I'm setting up a multiwan situation where the two WAN sources are in different rooms, each connected to a router device, but there is only one ethernet connection available to connect the two rooms.
My plan is currently for WANa to connect directly to my Netgear WAX202 and WANb would be delivered via a VLAN trunk to it (IPv6 and v6 preferably). The room with WANb has a FreshTomato flashed Linksys E3200 (because FT supports the wifi antenna). It will be set up as an access point that will tag the WANb connection to send via the VLAN trunk to the WAX202.
So both rooms have a WAN modem in bridge/ip passthrough mode connected to a router/access point and have local network devices attached.
I guess what I'm trying to do is create a trunk that can have an incoming tagged WAN for the WAX202 to load balance, but also use the same trunk for LAN purposes.
I've been told it's possible, but I can't figure how to set up the WAX202. Heck, do I configure the trunk port as WAN or LAN? It sounds like I'm creating a virtual WAN that needs a separate bridge... and I'm lost now.
It should be possible (at least on the OpenWrt side)... but to make sure it's clear what you're trying to do, please draw a diagram of your intended network topology.
Does fresh tomato support VLANs? I have never used that firmware, but you will need to be able to do a bunch of things on that firmware, starting with vlan assignments and then sending the wan (ideally pre-routing) over to the other device for routing and load balancing.
Ok... so I don't know how to configure FT, but ideally you set the device up as a dumb AP. Then, for the physical wan connection, you'll want to remove any network association and then send it as a tagged network on the trunk.
The OpenWrt side of this is similar, but you'll associate a wan with the tagged port from the trunk.
I can explain this on the OpenWrt side (with config examples) fairly easily, but I have no idea how FT works, so you'll have to ask them for help if this description isn't clear.
Please copy the output of the following commands and post it here using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
cat /etc/config/network
Also indicate which physical port you wish to make into the trunk port.
Sounds like that information might be useful... but I guess I wasn't clear, there is no setup yet. The WAX202 arrived today and is still in the box un-flashed.
If I couldn't figure out my preferred configuration I would see about some alternate options. So I didn't start yet.
Considering that the E3200 is 12 years old by now (BCM47186B0, 500 MHz, 16/64), I would consider replacing it with another OpenWrt supported device - for a simple reason (apart from the obvious one to prefer OpenWrt in this forum), it makes your administration a lot easier by having a consistent administration interface/ nomenclature and configuration semantics and syntax between your devices. You'd also gain more options in terms of interoperability (e.g. 4addr, 802.11r, and similar things that might optimize your network).
--
The key point for me would be standardizing on one firmware environment (that might even go as far as into the managed switch itself, but I wouldn't suggest as a priority), be it OpenWrt XOR freshtomato XOR something else, rather than dealing with multiple different ones. A pretty old device on one end (E3200) just makes it an easy candidate for a replacement.
Considering what I need it for, if I were to replace the E3200, it would be with a managed switch.
I wouldn't bother with custom firmware there, even if it were possible.
Just a follow up, this worked (sort of). I ended up flashing the Linksys with OpenWrt after all. I did discover that the Linksys required the br-lan to be VID1 not 3.
Unfortunately, for some reason the devices on the network can't ping or share files on opposite sides of the trunk, even though they are all 192.168.3.x and definitely are sharing both internet connections.
Edit: I realized I couldn't log in to the Linksys AP from the other room either.
It gave me a hint and I fixed it, but I feel like the solution is wrong.
What I did was to restore br-lan to lan1, lan2, lan3 (dropping the lan1.1). On the Linksys I removed tagging from the br-lan entirely and I'm now only tagging port 4 for VLAN9 packets (which is the second WAN).
Please copy the output of the following commands and post it here using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
config device
option type 'bridge'
list ports lan1.3
list ports lan2
Syntactically you'd expect this to bridge (or even better, hardware switch) packets tagged VLAN3 on lan1 over to untagged packets on lan2, but it doesn't actually work. Once you start tagging, it is necessary to set up bridge-vlans to generally move packets between hardware ports on a DSA switch.
The linksys doesn't have DSA in the OpenWrt firmware, it uses the Network/Switch settings.
While I'd feel better having the local network VLAN1 tagged over port 4, which is the trunk, all the connection issues go away when I untag it.
I don't know if there is a way to test if there is a security issue though.
@psherman: I honestly have no idea how to get that information. It was hard enough...
-Bridging one modem, IP Passthrough-ing a second.
-The absolute basics of OpenWrt.
-Learning to use OpenWrt for 802.1q tagging on two different devices. One with DSA, the other by switch settings.
-MWAN3 load balancing IPv4 and IPv6.
-Setting up MoCa connections for TiVos (so many weird quirks there).
It's been a few days of pretty much full time work and I never want to do any of this again. Ugh.
If I changed the VID of Home_Network to anything but 1, I can't even connect a PC to a port.
If I tag port/LAN4 for VLAN1, devices on opposite sides of the trunk can't see each other. Heck, even the DHCP has issues.
You just ssh into the router (user is root, password is whatever you set)... if you're on Windows, you'll use a program like PuTTY... if you're on the mac or on linux, just open a terminal window and issue:
Okay. I'll try to figure that out later after I get some sleep. Do you want to see the Linksys, the Netgear or both?
Also, I'm open to suggestions on getting my PC connected to the Linksys to have IPv6 support.
Edit: Soo... weirdness. I set up the wifi last night/this morning. I tried putting a second SSID/AP for guests on the same antenna, and it seemed unstable. I don't know why.
Also, although the main wifi is duplicated on the 2.4 and 5Ghz, I'm seeing 3 Networks with the same name on wlan0 with 3 different MAC addresses.
Out of curiosity I re-enabled the VLAN1 tag, and now the Netgear shows a IPv6 address is leased to my PC, but IPv6 testing fails anyway.
Additionally, although the PC attached to the Netgear can't see the PC attached to the Linksys with that setting, wifi devices logged into the Netgear CAN see files on the PC on the Linksys!?
