer to have only a single DHCP server in my network.
Therefore my question is:
Can I use OpenWrt as DHCP server listening to subnet 192.168.178.0/24 and shutdown ISP router's DHCP server?

THX

you should only have one.

yes, if the ISPs DHCP can be switched off.

Sure, you have to

  1. reconfigure the LAN IP Address of your OpenWrt router to 192.168.178.x (anything below 192.168.178.100, but probably not 192.168.178.1 as this is likely your existing router).
  2. Add the DHCP options for the correct gateway and DNS servers to your DHCP configuration; probably you need to add them also to your LAN interface.
  3. Make sure to connect the OpenWrt LAN ports to ISP router LAN ports
  4. disable DHCP on your main router
  5. Test; if it doesn't work, your clients might be getting the wrong gateway address, i.e. use the OpenWrt device as gateway and/or DNS. This can be solved by defining the proper dhcp_option to the DHCP server, see here.

There are several drawbacks, though: All routing is performed by your ISP router, no wired traffic passes your OpenWrt router. If you use Wireless, only the wireless connection itself is handled by OpenWrt. The firewall on OpenWrt is not used, either.

I do not see much advantage over the ISP's DHCP server, unless you need specific options not present in the ISP router.

As an alternative, you could connect the WAN port of the OpenWrt router to the ISP router and disable masquerading on OpenWrt (to avoid double-NAT). This is described for example here. You should still be able to configure port-forwarding et al on your ISP router.

Edit: I re-read your post, especially this section:

and I do not understand it. I thought the OpenWrt router was connected to the ISP router? Is there a separate WAN connection to the OpenWrt router? You could also provide a network diagram to make it clearer.

1 Like

The 2 routers are working independantly. OpenWrt router is using modem of ISP router only (this is called "bridge mode" for my ISP router FRITZ!Box).
I have connected IoT devices to LAN of ISP router. I don't want any device in this subnet to access any other subnet spanned by OpenWrt router.

Based on your information, I must setup OpenWrt interface with static IP and use ISP router's IP as gateway. Then I can stop DHCP service on ISP router. After this I start DHCP server on OpenWrt router.
This sounds pretty easy.

OK, forget my instructions and let's focus on your network topology first.

  1. This doesn't match your description, where is the 192.168.178.0/24 subnet?
  2. How can you get a "Public IP 2" and a "Public IP 1" in this configuration?
  3. How many public IPs do you really have? I'm also referring to CGNAT IPs, so how many IPs do you get from ISPs?
  4. Why did you connect LAN ports to WAN and LAN on the second router?

Based on your description, you want different subnets on the two routers, is that correct? Or just one?

1 Like

This is a typo in the graphic.
It is subnet 192.168.178.0/24

ISP's eth3 is in bridge mode, means I use the modem.
Hereby I get public IPv4 and IPv6 on (second) OpenWrt router.

This means, I have 2 public IPv4 and 2 public IPv6.

In the final stage, I have 1 subnet on (first) ISP router, and serveral subnets on (second) OpenWrt router.

Why? What is the purpose of using the first router for a single subnet?

Lack of ethernet ports on 2nd router.

This would probably be easier if both WAN connections were on the OpenWrt box - this would even allow failover and/or load balancing. The setup you are describing is a bit unusual.

However, what is the purpose of disabling one DHCP server then? Leave them separate and configure routing between the two subnets instead of mixing them. This means you would add another interface on the OpenWrt box with the uplink port and set up routes here and on the ISP box.

So do you need two WAN connections or would one suffice? I still don't fully understand your goal.

The OpenWrt router should be configured so that it does not interact with the 192.168.1 network at all, other than being an Ethernet switch. The OpenWrt router will not hold a 192.168.1 IP or offer any IP services to users of the direct to ISP router connection. Use proto none on that VLAN to accomplish that.

In the drawing you could simply couple the AP cable to the cable leading back to the other port of the ISP router. I assume though that you need to switch more than one Ethernet device back to the ISP router. That could of course be done with a separate hardware switch. Think of the situation as this even though you don't have a separate hardware switch, you can still isolate ports of the OpenWrt router into an isolated VLAN and accomplish logically the same thing.

Setting protocol "Unmanaged" on OpenWrt router's iot device makes sense. However then I cannot access iot devices from OpenWrt router's LAN clients, means I need to interact with network 192.168.178.0/24 (= forward from LAN to IOT).

Issue solved after removing interface from "Exclude interfaces".

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.