1. Home
  2. Wireless Networking
  3. Routing through two DD-WRT's

Routing through two DD-WRT's

Hi All,

I am stuck and have been trying for a while. Perhaps I am missing something simple.

I have 3 subnets (on 3 seperate sites 1km+ appart):

192.168.110.0/24 192.168.111.0/24 192.168.112.0/24

They are connected by 4 DD-WRT v23SP2 on Linksys WRT54GL boxes.

Two of the DD-WRT's are setup as routes and are located on the central site .111. The wireless interfaces on these two talk to the other two DD's that are accesspoints on the other two sites providing wireless access to .110 and .112.

I can happily route packets from hosts on .111 to .110 and .112, but I can't route packets from .110 to .112 and vice versa - which is what i really want to achieve.

I have spent quite some time trying to analyse what is happening (thinking the routing table may be incorrect). I have stripped all rules from IP tables (ip_forwarding is on). I have added accounting rules to the routers to see if packets are being forwarded.

The results: if i try to ping a host on .110 from .112 the .111/.112 router's accounting rules (iptables) counters increment but the .111/.110 router's accounting rules do not... I can ping the same .110 address from the .111/.112 router though... so the route table on that router seems to be correctly pointing at the .110 subnet. It just seems that anything coming from the .112 doesn't come out the other side of the router, even though the counters are incrementing in its iptables.

Is this a bug? Does it have something to do with the fact that one of the interface is br0? I assume that br0 is a bridge interface to get all four ethernet ports working - maybe the bridging module code doesn't like this sort of stuff...

Any thoughts or help would be greatly appreciated.

Thanks, James.

------------------------------------------------------------------------ View this thread:

formatting link

Reply to
aegres
Loading thread data ...

sounds like the 2 routers do not have routes to the subnet on each other across the .111 subnet.

if the boxes support a routing protocol, then turn it on. otherwise configure a static route on each with next hop on the other router, for the remote subnet.

Or - if they are set up for NAT rather than classic IP routing, then they are working as configured, and not letting any connections in from the "WAN" interface.

Reply to
stephen

aegres hath wroth:

That which is most obviously correct, beyond any need of checking, it usually the problem.

Why so complexicated? What are you trying to accomplish with this? If these are 3 seperate customers that require isolation, you can accomplish the same thing by simply putting everyone on the same Class C subnet, and enabling "AP isolation" on the routers. AP Isolation is a lousy term for blocking any wireless to wireless traffic. It's kinda tricky to find the setting. See:

It's in the middle of the page. Note that this is sometimes refered to as "client isolation" in the DD-WRT forums, which a more accurate term.

Connected how? Wired or wireless? Which one has the internet connection attached?

Make my life easy and kindly supply the routeing table. Login with telnet and run: route -e -n on two connected routers. Once it's untangled on two routers, we can talk about adding the others.

Yech. IP table are for firewall rules, not for routing.

If you must route between subnets, use a static route to the remote gateway (IP address of remote router). Something like this: From the 192.168.110.1 router: route add -net 192.168.111.0 netmask 255.255.255.0 gw 192.168.111.1 and on the other end: route add -net 192.168.110.0 netmask 255.255.255.0 gw 192.168.110.1 However, these probably will not work because I have no clue where you connect this pretzel to the internet. You will need to assign a default gateway (default route) that points to the router that has the internet connection. route add default gw 192.168.110.1 or something like that.

Light reading:

It's possible. However, I did have some problems with static routes on DD-WRT v23 SP2. I went to v23 SP3 and they were fixed. I recently moved most everything to v24 RC4 but have not retested (or had any complaints).

Bridging doesn't know anything about IP addresses or routing. I don't wanna speculate, mostly because you've been tinkering with the forwarding and IP tables.

Put IP_tables back to where they belong. Concentrate on the routing tables. Keep track of where you point your default gateways.

Reply to
Jeff Liebermann

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.