WAN DSL bridge mode

I have a TP-Link TD-W8970 router with a builtin DSL modem.
I installed successfully latest LEDE Version.
The stock firmware provided an option in WAN Settings:
WAN Service Setup:
Connection Type: Bridge

"If you select this type of connection, the modem can be configured to act as a bridging device
between your LAN and your ISP."

How can I use WAN DSL bridge mode in LEDE?

Any help would be greatly appreciated.

John

Maybe I'm misunderstanding, but - why would you want to bridge your WAN to your LAN? Are you running another router behind your TP-Link? If not, you'd be exposing your whole LAN to the internet by bridging both interfaces.

The bridge function makes sense if you're running another router behind your TP-Link and want the TP-Link to act as a dumb modem.

Bridging is typically done through /etc/config/network. However, I don't know if it works with interfaces that need configuration (like DSL). It boils down to adding the WAN interface to the LAN, basically.

Paste your config so we can have a look, I'd say.

I think you're messing a few things up here...

First: have either serial console access or easy reset/fail-safe option to be able to return TP-Link to OpenWrt factory settings.
2nd: I am not responsible for any screw ups that render the TP-Link bricked or unreachable (by network)

Then, try and setup first with the basics:

1. install relayd
   opkg update
   opkg install relayd
   /etc/init.d/relayd enable

2. Make wan interface one that performs correct PPPoE dial, include macaddr option in wan interface

3. remove wan_dev, wan6 and lan interface definition

4. create relayd interface and combine 'wan eth0.1' interfaces in 'network' option

Something like this:
config interface 'brwan'
option proto 'relay'
option network 'wan eth0'
# option ipaddr '192.168.100.254' # should be ip on which TP-Link remains reachable, be careful and only use this for testing only

On your router connected with wan port to one of the tp-links lan ports, set wan interface on dhcp-enabled in default network... internet public ip should be relayed now to your 2nd router.
I don't know any other way to spoof the internet ip to another device from your xDSL unless you perform the PPPoE from the 2nd router through the TP-Link.

please can you help me i have a modem in bridge and i would like the tp link archer c7 in bridge rear the other router , how make ? thanks

i'm played ps4 and i would like nat ouvert for cod

Same issue here - I can't find any specific docs on this topic. How to turn LEDE/OpenWRT into bridged mode if you want to run a second router behind it?

There are two ways bridging might work here.
Both require to access the device via ssh.

1. put the modem interface into the LAN bridge:

uci set network.wan.type=bridge
uci add_list network.wan.ifname=m0
uci commit network

You can also use "vim /etc/config/network", to make the changes in an editor.

Now some port interfaces have be added, that would require to single out interfaces of the switch (changing the switch config in /etc/config/network). You can also put the entire switch interface into the wan bridge.
But the access to the router via ssh might be difficult (open firewall for wan in /etc/config/firewall).

The lan bridge might not be the best fit here instead of the wan bridge, because that is where the dhcp server on the router runs on.

2. use a pseudo bridge, in case the the modem interface does not support bridging:
   https://wiki.openwrt.org/doc/recipes/relayclient

Many thanks @mwarning - your post provided me with a useful hint, though not the final solution. But I finally got it working! There were a few caveats:

• the modem was preconfigured with PPTM while ATM was needed (german ADSL provider)
• I was not able to "steal" one of the ports from the switch and to just bridge this single port with the modem; I solved this by connecting a usb-ethernet adapter (after installing the proper drivers) and bridging this adapter with the modem, leaving eth0 untouched (and imho maintenance-friendly, so I always can access the webui by connecting a cable)
• the autodetection of vdsl vs. adsl did not work properly, so I had device "ptm0" instead of "nas0" and wasted a lot of time trying to bridge it.

Finally, here is my current and perfectly working configuration (MAC anonymized, eth1 is my usb ethernet adapter):

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd6d:a67d:a9a7::/48'

config atm-bridge 'atm'
	option vpi '1'
	option vci '32'
	option encaps 'llc'
	option payload 'bridged'

config dsl 'dsl'
	option annex 'b'
	option xfer_mode 'atm'
	option line_mode 'adsl'

config interface 'lan'
	option type 'bridge'
	option ifname 'eth0.1'
	option proto 'static'
	option ipaddr '192.168.1.1'
	option netmask '255.255.255.0'
	option ip6assign '60'

config interface 'wan'
	option type 'bridge'
	list ifname 'nas0'
	list ifname 'eth1'

config device 'wan_dev'
	option name 'ptm0'
	option macaddr 'xx:xx:xx:xx:xx:xx'

config interface 'wan6'
	option ifname '@wan'
	option proto 'dhcpv6'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '0 2 4 5 6t'

Please note: I believe that if you configure VDSL instead of ADSL you have to do the following changes:

• bridge device "ptm0" instead of "nas0"
• set line_mode to vdsl
• make sure your second router that does the PPPoE dialin uses the correct VLAN-ID for your provider (afaik not required in most cases for ADSL)

Finally, I am happy to replace my proprietary modem with LEDE/OpenWRT (though the modem still requires proprietary firmware, but still this gives me more control over the device than before).

@John003: I know it's been some time since you asked, but maybe this works for you as well?

Update: After fiddling around with VLANs I managed to configure the router in a way that only the WAN-Port (internal port number 4) is bridged with the dsl modem by putting in a separate VLAN (I used vid 2). Here's the config:

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd6d:a67d:a9a7::/48'

config atm-bridge 'atm'
	option vpi '1'
	option vci '32'
	option encaps 'llc'
	option payload 'bridged'

config dsl 'dsl'
	option annex 'b'
	option xfer_mode 'atm'
	option line_mode 'adsl'

config interface 'lan'
	option type 'bridge'
	option ifname 'eth0.1'
	option proto 'static'
	option ipaddr '192.168.1.1'
	option netmask '255.255.255.0'
	option ip6assign '60'

config interface 'wan'
	option type 'bridge'
	list ifname 'nas0'
#	list ifname 'eth1'
	list ifname 'eth0.2'

config device 'wan_dev'
	option name 'ptm0'
	option macaddr 'xx:xx:xx:xx:xx:xx'

config interface 'wan6'
	option ifname '@wan'
	option proto 'dhcpv6'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '0 2 5 6t'

config switch_vlan 'eth0_2'
	option device 'switch0'
	option vlan '2'
	option ports '4 6t'

Except for the relatively high power consumption, this setup is getting really nice now...

Awesome, thanks for sharing!

Thank you, your config really helped me out!

Hello,
I was looking for a similar solution.
if you want to use a cable to connect the router to the modem and pass the local network and the bridge simultaneously, you could change your configuration as follows:

config switch_vlan 'eth0_1'
        option device 'switch0'
        option vlan '1'
        option ports '0 2 4t 5 6t'

config switch_vlan 'eth0_2'
        option device 'switch0'
        option vlan '2'
        option ports '4t 6t'

the cable should not pass through a switch that does not manage the vlan otherwise you would lose the wan
thanks 1k
faugia

My TD-W8970 is now on OpenWRT 21.02.3 configured as modem/router and I'm thinking about adding a RPI-based router.
I have no experience with bridge mode so my question may sound stupid but I haven't found the answer for it yet.
If I configure TD-W8970 as a DSL bridge and use its WAN port for the bridge connection to the router WAN port, can I still somehow use the remaining LAN ports+WIFI on the TD-W8970 as LAN switch, f.e. after connecting LAN1 port to the router LAN port?
And If not, can the planned migration of Lantiq platform to DSA with OpenWrt 22.03 change the situation somehow?
I don't like the idea to buy a new switch and leave the LAN ports on TD-W8970 unused if there is a chance to use them...
Thanks in advance for answer and possibly saving me a lot of time

Yes you can do that. It's done by making the cable between the two boxes a trunk cable that is tagged with VLANs. This is called a one-armed router system since packets enter the Pi, get routed, and exit on the same port (but with different VLANs, so they two networks are logically isolated from each other.) Inside the 8970, one VLAN on the Pi's trunk port would bridge to the DSL modem, and the other one would hardware switch to the other Ethernet ports and software bridge to wifi.

The way this is configured is completely different whether it is a swconfig or a DSA kernel, but it is possible with either one.

Thank you very much, if I understood it right you propose to use 1-cable connection to router for both (WAN+LAN)? That sounds crazy fun, I just have to learn and understand VLANs before I start
I even prepared USB NIC adaptor for second(LAN) RPI connection before...which won't be needed at all.
I will wait for final 22.03 build with DSA before I start.
My plan was to use OpnSense on RPI router, do you think the "one-armed router" configuration is supported there, or I must use OpenWRT on RPI?