I can't achieve what I think is the simplest thing. I have TP-Link Archer C7 with OpenWRT and I want to connect it as a client to Wifi AP and bridge wifi with LAN ports, so it acts like a switch or say media converter wifi - ethernet. Nothing else, no router, no firewall, no DHCP, DNS and whatever else it does. I just need to connect 2 PCs to an AC wifi with 3x3 MIMO support and I don't want to buy two USB adapters, these supporting this speed are quite expensive. Will anyone give a tip on how to do this? Thanks.
What is your "upstream" wireless device? Is it running OpenWrt?
It is another TP-Link Archer C7 with latest stock firmware and it is configured in AP mode (no routing/NAT) but wifi seems working, i think I have problem with the bridge thing. But If it helps anything I have no problem upgrading it to OpenWRT as well
Upgrading it to OpenWrt and configuring a WDS bridge would be the easiest, in my opinion. I've run WDS successfully and found it to be robust for one or two VLANs.
I found the key in this article https://openwrt.org/docs/guide-user/network/wifi/relay_configuration
Specifically, this sentence: Since opensource wireless drivers used in OpenWrt do not support bridging in client mode, the traffic between LAN and wireless client must be joined by routing it.
That's why the bridge didn't work for me. WDS bridge works. So WDS is a better option than relayd?
My older Edimax router has a mode called AP Bridge Point to Point, which is described in the manual as “AP Bridge Mode” providing the function to bridge more than 2 wired Ethernet networks together by wireless LAN. You can use two access points with “AP Bridge-Point to Point mode” to bridge two wired Ethernet networks together. That's what I originally needed. Ironically, WDS mode is also supported in the stock firmware.
WDS is a true "Layer 2" bridge, working pretty much like a physical cable between the two. Of the easy-to-configure approaches, it is the one I prefer1 for one or a couple of VLANs2. One drawback to WDS is that, while the format of the packets is standardized, how each router/OS interprets them is not. Some OSes work together, some don't.
The "important" box on that page mentions WDS. Perhaps the quote refers to the interoperability problems with other router OSes?
"relayd" is a "hack" in my opinion, and only works for IPv4. It hides the fact that there is a routed network behind the connection by using proxy ARP (the router claims to be an Ethernet device that is really on the LAN behind the router) and copying broadcast packets from one side to another. When WDS doesn't work or you don't have enough control over the "upstream" router, sometimes relayd is the only choice you have.
1 Some of the more complex approaches include GRE tunnels, Layer 2 VPNs, and, if more than two stations involved, Layer 2 mesh routing like batman-adv.
2 As VLANs are an Ethernet construct, you need multiple SSIDs for multiple VLANs. Eventually "beacon pollution" becomes a problem.
Thanks for the heads up -- edited
Thank you, so I'll stick to WDS. I can reach speeds around 330 Mbit/s, but the CPU load on OpenWRT devices is quite high. Is it normal?
For a single-core, MIPS-based processor, that is not surprising.
A 750-MHz class, "ath79" device caps out around 300-500 Mbps through the CPU with routing and NAT. An Archer C7v2 caps out around 320-390 Mbps. Since you're not NAT-ing, you perhaps can get a bit more than that.
The high "sirq" number is indicative of handling the Ethernet and wireless interrupts.
I couldn't resist trying WDS with the original firmware. It works and it's even 30% faster, so CPU is bottleneck with OpenWRT and stock firmware is much more efficient.