Two gateways and two subnets, many routers

Hi all - first post here. Using dd-wrt now but thinking about moving to openwrt if it can solve the issues I have with wirelessly connecting two subnets.

Situation:

Two adjacent apartments, each apartment having an internet gateway on a different subnet (one is 192.168.0.254 and the other is 192.168.1.254). There is now a wireless link with two non-gateway routers linking the two networks together (with old "repeater bridge" technology), and every router / gateway has mask of 255.255.254.0 so they can see one another. The APs of the individual routers have different wireless network names and each router is configured to point to either of the two gateways depending on physical location, so devices connecting to an AP within a particular apartment will access the DHCP of the appropriate gateway within the same apartment and subsequently have WAN access via the appropriate gateway (I.e. no need to hop through the repeater bridge).

All is good except I have to disable the relaying of broadcast messages at the "repeater bridge" otherwise pings to the other subnet will be duplicated (apparently the "relayd" daemon used by ddwrt is a bit buggy). So no access to DLNA servers at other subnet. Also the whole network is not really stable - I have to add a job to auto reboot the routers when it loses connection for whatever reason.

So several question I have for the Openwrt pundits here:

  1. Can I setup two networks, linked wirelessly across two routers of different brands (both are broadcom based). With broadcast messages also routed across the two networks.

  2. Can I then setup mesh 802.11s in one of the two networks? But within this mesh network I have routers of different brands and architectures (broadcom and atheros). But they are all capable of running the latest version of openwrt.

  3. Can I set it up in such a way so that devices in 192.168.1.x can see devices in 192.168.0.x but not vice versa?

Thanks !!

Just to close this thread, after many days of struggling with the setup, mission accomplished. This is my new network topology:

But I ended up using DD-WRT for 192.168.1.253 to connect the two sides wirelessly. And only one of the two gateways are running Openwrt (mainly because the other one is not capable of flashing to Openwrt).

1 Like

You probably can but I would not do it. Because the driver support for Broadcom Wifi devices on OpenWrt is poor. Broadcom's Open Source drivers are pretty bad. I don't know what drivers DD-Wrt is using exactly. But they have an agreement/contract with Broadcom and access to the "real" drivers. This means much better Wifi.

Edit: It migh depend on the specific device also. A lot of ppl. here using wrt1200, wrt1900, wrt3200. But you should research for your specific units carefully about wifi performance.

That is what mesh is about. You can do so if the driver supports mesh on your router. You can check this with:

iw list | grep "Supported interface modes" -A 9

I'm not a mesh expert. But with VLAN's this should be possible to do.

2 Likes

If you can insert routes on both main routers you don't need relayd, etc. Run it as two standard /24 networks with a link between them. The linking router holds an IP on both networks (on separate interfaces) and forwards between them. The main router on each network has a route to the other network through the linking router. An extra tweak that would increase performance would be to have the DHCP servers push this route directly to the endpoints so they don't have to forward through the main router.

The linking router will probably be wired to one of the networks and wireless on the other. Since it is holding only one IP address and does not need to bridge any layer 2 packets it can use a regular AP-STA link.

A firewall can be set up within the linking router to restrict use of the link in almost any way you want.

Another, more conventional way to do this is a VPN. The advantage is the two apartments can be anywhere, not necessarily in radio range of each other. The disadvantage is LAN to LAN becomes limited by the speed and latency of the ISP and encryption hardware.

2 Likes

Thanks for your suggestions !

Although I have got everything working the way I wanted, one thing I still don't understand is how a 'linking router' can establish route to/from a different subnet (and this is why I purposely set my gateways and my 192.168.1.253 (a.k.a. the bridging wireless router) to have subnet masks of /23 so they can see one another. It works, but I am still curious...)

For the sake of helping me understand, let's say hypothetically I have set up the linking router per your suggestion, and put /24 back to my gateways (i.e. 192.168.0.1/24, and 192.168.1.1/24)...

  1. If the linking router holds an IP on both networks, does this mean I will have to assign two IPs to it? And bridge like I would do for a normal gateway to a WAN?? So like a WAN-LAN bridging but the WAN is actually another subnet...??

  2. Or, like you said, doing a wired connection to one subnet and wireless to the other. In this case I assume the wireless will be a 'client' type of connection to the AP of one of the gateways, right? Then I will create a new zone in Openwrt for this 'client' wireless interface? ... and then how can i magically connect the new zone with the default 'LAN' zone? Especially when they have different IPs on different subnets?

These are probably noob questions, but for someone who is dealing with two local subnets for the very first time, I am absolutely stumped by the routing of two local subnets.

In the main router 192.168.0.1 place a route 192.168.1.0/24 via 192.168.0.253. And in the other main router 192.168.1.1 the opposite (192.168.0.0/24 via 192.168.1.253).

Now suppose there is a printer in the other apartment at 192.168.1.50, and a PC on the network 192.168.0.70 tries to use it. It sends a packet to 192.168.1.50. Since the only network the PC knows is 192.168.0.0/24, it uses its default route for anything else which is to send the packet via 192.168.0.1. That main router does know that 192.168.1.0/24 is reached by the linking router 192.168.0.253, so it forwards it there via a LAN connection-- which could be wired or wireless.

Configuring the interfaces on the linking router automatically installs routes for both networks. Its routing table shows 192.168.0.0/24 is on wlan0 and 192.168.1.0/24 is on eth0. So the packet for 192.168.1.50 which arrived on wlan0 goes out on eth0 and it reaches the printer.

The printer's response to 192.168.0.70 again goes by default route through that apartment's main router 192.168.1.1 then over to the linking router and is sent to the PC via the wlan0 interface.

It is important that none of this setup affects the Internet use or DHCP address assignment in either apartment. It is only when someone originates a packet addressed to the other LAN that the linking router gets involved. Which is something that needs to be done deliberately by IP address, although it is possible to set up DNS to resolve local IPs on both sides.

As you can see the extra credit here is to configure the routing tables in the PC and the printer to use the linking router directly instead of going through the default route to their main router.

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.