[Solved] Passthrough WAN to LAN

Installing and Using OpenWrt Network and Wireless Configuration
1

Hey guys, pretty new to OpenWRT and just wanted to get some advice and be pointed in the right direction for my situation

Background:
Ordered internet through my ISP
They came and installed a Radwin RW5000 on my house and then gave me a Dlink router to use for my internet
From my testing, my ISP is using DHCP authentication and uses DHCP Option 60 and a specific Vendor Class ID for the DHCP auth

So my network currently looks like this:

current
current2730×1078 200 KB

Disabled the DHCP server on the Dlink, DHCP is provided by the Cudy so any devices connected get assigned a 192.168.10.X IP address
This setup works, can't really complain too much except for the double nat and potential cgnat from my ISP (I think IPs in the 100.x.x.x range indicate cgnat? blocked it out just in case though)

But im sort of looking to simplify what's happening here and have something like:

Just to explain a little more about what I want
I have found that I can replace my Dlink ISP router with a OpenWRT router and do some setup on the WAN interface to do the DHCP authentication
I.e. The following:

Doing that allows me to connect the Radwin to the WAN of the OpenWRT and it will successfully authenticate with my ISP and provide an IP

Now what I want done is to passthrough my WAN connection directly to the LAN, no DHCP or anything like that
Passthrough the WAN so that when I connect the Cudy, it thinks its connected directly to my ISP
From what I understand I want something like bridge mode (every post i've found on the topic is trying to do WLAN bridging)

This is what the Cudy router sees if I leave the OpenWRT router stock standard and just do the above DHCP auth

The Cudy will connect just fine but will be assigned an IP from the OpenWRT router on 192.168.1.X

Is the passthrough I want possible?
Have I just confused myself?
Am I pulling some nonsensical scenario from my ass?

I could install OpenWRT on the Cudy and just be done with it
But then I lose the Cudy mesh functionality which is the main reason I got the Cudy routers (doing wired backhaul between Cudy routers so my devices will switch seamlessly to the strongest AP)

Appreciate any advice you guys can give me

2

Starting out, yes, you're right that the 100.72 block is CG-NAT. This means that the double-NAT you have on your end is really not an issue, and it makes the whole effort unnecessary.

That said, yes, it is possible to do a 'pass-through' by simply adjusting the switch such that it connects the wan and one other port together on a separate VLAN. However, with that in mind, your proposed topology will only work if:

  1. your ISP provides you with multiple IP addresses. Given that it is CG-NAT, maybe they're more generous with their IPv4 allocations than would be expected with a public IP assignment.
  2. The Cudy system will only get an IP address from the ISP if the vendor class ID can be configured on that device. In essence, if you setup the passthrough, it's like the OpenWrt device doesn't exist (it'll be transparent to the Cudy relative to the upstream ISP connection), so the test is really: can you get an ISP connection with the Cudy directly connected to the PoE adapter?

The next question is: what is the purpose of the OpenWrt router in this proposed topology? It will not have any impact on the Cudy (no firewall or any other features -- it's really just a wire between the PoE adapter and the Cudy), and if both are able to get IP addresses, you'll have 2 independent and unrelated networks. Is this a desired configuration? Or asked another way -- what is the purpose of the OpenWrt router in your proposed configuration?

3

The Cudy doesn't expose the required options to do the DHCP authentication
So connecting the Cudy directly to the PoE adapter does nothing
Having the Cudy WAN protocol set to DHCP does nothing because it doesn't send the required Vendor ID
Trying to set a static IP doesn't work either

My main goal with getting OpenWRT set up was to replace the DLink as it is a rubbish locked down router that starts struggling after like a week of uptime
At least with this OpenWRT router I can have it restart frequently if need be

My secondary goal (and the point of this post) was to try get the OpenWRT router to be as transparent as possible, having it only do the DHCP authentication and pass that along
In a sense, it is already doing that but wanted to try remove the need for the Cudy to get a 192.168.1.x IP

But like you confirmed, I am behind CG-NAT so it really doesnt matter

I could probably test to see if I am provided with multiple IP addresses, but point 2 is where the trouble starts, as I started off with, the Cudy cant send the required options so it can't authenticate so multiple IPs doesn't matter

It seems I had the wrong idea of what a passthrough connection would entail
I thought I could just pass the already authenticated WAN connection through and be done with it

4

The concept of a passthrough is as transparent as it gets. So that's not what you want.

That's not what pass-through is, though.

Have you instead considered making the Cudy just an AP (i.e. not routing). I don't know if the Cudy supports mesh when in bridge/AP mode (I know that Google/Nest Wifi devices can only operate as a mesh when the main unit is configured as a router; I don't know how the Cudy firmware works).

There are a few other options you can consider if the Cudy firmware won't allow you to do bridge-mode w/ mesh.

5

yeah, my understanding was flawed, I had dozens of tabs open and got stuck in a rabbit hole of trying to enable passthrough when it didn't apply to me

I am considering it
The router I have OpenWRT on at the moment is a Xiaomi Router 4c which isn't the most powerful thing compared to the Cudy WR3000 I currently have
I'll have to monitor the performance of the Xiaomi and see

Thanks for your help though, it really helped correct the misconceptions I had regarding this network setup

6

Glad I could help.

Feel free to come back (with a new thread) if you're looking to change the topology of your network with OpenWrt.

But for now, if your problem is solved, please consider marking this topic as [Solved]. See How to mark a topic as [Solved] for a short how-to.
Thanks! :slight_smile:

1 Like
7

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.